問題集は全額返金保証付きの312-38問題集最大50%オフ
更新されたのは2023年12月合格させる312-38試験にはリアル練習テスト問題
質問 # 93
Which of the following organizations is responsible for managing the assignment of domain names and IP addresses?
- A. ISO
- B. ICANN
- C. ANSI
- D. W3C
正解:B
質問 # 94
Adam works as a Security Analyst for Umbrella Inc. The company has a Linux-based network comprising an Apache server for Web applications. He received the following Apache Web server log, which is as follows:
[Sat Nov 16 14:32:52 2009] [error] [client 128.0.0.7] client denied by server configuration: /export/home/htdocs/test
The first piece in the log entry is the date and time of the log message. The second entry determines the severity of the error being reported.
Now Adam wants to change the severity level to control the types of errors that are sent to the error log. Which of the following directives will Adam use to accomplish the task?
- A. CustomLog
- B. ErrorLog
- C. LogFormat
- D. LogLevel
正解:D
解説:
The LogLevel directive is used in server Error log of the Apache Web server log. This directive is used to control the types of errors that are sent to the error log by constraining the severity level. Eight different levels are present in the LogLevel directive, which are shown below in order of their descending significance:
Note: When a certain level is specified, the messages from all other levels of higher significance will also be reported. For example, when LogLevel crit is specified, then messages with log levels of alert and emerg will also be reported. Answer option B is incorrect. The ErrorLog directive is used to set the name and location of the file to which the server will log any errors it encounters. If the file-path does not begin with a slash sign (/), it is assumed to be relative to the ServerRoot. If the file-path begins with a pipe sign (|), then it is assumed to be a command that handles the error log. Answer option A is incorrect. The CustomLog directive is used to log requests to the server. The format of the log is specified and the logging can be made conditional on request characteristics with the help of environment variables. Environment variables can be adjusted on a per-request basis with the help of the mod_setenvif or mod_rewrite module. Answer option C is incorrect. The LogFormat directive can exist in one of the two forms. In the first form, only one argument is specified; and in the second form explicit format with a nickname is associated. This directive specifies the log format that is used by logs specified in subsequent TransferLog directives.
質問 # 95
Which of the following is a method of authentication that uses physical characteristics?
- A. Honeypot
- B. COMSEC
- C. ACL
- D. Biometrics
正解:D
質問 # 96
Which of the following types of coaxial cable is used for cable TV and cable modems?
- A. RG-59
- B. RG-8
- C. RG-62
- D. RG-58
正解:A
解説:
RG-59 type of coaxial cable is used for cable TV and cable modems.
Answer option D is incorrect. RG-8 coaxial cable is primarily used as a backbone in an Ethernet LAN environment and often connects one wiring closet to another. It is also known as 10Base5 or ThickNet.
Answer option A is incorrect. RG-62 coaxial cable is used for ARCNET and automotive radio antennas.
Answer option C is incorrect. RG-58 coaxial cable is used for Ethernet networks. It uses baseband signaling and 50-Ohm terminator. It is also known as 10Base2 or ThinNet.
質問 # 97
Which of the following wireless networks provides connectivity over distance up to 20 feet?
- A. WMAN
- B. WLAN
- C. WPAN
- D. WWAN
正解:C
質問 # 98
Kelly is taking backups of the organization's data. Currently, she is taking backups of only those files that are created or modified after the last backup. What type of backup is Kelly using?
- A. Incremental backup
- B. Differential backup
- C. Normal backup
- D. Full backup
正解:B
質問 # 99
Which of the following is a computer networking protocol used by hosts to retrieve IP address assignments and other configuration information?
- A. ARP
- B. DHCP
- C. Telnet
- D. SNMP
正解:B
質問 # 100
Which of the following are the common security problems involved in communications and email?Each correct answer represents a complete solution. Choose all that apply.
- A. False message
- B. Message digest
- C. Message repudiation
- D. Message modification
- E. Message replay
- F. Identity theft
- G. Eavesdropping
正解:A、C、D、E、F、G
解説:
Following are the common security problems involved in communications and email:
Eavesdropping: It is the act of secretly listening to private information through telephone lines, e-
mail, instant messaging, and any other method of communication considered private.
Identity theft: It is the act of obtaining someone's username and password to access his/her email
servers for reading email and sending false email messages. These credentials can be obtained
by eavesdropping on SMTP, POP, IMAP, or Webmail connections.
Message modification: The person who has system administrator permission on any of the SMTP
servers can visit anyone's message and can delete or change the message before it continues on
to its destination. The recipient has no way of telling that the email message has been altered.
False message: It the act of constructing messages that appear to be sent by someone else.
Message replay: In a message replay, messages are modified, saved, and re-sent later.
Message repudiation: In message repudiation, normal email messages can be forged. There is no
way for the receiver to prove that someone had sent him/her a particular message. This means
that even if someone has sent a message, he/she can successfully deny it.
Answer option D is incorrect. A message digest is a number that is created algorithmically from a
file and represents that file uniquely.
質問 # 101
Which of the following firewalls are used to track the state of active connections and determine the network packets allowed to enter through the firewall?Each correct answer represents a complete solution. Choose all that apply.
- A. Stateful
- B. Dynamic packet-filtering
- C. Proxy server
- D. Circuit-level gateway
正解:A、B
質問 # 102
The IR team and the network administrator have successfully handled a malware incident on the network. The team is now preparing countermeasure guideline to avoid a future occurrence of the malware incident.
Which of the following countermeasure(s) should be added to deal with future malware incidents? (Select all that apply)
- A. Install antivirus software
- B. Implementing strong authentication schemes
- C. Complying with the company's security policies
- D. Implementing a strong password policy
正解:A
質問 # 103
What is the technique used in the cost estimates for the project during the design phase of the following? Each correct answer represents a complete solution. Choose all that apply.
- A. expert assessment
- B. The Delphi technique
- C. Program Evaluation Technique (PERT)
- D. Function point analysis
正解:A、B、D
質問 # 104
Which of the following filters car be applied to detect an ICMP ping sweep attempt using Wireshark?
- A. icmp.type==15
- B. icmp.type==8
- C. icmp.type==13
- D. icmp.type==17
正解:B
質問 # 105
Which of the following is designed to detect unwanted changes by observing the flame of the environment associated with combustion?
- A. Gaseous fire-extinguishing systems
- B. Fire extinguishing system
- C. None
- D. sprinkler
- E. Smoke alarm system
正解:E
質問 # 106
Which of the following recovery plans include specific strategies and actions to address the specific variances assumptions lead to a particular safety problem or emergency situation?
- A. Business Continuity Plan
- B. None
- C. The emergency plan
- D. disaster survival plan
正解:C
質問 # 107
A company wants to implement a data backup method that allows them to encrypt the data ensuring its security as well as access it at any time and from any location. What is the appropriate backup method that should be implemented?
- A. Hot site backup
- B. Offsite backup
- C. Onsite backup
- D. Cloud backup
正解:D
質問 # 108
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He is using a tool to crack the wireless encryption keys. The description of the tool is as follows:
Which of the following tools is John using to crack the wireless encryption keys?
- A. Cain
- B. PsPasswd
- C. AirSnort
- D. Kismet
正解:C
質問 # 109
Which of the following is an exterior gateway protocol that communicates using a Transmission Control Protocol (TCP) and sends the updated router table information?
- A. OSPF
- B. IGMP
- C. IRDP
- D. BGP
正解:D
質問 # 110
Which of the following protocols supports source-specific multicast (SSM)?
- A. DHCP
- B. ARP
- C. DNS
- D. BGMP
正解:D
質問 # 111
Assume that you are a network administrator and the company has asked you to draft an Acceptable Use Policy (AUP) for employees. Under which category of an information security policy does AUP fall into?
- A. System Specific Security Policy (SSSP)
- B. Issue Specific Security Policy (ISSP)
- C. Incident Response Policy (IRP)
- D. Enterprise Information Security Policy (EISP)
正解:A
質問 # 112
If a network is at risk from unskilled individuals, what type of threat is this?
- A. External Threats
- B. Internal Threats
- C. Structured Threats
- D. Unstructured Threats
正解:D
質問 # 113
Which of the following phases is the first step towards creating a business continuity plan?
- A. Scope and Plan Initiation
- B. Business Continuity Plan Development
- C. Business Impact Assessment
- D. Plan Approval and Implementation
正解:A
質問 # 114
Which of the following is also known as slag code?
- A. Logic bomb
- B. Trojan
- C. IRC bot
- D. Worm
正解:A
質問 # 115
Which of the following is a network analysis tool that sends packets with nontraditional IP stack parameters?
- A. SAINT
- B. COPS
- C. HPing
- D. Nessus
正解:C
質問 # 116
Which of the following attacks, the attacker cannot use the software, which is trying a number of key combinations in order to obtain your password?
- A. Smurf attack
- B. None
- C. Buffer overflow
- D. Zero-day attack
- E. Shock brutal force
正解:E
解説:
Explanation
質問 # 117
Which of the following is the full form of SAINT?
- A. Security Admin Integrated Network Tool
- B. System Admin Integrated Network Tool
- C. System Automated Integrated Network Tool
- D. System Administrators Integrated Network Tool
正解:D
解説:
Explanation
質問 # 118
......
無料ダウンロードEC-COUNCIL 312-38リアル試験問題:https://jp.fast2test.com/312-38-premium-file.html
あなたを合格させる試験には100%検証済みの312-38試験問題:https://drive.google.com/open?id=1EczvPbQUPGF8pzq2yvSqK47gUmhMHtgN