問題集は全額返金保証付きの312-50v12日本語問題集最大50%オフ [Q339-Q355]

Share

問題集は全額返金保証付きの312-50v12日本語問題集最大50%オフ

更新されたのは2025年03月合格させる312-50v12日本語試験にはリアル練習テスト問題

質問 # 339
SQL インジェクション (SQLi) 攻撃は、Web リクエストに SQL 構文を挿入しようとします。これにより、認証がバイパスされ、攻撃者が Web アプリケーションに添付されたデータにアクセスしたり、データを変更したりできるようになります。
次の SQLI タイプのうち、データベース サーバーの DNS 要求機能を利用してデータを攻撃者に渡すものはどれですか。

  • A. インバンドSQLI
  • B. 時間ベースのブラインドSQLI
  • C. 帯域外SQLI
  • D. ユニオンベースのSQLI

正解:C

解説:
Out-of-band SQL injection occurs when an attacker is unable to use an equivalent channel to launch the attack and gather results. ... Out-of-band SQLi techniques would believe the database server's ability to form DNS or HTTP requests to deliver data to an attacker. Out-of-band SQL injection is not very common, mostly because it depends on features being enabled on the database server being used by the web application.
Out-of-band SQL injection occurs when an attacker is unable to use the same channel to launch the attack and gather results.
Out-of-band techniques, offer an attacker an alternative to inferential time-based techniques, especially if the server responses are not very stable (making an inferential time-based attack unreliable).
Out-of-band SQLi techniques would rely on the database server's ability to make DNS or HTTP requests to deliver data to an attacker. Such is the case with Microsoft SQL Server's xp_dirtree command, which can be used to make DNS requests to a server an attacker controls; as well as Oracle Database's UTL_HTTP package, which can be used to send HTTP requests from SQL and PL/SQL to a server an attacker controls.


質問 # 340
ボットネットを作成するために、攻撃者はいくつかの手法を使用して脆弱なマシンをスキャンします。攻撃者はまず、多数の脆弱なマシンに関する情報を収集してリストを作成します。次に、マシンを感染させます。リストは分割され、リストの半分が新たに感染したマシンに割り当てられます。スキャン プロセスは同時に実行されます。この手法により、短時間で悪意のあるコードを拡散およびインストールできます。
ここではどの技術について説明されていますか?

  • A. トポロジカルスキャン技術
  • B. 順列スキャン技術
  • C. サブネットスキャン技術
  • D. ヒットリストスキャン技術

正解:D

解説:
One of the biggest problems a worm faces in achieving a very fast rate of infection is "getting off the ground." although a worm spreads exponentially throughout the early stages of infection, the time needed to infect say the first 10,000 hosts dominates the infection time.
There is a straightforward way for an active worm a simple this obstacle, that we term hit-list scanning. Before the worm is free, the worm author collects a listing of say ten,000 to 50,000 potentially vulnerable machines, ideally ones with sensible network connections. The worm, when released onto an initial machine on this hit-list, begins scanning down the list. once it infects a machine, it divides the hit-list in half, communicating half to the recipient worm, keeping the other half.
This fast division ensures that even if only 10-20% of the machines on the hit-list are actually vulnerable, an active worm can quickly bear the hit-list and establish itself on all vulnerable machines in only some seconds.
though the hit-list could begin at 200 kilobytes, it quickly shrinks to nothing during the partitioning. This provides a great benefit in constructing a quick worm by speeding the initial infection.
The hit-list needn't be perfect: a simple list of machines running a selected server sort could serve, though larger accuracy can improve the unfold. The hit-list itself is generated victimization one or many of the following techniques, ready well before, typically with very little concern of detection.
* Stealthy scans. Portscans are so common and then wide ignored that even a quick scan of the whole net would be unlikely to attract law enforcement attention or over gentle comment within the incident response community. However, for attackers wish to be particularly careful, a randomised sneaky scan taking many months would be not possible to attract much attention, as most intrusion detection systems are not currently capable of detecting such low-profile scans. Some portion of the scan would be out of date by the time it had been used, however abundant of it'd not.
* Distributed scanning. an assailant might scan the web using a few dozen to some thousand already-compromised "zombies," the same as what DDOS attackers assemble in a very fairly routine fashion. Such distributed scanning has already been seen within the wild-Lawrence Berkeley National Laboratory received ten throughout the past year.
* DNS searches. Assemble a list of domains (for example, by using wide offered spam mail lists, or trolling the address registries). The DNS will then be searched for the science addresses of mail-servers (via mx records) or net servers (by looking for www.domain.com).
* Spiders. For net server worms (like Code Red), use Web-crawling techniques the same as search engines so as to produce a list of most Internet-connected web sites. this would be unlikely to draw in serious
* attention.
* Public surveys. for many potential targets there may be surveys available listing them, like the Netcraft survey.
* Just listen. Some applications, like peer-to-peer networks, wind up advertising many of their servers.
Similarly, many previous worms effectively broadcast that the infected machine is vulnerable to further attack. easy, because of its widespread scanning, during the Code Red I infection it was easy to select up the addresses of upwards of 300,000 vulnerable IIS servers-because each came knock on everyone's door!


質問 # 341
ハッシュの使用によって保証されるのは次のどれですか?

  • A. 誠実さ
  • B. 可用性
  • C. 認証
  • D. 機密保持

正解:A


質問 # 342
あなたは侵入テスターとして、クライアント xyz の従業員のユーザー意識をテストしています。公開されている情報源から 2 人の従業員の電子メールを収集し、クライアント側のバックドアを作成して、電子メールで従業員に送信しています。サイバー キル チェーンのどの段階にいますか?

  • A. 搾取
  • B. 指揮統制
  • C. 武器化
  • D. 偵察

正解:C

解説:
Weaponization
The adversary analyzes the data collected in the previous stage to identify the vulnerabilities and techniques that can exploit and gain unauthorized access to the target organization. Based on the vulnerabilities identified during analysis, the adversary selects or creates a tailored deliverable malicious payload (remote-access malware weapon) using an exploit and a backdoor to send it to the victim. An adversary may target specific network devices, operating systems, endpoint devices, or even individuals within the organization to carry out their attack. For example, the adversary may send a phishing email to an employee of the target organization, which may include a malicious attachment such as a virus or worm that, when downloaded, installs a backdoor on the system that allows remote access to the adversary. The following are the activities of the adversary: o Identifying appropriate malware payload based on the analysis o Creating a new malware payload or selecting, reusing, modifying the available malware payloads based on the identified vulnerability o Creating a phishing email campaign o Leveraging exploit kits and botnets
https://en.wikipedia.org/wiki/Kill_chain
The Cyber Kill Chain consists of 7 steps: Reconnaissance, weaponization, delivery, exploitation, installation, command and control, and finally, actions on objectives. Below you can find detailed information on each.
1. Reconnaissance: In this step, the attacker/intruder chooses their target. Then they conduct in-depth research on this target to identify its vulnerabilities that can be exploited.
2. Weaponization: In this step, the intruder creates a malware weapon like a virus, worm, or such to exploit the target's vulnerabilities. Depending on the target and the purpose of the attacker, this malware can exploit new, undetected vulnerabilities (also known as the zero-day exploits) or focus on a combination of different vulnerabilities.
3. Delivery: This step involves transmitting the weapon to the target. The intruder/attacker can employ different USB drives, e-mail attachments, and websites for this purpose.
4. Exploitation: In this step, the malware starts the action. The program code of the malware is triggered to exploit the target's vulnerability/vulnerabilities.
5. Installation: In this step, the malware installs an access point for the intruder/attacker. This access point is also known as the backdoor.
6. Command and Control: The malware gives the intruder/attacker access to the network/system.
7. Actions on Objective: Once the attacker/intruder gains persistent access, they finally take action to fulfill their purposes, such as encryption for ransom, data exfiltration, or even data destruction.


質問 # 343
ネットワーク セキュリティの専門家であるジェイクは、社内のネットワーク レベルのセッション ハイジャック攻撃を防止しようとしています。
さまざまな種類の攻撃を研究する中で、ジェイクは、攻撃者がクライアントとサーバー間の通信に自分のマシンを挿入し、パケットが元のパスを通って流れているように見せかける手法について学びました。この手法は主に、パケットを再ルーティングするために使用されます。ジェイクが研究しているネットワーク レベルのセッション ハイジャック攻撃の種類は次のどれですか。

  • A. TCP/IP ハイジャック
  • B. RSTハイジャック
  • C. 偽造 ICMP と ARP スプーフィングを使用した中間者攻撃
  • D. UDPハイジャック

正解:C

解説:
A man-in-the-middle attack using forged ICMP and ARP spoofing is a type of network-level session hijacking attack where an attacker inserts their machine into the communication between a client and a server, making it seem like the packets are flowing through the original path. This technique is primarily used to reroute the packets and intercept or modify the data exchanged between the client and the server.
A man-in-the-middle attack using forged ICMP and ARP spoofing works as follows1:
* The attacker sends a forged ICMP redirect message to the client, claiming to be the gateway. The ICMP redirect message tells the client to use the attacker's machine as the next hop for reaching the server's network. The client updates its routing table accordingly and starts sending packets to the attacker's machine instead of the gateway.
* The attacker also sends a forged ARP reply message to the client, claiming to be the server. The ARP reply message associates the attacker's MAC address with the server's IP address. The client updates its ARP cache accordingly and starts sending packets to the attacker's MAC address instead of the server's MAC address.
* The attacker receives the packets from the client and forwards them to the server, acting as a relay. The attacker can also monitor, modify, or drop the packets as they wish. The server responds to the packets and sends them back to the attacker, who then forwards them to the client. The client and the server are unaware of the attacker's presence and think they are communicating directly with each other.
Therefore, Jake is studying a man-in-the-middle attack using forged ICMP and ARP spoofing, which is a type of network-level session hijacking attack.
References:
* Network or TCP Session Hijacking | Ethical Hacking - GreyCampus


質問 # 344
レインボーテーブルを破るにはどうすればいいですか?

  • A. パスワードソルト
  • B. ブルートフォースパスワードクラッキングの試みによりアカウントをロックアウトする
  • C. すべて大文字のパスワード
  • D. 辞書に載っていない単語の使用

正解:A

解説:
https://en.wikipedia.org/wiki/Salt_(cryptography)
A salt is random data that is used as an additional input to a one-way function that hashes data, a password, or passphrase. Salts are used to safeguard passwords in storage. Historically a password was stored in plaintext on a system, but over time additional safeguards were developed to protect a user's password against being read from the system. A salt is one of those methods.
A new salt is randomly generated for each password. In a typical setting, the salt and the password (or its version after key stretching) are concatenated and processed with a cryptographic hash function, and the output hash value (but not the original password) is stored with the salt in a database. Hashing allows for later authentication without keeping and therefore risking exposure of the plaintext password in the event that the authentication data store is compromised.
Salts defend against a pre-computed hash attack, e.g. rainbow tables. Since salts do not have to be memorized by humans they can make the size of the hash table required for a successful attack prohibitively large without placing a burden on the users. Since salts are different in each case, they also protect commonly used passwords, or those users who use the same password on several sites, by making all salted hash instances for the same password different from each other.


質問 # 345
内部システムへの侵入の可能性を強く疑う大規模組織の包括的なネットワーク スキャンを実行するために、倫理的なハッカーが雇われました。ハッカーは、ネットワークを詳細に把握するために、スキャン ツールを組み合わせて使用​​することにしました。どの一連のアクションが、ネットワークの状態に関する最も包括的な情報を提供するでしょうか。

  • A. まずNetScanTools Proで一般的なネットワークスキャンを行い、次にNmapを使用してOS検出とバージョン検出を行い、最後にHping3でSYNフラッドを実行します。
  • B. Nmap で ping スイープを開始し、次に Metasploit を使用して開いているポートとサービスをスキャンし、最後に Hping3 を使用してリモート OS フィンガープリントを実行します。
  • C. Hping3 を使用してサブネット全体の ICMP ping スキャンを実行し、次に Nmap を使用して特定されたアクティブ ホストの SYN スキャンを実行し、最後に Metasploit を使用して特定された脆弱性を悪用します。
  • D. ランダムポートのUDPスキャンにHping3を使用し、次にバージョン検出スキャンにNmapを使用し、最後に検出された脆弱性を悪用するためにMetasploitを使用します。

正解:C

解説:
The sequence of actions that would provide the most comprehensive information about the network's status is to use Hping3 for an ICMP ping scan on the entire subnet, then use Nmap for a SYN scan on identified active hosts, and finally use Metasploit to exploit identified vulnerabilities. This sequence of actions works as follows:
* Use Hping3 for an ICMP ping scan on the entire subnet: This action is used to discover the active hosts on the network by sending ICMP echo request packets to each possible IP address on the subnet and waiting for ICMP echo reply packets from the hosts. Hping3 is a command-line tool that can craft and send custom packets, such as TCP, UDP, or ICMP, and analyze the responses. By using Hping3 for an ICMP ping scan, the hacker can quickly and efficiently identify the live hosts on the network, as well as their response times and packet loss rates12.
* Use Nmap for a SYN scan on identified active hosts: This action is used to scan the open ports and services on the active hosts by sending TCP SYN packets to a range of ports and analyzing the TCP responses. Nmap is a popular and powerful tool that can perform various types of network scans, such as port scanning, service detection, OS detection, and vulnerability scanning. By using Nmap for a SYN scan, the hacker can determine the state of the ports on the active hosts, such as open, closed, filtered, or unfiltered, as well as the services and protocols running on them. A SYN scan is also known as a stealth scan, as it does not complete the TCP three-way handshake and thus avoids logging on the target system34.
* Use Metasploit to exploit identified vulnerabilities: This action is used to exploit the vulnerabilities on the active hosts by using pre-built or custom modules that leverage the open ports and services.
Metasploit is a framework that contains a collection of tools and modules for penetration testing and exploitation. By using Metasploit, the hacker can launch various attacks on the active hosts, such as remote code execution, privilege escalation, or backdoor installation, and gain access to the target system or data. Metasploit can also be used to perform post-exploitation tasks, such as gathering information, maintaining persistence, or pivoting to other systems .
The other options are not as comprehensive as option B for the following reasons:
* A. Initiate with Nmap for a ping sweep, then use Metasploit to scan for open ports and services, and finally use Hping3 to perform remote OS fingerprinting: This option is not optimal because it does not use the tools in the most efficient and effective way. Nmap can perform a ping sweep, but it is slower and less flexible than Hping3, which can craft and send custom packets. Metasploit can scan for open ports and services, but it is more suitable for exploitation than scanning, and it relies on Nmap for port scanning anyway. Hping3 can perform remote OS fingerprinting, but it is less accurate and reliable than Nmap, which can use various techniques and probes to determine the OS type and version13 .
* C. Start with Hping3 for a UDP scan on random ports, then use Nmap for a version detection scan, and finally use Metasploit to exploit detected vulnerabilities: This option is not effective because it does not use the best scanning methods and techniques. Hping3 can perform a UDP scan, but it is slower and less reliable than a TCP scan, as UDP is a connectionless protocol that does not always generate responses.
Scanning random ports is also inefficient and incomplete, as it may miss important ports or services.
Nmap can perform a version detection scan, but it is more useful to perform a port scan first, as it can narrow down the scope and speed up the scan. Metasploit can exploit detected vulnerabilities, but it is not clear how the hacker can identify the vulnerabilities without performing a vulnerability scan first13 .
* D. Begin with NetScanTools Pro for a general network scan, then use Nmap for OS detection and version detection, and finally perform an SYN flooding with Hping3: This option is not comprehensive because it does not cover all the aspects and objectives of a network scan. NetScanTools Pro is a graphical tool that can perform various network tasks, such as ping, traceroute, DNS lookup, or port scan, but it is less powerful and versatile than Nmap or Hping3, which can perform more advanced and customized scans. Nmap can perform OS detection and version detection, but it is more useful to perform a port scan first, as it can provide more information and insights into the target system. Performing an SYN flooding with Hping3 is not a network scan, but a denial-of-service attack, which can disrupt the network and alert the target system, and it is not an ethical or legal action for a hired hacker13 .
References:
* 1: Hping - Wikipedia
* 2: Hping3 Examples - NetworkProGuide
* 3: Nmap - Wikipedia
* 4: Nmap Tutorial: From Discovery to Exploits - Part 1: Introduction to Nmap | HackerTarget.com
* : Metasploit Project - Wikipedia
* : Metasploit Unleashed - Offensive Security
* : NetScanTools Pro - Northwest Performance Software, Inc.


質問 # 346
次のプログラムのうち、システムのブートセクターと実行可能ファイルに同時に感染するのはどれですか?

  • A. 多形性ウイルス
  • B. マクロウイルス
  • C. 多分割ウイルス
  • D. ステルスウイルス

正解:C


質問 # 347
DNS AAAA レコードの目的は何ですか?

  • A. アドレスプレフィックスレコード
  • B. 認可、認証、監査の記録
  • C. アドレスデータベースレコード
  • D. IPv6アドレス解決レコード

正解:D


質問 # 348
信頼できない外部ホストからファイアウォールの背後にある保護された内部にパケットを移動する方法を決定する方法は何ですか。これにより、ハッカーはどのポートが開いているか、パケットがファイアウォールのパケットフィルタリングを通過できるかどうかを判断できます。

  • A. 中間者攻撃
  • B. ネットワークスニッフィング
  • C. 火渡り
  • D. セッションハイジャック

正解:C


質問 # 349
次のツールのうち、列挙に使用されるものはどれですか? (3 つ選択してください。)

  • A. ダンプセック
  • B. ユーザー2SID
  • C. ソーラーウィンズ
  • D. SID2ユーザー
  • E. クフ王

正解:A、B、D


質問 # 350
プロのハッカーであるウィルソンは、金銭的利益を目的として組織を標的とし、悪意のあるメールを送信してその組織のシステムを侵害する計画を立てています。この目的のために、彼はターゲットのメールを追跡するツールを使用し、さまざまな公開ソースから送信者の ID、モール サーバー、送信者の IP アドレス、送信者の場所などの情報を抽出します。また、haveibeenpwned.com API を使用して、メール アドレスが漏洩していないかどうかも確認します。
上記のシナリオでウィルソンが使用するツールは次のどれですか?

  • A. ズーム情報
  • B. 挿入
  • C. ネットクラフト
  • D. ファクティバ

正解:B

解説:
Infoga may be a tool gathering email accounts informations (ip,hostname,country,...) from completely different public supply (search engines, pgp key servers and shodan) and check if email was leaked using haveibeenpwned.com API. is a really simple tool, however very effective for the first stages of a penetration test or just to know the visibility of your company within the net.


質問 # 351
トムは新しいスタートアップを設立する際にクラウド サービス プロバイダー (CSP) を雇いましたが、そのサービスに満足できず、別の CSP に移行したいと考えていました。
契約のどの部分が彼のそうすることを妨げる可能性があるでしょうか?

  • A. 仮想化
  • B. ロックイン
  • C. ロックダウン
  • D. ロックアップ

正解:B

解説:
Lock-in reflects the inability of the client to migrate from one CSP to another or in-house systems owing to the lack of tools, procedures, standard data formats, applications, and service portability. This threat is related to the inappropriate selection of a CSP, incomplete and non-transparent terms of use, lack of standard mechanisms, etc. (P.2884/2868)


質問 # 352
あなたは、ハイブリッド暗号化システムを使用して部門間の通信を保護する多国籍企業の主任サイバーセキュリティアナリストです。このシステムでは、キー交換に RSA 暗号化を使用し、データ暗号化に AES を使用して、非対称暗号化と対称暗号化の両方の長所を活用しています。各 RSA キー ペアのサイズは 'n' ビットで、キーが大きいほどセキュリティは向上しますが、パフォーマンスは低下します。RSA キー ペアの生成にかかる時間は O(n*2) で、AES 暗号化にかかる時間は O(n) です。
攻撃者は、RSA 暗号を解読するために、時間計算量が O((log n)*2) の量子アルゴリズムを開発しました。
*n=4000' および可変 'AES キー サイズ' が与えられた場合、どのシナリオがセキュリティとパフォーマンスの最適なバランスを提供する可能性がありますか? どのシナリオがセキュリティとパフォーマンスの最適なバランスを提供しますか?

  • A. 168ビットキーを使用した3DESによるデータ暗号化: 高いセキュリティを提供しますが、
    3DES の本質的な非効率性。
  • B. AES-128 によるデータ暗号化: 中程度のセキュリティと高速な暗号化を提供し、両者のバランスを保ちます。
  • C. AES-256 によるデータ暗号化: 3DES よりも優れたパフォーマンスで高いセキュリティを提供しますが、他の AES キー サイズほど高速ではありません。
  • D. 448 ビット キーを使用した Blowfish によるデータ暗号化: 高いセキュリティを提供しますが、Blowfish の使用があまり広まっていないため、互換性の問題が発生する可能性があります。

正解:B

解説:
Data encryption with AES-128 is likely to provide the best balance of security and performance in this scenario. This option works as follows:
* AES-128 is a symmetric encryption algorithm that uses a 128-bit key to encrypt and decrypt data.
AES-128 is one of the most widely used and trusted encryption algorithms, and it is considered secure against classical and quantum attacks, as long as the key is not compromised. AES-128 has a time complexity of O(n), which means that the encryption and decryption time is proportional to the size of the data. AES-128 is also fast and efficient, as it can process 16 bytes of data in each round, and it requires only 10 rounds to complete the encryption or decryption12.
* RSA-4000 is an asymmetric encryption algorithm that uses a 4000-bit key pair to encrypt and decrypt data. RSA-4000 is used for key exchange, which means that it is used to securely share the AES-128 key between the sender and the receiver. RSA-4000 has a time complexity of O(n*2), which means that the key generation, encryption, and decryption time is proportional to the square of the size of the key.
RSA-4000 is also slow and resource-intensive, as it involves large number arithmetic and modular exponentiation operations. RSA-4000 is considered secure against classical attacks, but it is vulnerable to quantum attacks, especially if the attacker has access to a quantum computer with sufficient resources to run Shor's algorithm, which can factor large numbers in polynomial time34.
* The attacker's quantum algorithm has a time complexity of O((log n)*2), which means that the cracking time is proportional to the square of the logarithm of the size of the key. This implies that the attacker can crack RSA-4000 much faster than a classical computer, as the logarithm function grows much slower than the linear or quadratic function. For example, if a classical computer takes 10^12 years to crack RSA-4000, a quantum computer with the attacker's algorithm could do it in about 10^4 years, which is still a long time, but not impossible5.
Therefore, data encryption with AES-128 is likely to provide the best balance of security and performance in this scenario, because:
* AES-128 is secure and fast, and it can encrypt large amounts of data efficiently.
* RSA-4000 is slow and vulnerable, but it is only used for key exchange, which involves a small amount of data and a one-time operation.
* The attacker's quantum algorithm is powerful, but it is not practical, as it requires a quantum computer with a large number of qubits and a long coherence time, which are not available yet.
The other options are not as balanced as option C for the following reasons:
* A. Data encryption with 3DES using a 168-bit key: This option offers high security but slower performance due to 3DES's inherent inefficiencies. 3DES is a symmetric encryption algorithm that uses a 168-bit key to encrypt and decrypt data. 3DES is a variant of DES, which is an older and weaker encryption algorithm that uses a 56-bit key. 3DES applies DES three times with different keys to increase the security, but this also increases the complexity and reduces the speed. 3DES has a time complexity of O(n), but it is much slower than AES, as it can process only 8 bytes of data in each round, and it requires 48 rounds to complete the encryption or decryption. 3DES is considered secure against classical and quantum attacks, but it is not recommended for new applications, as it is outdated and inefficient67.
* B. Data encryption with Blowfish using a 448-bit key: This option offers high security but potential compatibility issues due to Blowfish's less widespread use. Blowfish is a symmetric encryption algorithm that uses a variable key size, up to 448 bits, to encrypt and decrypt data. Blowfish is fast and secure, and it has a time complexity of O(n), as it can process 8 bytes of data in each round, and it requires 16 rounds to complete the encryption or decryption. Blowfish is considered secure against classical and quantum attacks, but it is not as popular or standardized as AES, and it may have compatibility issues with some applications or platforms89.
* D. Data encryption with AES-256: This option provides high security with better performance than
3DES, but not as fast as other AES key sizes. AES-256 is a symmetric encryption algorithm that uses a
256-bit key to encrypt and decrypt data. AES-256 is a variant of AES, which is the most widely used and trusted encryption algorithm. AES-256 has a time complexity of O(n), and it can process 16 bytes of
* data in each round, but it requires 14 rounds to complete the encryption or decryption, which is more than AES-128 or AES-192. AES-256 is considered secure against classical and quantum attacks, but it is not as fast as other AES key sizes, and it may not be necessary for most applications, as AES-128 or AES-192 are already secure enough12.
References:
* 1: Advanced Encryption Standard - Wikipedia
* 2: AES Encryption: What It Is and How It Works | Kaspersky
* 3: RSA (cryptosystem) - Wikipedia
* 4: RSA Encryption: What It Is and How It Works | Kaspersky
* 5: Shor's algorithm - Wikipedia
* 6: Triple DES - Wikipedia
* 7: 3DES Encryption: What It Is and How It Works | Kaspersky
* 8: Blowfish (cipher) - Wikipedia
* 9: Blowfish Encryption: What It Is and How It Works | Kaspersky


質問 # 353
自身のコードを変更し、複製時に自分自身を複数回暗号化できるウイルスの種類はどれですか?

  • A. ステルスウイルス
  • B. 虫歯ウイルス
  • C. 暗号化ウイルス
  • D. トンネルウイルス

正解:A

解説:
A stealth virus may be a sort of virus malware that contains sophisticated means of avoiding detection by antivirus software. After it manages to urge into the now-infected machine a stealth viruses hides itself by continually renaming and moving itself round the disc.Like other viruses, a stealth virus can take hold of the many parts of one's PC. When taking control of the PC and performing tasks, antivirus programs can detect it, but a stealth virus sees that coming and can rename then copy itself to a special drive or area on the disc, before the antivirus software. Once moved and renamed a stealth virus will usually replace the detected
'infected' file with a clean file that doesn't trigger anti-virus detection. It's a never-ending game of cat and mouse.The intelligent architecture of this sort of virus about guarantees it's impossible to completely rid oneself of it once infected. One would need to completely wipe the pc and rebuild it from scratch to completely eradicate the presence of a stealth virus. Using regularly-updated antivirus software can reduce risk, but, as we all know, antivirus software is additionally caught in an endless cycle of finding new threats and protecting against them.
https://www.techslang.com/definition/what-is-a-stealth-virus/


質問 # 354
悪意のあるユーザーが、Kerberoasting 攻撃で有効なユーザーのチケット保証チケットを使用して、ドメイン コントローラからチケット保証サービスを取得しました。彼はオフライン クラッキングのためにメモリから TGS チケットを取得しました。しかし、攻撃者は攻撃を完了する前に阻止されました。システム管理者は、潜在的な侵害を調査して修復する必要があります。システム管理者が直ちに実行すべき手順は何ですか?

  • A. STの暗号化に使用するNTLMパスワードハッシュを変更する
  • B. 攻撃者が取得したTGSを無効にする
  • C. システムの再起動を実行してメモリをクリアします
  • D. 侵害されたユーザーのアカウントを削除する

正解:B

解説:
A Kerberoasting attack is a technique that exploits the Kerberos authentication protocol to obtain the password hash of a service account that has a Service Principal Name (SPN). An attacker can request a service ticket (TGS) for the SPN using a valid user's ticket (TGT) and then attempt to crack the password hash offline. To prevent the attacker from using the TGS to access the service, the system administrator should invalidate the TGS as soon as possible. This can be done by changing the password of the service account, which will generate a new password hash and render the old TGS useless. Alternatively, the system administrator can use tools like Mimikatz to purge the TGS from the memory of the domain controller or the client system.
Performing a system reboot, deleting the compromised user's account, or changing the NTLM password hash used to encrypt the ST are not effective ways to invalidate the TGS, as they do not affect the encryption of the TGS or the validity of the TGT. References:
* EC-Council CEHv12 Courseware Module 11: Hacking Webservers, page 11-24
* What is a Kerberoasting Attack? - CrowdStrike
* How to Perform Kerberoasting Attacks: The Ultimate Guide - StationX


質問 # 355
......

無料ダウンロードECCouncil 312-50v12日本語リアル試験問題:https://jp.fast2test.com/312-50v12-JPN-premium-file.html


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어