최신 312-50v9 무료덤프 - EC-COUNCIL Certified Ethical Hacker v9

문제1

Which of the following tools performs comprehensive tests against web servers, including dangerous files and CGI's?

A. Nikto

B. Dsniff

C. John the Ripper

D. Snort

정답: A

문제2

Which of the following tools can be used for passiveOS fingerprinting?

A. tcpdump

B. nmap

C. Tracert

D. ping

정답: B

문제3

When you are getting informationabout a web server, it is very important to know the HTTP Methods (GET, POST, HEAD, PUT, DELETE, TRACE) that are available because there are two critical methods (PUT and DELETE). PUT can upload a file to the server and DELETE can delete a file from the server. You can detect all these methods (GET, POST, HEAD, PUT, DELETE, TRACE) using NMAP script engine.
What nmap script will help you with this task?

A. http-methods

B. http enum

C. http-headers

D. http-git

정답: D

문제4

Which of the following is an extremelycommon IDS evasion technique in the web world?

A. post knocking

B. spyware

C. subnetting

D. unicode characters

정답: D

문제5

Which of the following isthe greatest threat posed by backups?

A. A back is incomplete because no verification was performed.

B. A backup is the source of Malware or illicit information.

C. An un-encrypted backup can be misplaced or stolen

D. A backup is unavailable duringdisaster recovery.

정답: C

문제6

The "Gray box testing" methodology enforces what kind of restriction?

A. Only the internal operation of a system is known to the tester.

B. Only the external operation of a system is accessible to the tester.

C. The internal operation of a system is only partly accessible to the tester.

D. The internal operation of a system is completely known to the tester.

정답: C

문제7

Which mode of IPSec should you use to assure security and confidentiality of data within the same LAN?

A. ESP transport mode

B. ESP confidential

C. AH permiscuous

D. AH Tunnel mode

정답: A

문제8

You are performing a penetration test. You achieved access via a bufferoverflow exploit and you proceed to find interesting data, such as files with usernames and passwords. You find a hidden folder that has the administrator's bank account password and login information for the administrator's bitcoin account.
What should you do?

A. Do not report it and continue the penetration test.

B. Do not transfer the money but steal the bitcoins.

C. Report immediately to the administrator.

D. Transfer money from the administrator's account to another account.

정답: C

문제9

Which of the following parameters describe LM Hash:
I - The maximum password length is 14 characters.
II - There are no distinctions between uppercase and lowercase.
III - It's a simple algorithm, so 10,000,000 hashes can be generated per second.

A. I, II and III

B. I and II

C. I

D. II

정답: A

문제10

Jesse receives an email with an attachment labeled "Court_Notice_21206.zip". Inside the zip file is a file named "Court_Notice_21206.docx.exe" disguised as a word document.Upon execution, a windows appears stating, "This word document is corrupt." In the background, the file copies itself to Jesse APPDATA\local directory and begins to beacon to a C2 server to download additional malicious binaries. What type of malware has Jesse encountered?

A. Worm

B. Key-Logger

C. Trojan

D. Micro Virus

정답: C

최신 312-50v9 무료덤프 - EC-COUNCIL Certified Ethical Hacker v9

우리와 연락하기

유용한 링크

최신 업데이트