최신 312-50v9 무료덤프 - EC-COUNCIL Certified Ethical Hacker v9
You are tasked to perform a penetration test. While you are performinginformation gathering, you find ab employee list in Google. You find receptionist's email, and you send her an email changing the source email to her boss's email ( boss@company ). In this email, you ask for a pdf with information. She reads your email and sends back a pdf with links. You exchange the pdf links with your malicious links (these links contain malware) and send back the modified pdf, saying that the links don't work. She reads your email, opens the links, and her machine gets infected.
What testing method did you use?
What testing method did you use?
정답: C
The "Black box testing" methodology enforces which kind of restriction?
정답: D
Jimmy is standing outside a secure entrance to a facility. He is pretending to having a tense conversation on his cell phone as an authorized employee badges in. Jimmy, while still on the phone, grabs the door as it beginsto close.
What just happened?
What just happened?
정답: A
A new wireless client is configured to join a 802.11 network. Thisclient uses the same hardware and software as many of the other clients on the network. The client can see the network, but cannot connect. A wireless packet sniffer shows that the Wireless Access Point (WAP) is not responding to the association requests being sent by the wireless client.
What is a possible source of this problem?
What is a possible source of this problem?
정답: A
What term describes the amount of risk that remains after the vulnerabilities are classified and the countermeasures have been deployed?
정답: C
A company's security states that all web browsers must automatically delete their HTTP browser cookies upon terminating. What sort of security breach is this policy attempting to mitigate?
정답: B
What is the process of logging, recording, and resolving events that take place in an organization?
정답: B
Session splicing is an IDS evasiontechnique in which an attacker delivers data in multiple, smallsized packets to the target computer, making it very difficult for an IDS to detect the attack signatures.
Which tool can used to perform session splicing attacks?
Which tool can used to perform session splicing attacks?
정답: C
You are usingNMAP to resolve domain names into IP addresses for a ping sweep later. Which of the following commands looks for IP addresses?
정답: A
A Regional bank hires your company to perform a security assessment on their network after a recent data breach. The attacker was able to steal financial data from the bank by compromising only a single server.
Based on this information, what should be one of your key recommendations to the bank?
Based on this information, what should be one of your key recommendations to the bank?
정답: D