試験合格保証付きのCertified Ethical Hacker 312-38試験問題集 [Q143-Q163]

Share

試験合格保証付きのCertified Ethical Hacker 312-38試験問題集

EC-COUNCIL 312-38日常練習試験は2024年最新のに更新された359問あります


EC-COUNCIL 312-38試験は、最も高度なネットワーク防御の認証資格の1つであり、IT業界で非常に価値があります。これは、世界的に認められており、キャリアで優れた成果を上げたいITプロフェッショナルにとって必要不可欠なものです。また、この認証は、個人が組織のネットワークをサイバー攻撃から保護する能力を示すため、雇用主からも高く評価されています。


EC-COUNCILの312-38試験は、ネットワーク防御の分野での個人の知識とスキルをテストするように設計されています。この試験は、ネットワークセキュリティと防御技術に関する包括的な理解を提供するEC-Council Certified Network Defender(CND)認定の一部であり、ネットワークセキュリティの分野で知識とスキルを向上させたいITプロフェッショナルに最適な上級認定資格です。

 

質問 # 143
Which of the following is an open source implementation of the syslog protocol for Unix?

  • A. syslog Unix
  • B. syslog-ng
  • C. syslog-os
  • D. Unix-syslog

正解:B


質問 # 144
Which of the following IEEE standards operates at 2.4 GHz bandwidth and transfers data at a rate of 54 Mbps?

  • A. 802.11g
  • B. 802.11r
  • C. 802.11a
  • D. 802.11n

正解:A


質問 # 145
Which of the following fields in the IPv6 header replaces the TTL field in the IPv4 header?

  • A. Traffic class
  • B. Hop limit
  • C. Version
  • D. Next header

正解:B

解説:
Explanation/Reference:


質問 # 146
How can a WAF validate traffic before it reaches a web application?

  • A. It uses a rule-based filtering technique
  • B. It uses a role-based filtering technique
  • C. It uses a sandboxing filtering technique
  • D. It uses an access-based filtering technique

正解:A

解説:
A Web Application Firewall (WAF) validates traffic before it reaches a web application by using a rule-based filtering technique. This involves inspecting HTTP requests and applying predefined rules to identify and block potentially malicious traffic. The rules are designed to detect common web-based threats and vulnerabilities, ensuring that only safe traffic is allowed to reach the application. By analyzing parts of the HTTP conversation such as GET and POST requests, headers, query strings, and the body of requests, the WAF can effectively prevent data breaches and other attacks by blocking traffic that matches known malicious patterns12345.
References: The function and operation of WAFs are detailed in cybersecurity resources and align with the Certified Network Defender (CND) program's objectives and documents. These sources explain how WAFs use rule-based filtering to protect web applications from various cyber threats12345.


質問 # 147
Which of the following is an attack on a website that changes the visual appearance of the site and seriously damages the trust and reputation of the website?

  • A. Buffer overflow
  • B. Zero-day attack
  • C. Website defacement
  • D. Spoofing

正解:C

解説:
Website defacement is an attack on a website that changes the visual appearance of the site. These are typically the work of system crackers, who break into a Web server and replace the hosted website with one of their own. Sometimes, the Defacer makes fun of the system administrator for failing to maintain server security. Most times, the defacement is harmless; however, it can sometimes be used as a distraction to cover up more sinister actions such as uploading malware.
A high-profile website defacement was carried out on the website of the company SCO Group following its assertion that Linux contained stolen code. The title of the page was changed from Red Hat vs. SCO to SCO vs. World with various satirical content.
Answer option D is incorrect. Buffer overflow is a condition in which an application receives more data than it is configured to accept. This usually occurs due to programming errors in the application. Buffer overflow can terminate or crash the application.
Answer option B is incorrect. A zero-day attack, also known as zero-hour attack, is a computer threat that tries to exploit computer application vulnerabilities which are unknown to others, undisclosed to the software vendor, or for which no security fix is available. Zero-day exploits (actual code that can use a security hole to carry out an attack) are used or shared by attackers before the software vendor knows about the vulnerability. User awareness training is the most effective technique to mitigate such attacks.
Answer option C is incorrect. Spoofing is a technique that makes a transmission appear to have come from an authentic source by forging the IP address, email address, caller ID, etc. In IP spoofing, a hacker modifies packet headers by using someone else's IP address to hide his identity. However, spoofing cannot be used while surfing the Internet, chatting on-line, etc. because forging the source IP address causes the responses to be misdirected.


質問 # 148
Phishing-like attempts that present users a fake usage bill of the cloud provider is an example of a:

  • A. User to service attack surface
  • B. User to cloud attack surface
  • C. Cloud to user attack surface
  • D. Cloud to service attack surface

正解:C

解説:
Phishing attempts that target users with fake usage bills from a cloud provider are examples of a cloud to user attack surface. This type of attack surface refers to the potential vulnerabilities and entry points that exist between the cloud service provider and the user. In this scenario, the attacker is exploiting the trust relationship between the user and the cloud service provider by presenting a fraudulent bill, hoping the user will reveal sensitive information or make a payment based on the fake bill.
References: The explanation is consistent with the Certified Network Defender (CND) curriculum, which includes understanding various attack surfaces, including cloud and user-related surfaces, and how they can be exploited through phishing and other social engineering attacks12.


質問 # 149
Which of the following is true regarding any attack surface?

  • A. Decrease in vulnerabilities decreases the attack surface
  • B. Decrease in risk exposures increases the attack surface
  • C. Decrease in vulnerabilities increases the attack surface
  • D. Increase in vulnerabilities decreases the attack surface

正解:A


質問 # 150
Which of following are benefits of using loT devices in loT-enabled environments? I. loT device car be connected anytime M. loT device can be connected at any place ill. loT devices connected to anything

  • A. I and II
  • B. II
  • C. I, II and III
  • D. I

正解:C


質問 # 151
Which Internet access policy starts with all services blocked and the administrator enables safe and necessary services individually, which provides maximum security and logs everything, such as system and network activities?

  • A. Permissive policy
  • B. Prudent policy
  • C. Paranoid policy
  • D. Internet access policy

正解:B


質問 # 152
Which of the following key features is used by TCP in order to regulate the amount of data sent by a host to
another host on the network?

  • A. Flow control
  • B. TCP timestamp
  • C. Congestion control
  • D. Sequence number

正解:A

解説:
Flow control is the process of regulating the amount of data sent by a host to another host on the network. The
flow control mechanism controls packet flow so that a sender does not transmit more packets than a receiver
can process. TCP uses a sliding window flow control protocol. In each TCP segment, the receiver specifies in
the receive window field the amount of additional received data (in bytes) that it is willing to buffer for the
connection. The sending host can send only up to that amount of data before it must wait for an
acknowledgment and window update from the receiving host.
Answer option A is incorrect. TCP uses a sequence number for identifying each byte of data.
Answer option B is incorrect. TCP timestamp helps TCP to compute the round-trip time between the sender
and receiver.
Answer option C is incorrect. Congestion control concerns controlling traffic entry into a telecommunications
network, so as to avoid congestive collapse by attempting to avoid oversubscription of any of the processing or
link capabilities of the intermediate nodes and networks and taking resource reducing steps, such as reducing
the rate of sending packets. It should not be confused with flow control, which prevents the sender from
overwhelming the receiver.


質問 # 153
Management wants to bring their organization into compliance with the ISO standard for information security risk management. Which ISO standard will management decide to implement?

  • A. ISO/IEC 27006
  • B. ISO/IEC 27004
  • C. ISO/IEC 27002
  • D. ISO/IEC 27005

正解:D


質問 # 154
Which of the following firewalls are used to monitor the status of active connections, and configure the network packets to pass through the firewall? Each correct answer represents a complete solution. Choose all that apply.

  • A. The circuit gateway
  • B. Farm owner
  • C. Proxy server
  • D. Dynamic packet filtering

正解:B、D


質問 # 155
John has successfully remediated the vulnerability of an internal application that could have caused a threat to the network. He is scanning the application for the existence of a remediated vulnerability, this process is called a________and it has to adhere to the_________

  • A. Risk analysis, Risk matrix
  • B. Vulnerability scanning, Risk Analysis
  • C. Mitigation, Security policies
  • D. Verification, Security Policies

正解:D

解説:
The process of scanning an application for the existence of a remediated vulnerability is known as verification. This step is crucial to ensure that the vulnerability has been properly addressed and that the application is no longer susceptible to the previously identified threat. Verification must adhere to the organization's security policies, which provide the framework and guidelines for all security-related activities.
These policies ensure that the verification process is conducted in a manner that is consistent with the organization's overall security posture and compliance requirements.
References: The Certified Network Defender (CND) program emphasizes the importance of adhering to security policies during all stages of network defense, including the verification of remediated vulnerabilities. This ensures that the network remains secure and that all defense measures are in line with the established security protocols123.


質問 # 156
Which of the following examines Recovery Point Objectives (RPOs) and Recovery Time Objectives (RTOs) for a disaster recovery strategy?

  • A. Risk Assessment
  • B. Business Impact Analysis
  • C. Business Continuity Plan
  • D. Risk Management

正解:B

解説:
Business Impact Analysis (BIA) is the process that determines the potential impacts of business function disruptions and gathers information needed to develop recovery strategies. A critical part of BIA is examining Recovery Point Objectives (RPOs) and Recovery Time Objectives (RTOs) for a disaster recovery strategy. RPOs define the maximum age of files that must be recovered from backup storage for normal operations to resume after a disaster, while RTOs specify the maximum amount of time that a resource can remain unavailable after a disaster.


質問 # 157
Which of the following systems includes an independent NAS Head and multiple storage arrays?

  • A. Integrated NAS System
  • B. FreeNAS
  • C. Gateway NAS System
  • D. None of these

正解:C

解説:
A Gateway NAS System is characterized by having an independent NAS head that manages file services and multiple storage arrays. This configuration allows for the NAS head to be connected to external storage arrays, providing flexibility and scalability. The NAS head serves as the gateway between the clients and the storage arrays, managing file I/O requests and directing them to the appropriate storage resources.
References: The information about Gateway NAS systems and their architecture can be found in various educational resources and is consistent with the Certified Network Defender (CND) course materials, which discuss different NAS implementations and their components12.


質問 # 158
Identity the method involved in purging technique of data destruction.

  • A. Wiping
  • B. Degaussing
  • C. Overwriting
  • D. Incineration

正解:C

解説:
The purging technique of data destruction is aimed at making data recovery infeasible using logical methods, which directly target the data at the memory level. Overwriting is a prevalent technique for purging, where data is destroyed by being overwritten with unintelligible characters like 0s and 1s. This method ensures that the original data cannot be recovered.
References: The explanation is based on the understanding of data destruction methods, where overwriting is identified as a logical method of purging data to prevent its recovery123.
12.


質問 # 159
The _______ protocol works in the network layer and is responsible for handling the error codes during the delivery of packets. This protocol is also responsible for providing communication in the TCP/IP stack.

  • A. ICMP
  • B. RARP
  • C. ARP
  • D. DHCP

正解:A


質問 # 160
How is a "risk" represented?

  • A. Asset + threat
  • B. Asset + threat + vulnerability
  • C. Motive (goal) + method
  • D. Motive (goal) + method + vulnerability

正解:B

解説:
In cybersecurity, risk is represented by the combination of an asset, a threat, and a vulnerability. This means that for a risk to exist, there must be something of value (an asset) that could be negatively impacted, a potential source of harm (a threat), and a weakness that could be exploited (a vulnerability). The presence of an asset alone does not constitute a risk without the potential for a threat to exploit a vulnerability. Similarly, a threat without the ability to exploit a vulnerability does not pose a risk to an asset. Therefore, the representation of risk encompasses all three elements: the asset that needs protection, the threat that could cause harm, and the vulnerability that could allow the threat to affect the asset.


質問 # 161
A newly joined network administrator wants to assess the organization against possible risk. He notices the organization doesn't have a________identified which helps measure how risky an activity is.

  • A. Risk levels
  • B. Risk Severity
  • C. Key Risk Indicator
  • D. Risk Matrix

正解:D

解説:
A Risk Matrix is a tool used to define and prioritize risks. It helps in assessing the likelihood of an event occurring and the impact it would have on the organization, thus measuring how risky an activity is. By not having a Risk Matrix, the network administrator lacks a structured approach to identify, assess, and prioritize risks, which is crucial for effective risk management.


質問 # 162
Which of the following protocols is a method of implementing virtual private networks?

  • A. PPTP
  • B. OSPF
  • C. DHCP
  • D. IRDP

正解:A


質問 # 163
......

テストエンジン練習312-38テスト問題:https://jp.fast2test.com/312-38-premium-file.html

有効問題を試そう!312-38実際の試験問題解答:https://drive.google.com/open?id=1hX4VX5vRkiW8wDjSecAHfUnZs03ny01M


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어