
試験合格保証付きのCertified Ethical Hacker 312-38試験問題集
EC-COUNCIL 312-38日常練習試験は2023年最新のに更新された232問あります
EC-COUNCIL 312-38 試験は、ネットワークセキュリティに関連する一連のトピックをカバーしています。ネットワークセキュリティのコントロール、プロトコル、デバイス、脅威、およびベストプラクティスなどのトピックが含まれます。試験は、ネットワークセキュリティポリシー、リスク管理、セキュリティオペレーション、およびインシデント対応などのトピックもカバーしています。
CND認定は、組織のネットワークの保護を担当するIT専門家向けに設計されています。この認証は、ネットワークセキュリティ、ネットワーク防衛、セキュリティポリシーと手順などのトピックをカバーしています。この認定は、専門家に、さまざまな種類のサイバー攻撃から組織のネットワークを保護するために必要なスキルと知識を提供するように設計されています。
質問 # 55
Jason works as a System Administrator for www.company.com Inc. The company has a Windows- based network. Sam, an employee of the company, accidentally changes some of the applications and system settings. He complains to Jason that his system is not working properly.
To troubleshoot the problem, Jason diagnoses the internals of his computer and observes that some changes have been made in Sam's computer registry. To rectify the issue, Jason has to restore the registry. Which of the following utilities can Jason use to accomplish the task? Each correct answer represents a complete solution. Choose all that apply.
- A. EventCombMT
- B. Reg.exe
- C. Regedit.exe
- D. Resplendent registrar
正解:B、C、D
質問 # 56
CORRECT TEXT
Fill in the blank with the appropriate term.______________is a codename referring to investigations and studies of compromising emission (CE).
正解:
解説:
TEMPEST
Explanation:
TEMPEST is a codename referring to investigations and studies of compromising emission (CE). Compromising emanations are defined as unintentional intelligence-bearing signals which, if intercepted and analyzed, may disclose the information transmitted, received, handled, or otherwise processed by any information-processing equipment. Tempest stands for Transient ElectroMagnetic Pulse Emanations Standard according to Certified Information Systems Security Professional training. TEMPEST was the name of a U.S. government project to study the effects of electric or electromagnetic radiation emanations from electronic equipment.
質問 # 57
CORRECT TEXT
Fill in the blank with the appropriate word. The ____________________risk analysis process analyzes the effect of a risk event deriving a numerical value.
正解:
解説:
quantitative
Explanation:
Quantitative risk analysis is a process to assess the probability of achieving particular project objectives, to quantify the effect of risks on the whole project objective, and to prioritize the risks based on the impact to the overall project risk. The quantitative risk analysis process analyzes the effect of a risk event deriving a numerical value. It also presents a quantitative approach to build decisions in the presence of uncertainty. The inputs for quantitative risk analysis are as follows: Organizational process assets Project scope statement Risk management plan Risk register Project management plan
質問 # 58
Network security is the specialist area, which consists of the provisions and policies adopted by the Network
Administrator to prevent and monitor unauthorized access, misuse, modification, or denial of the computer
network and network-accessible resources. For which of the following reasons is network security needed?
Each correct answer represents a complete solution. Choose all that apply.
- A. To prevent a user from sending a message to another user with the name of a third person
- B. To protect information from loss and deliver it to its destination properly
- C. To protect private information on the Internet
- D. To protect information from unwanted editing, accidentally or intentionally by unauthorized users
正解:A、B、C、D
解説:
Network security is needed for the following reasons:
To protect private information on the Internet
To protect information from unwanted editing, accidentally or intentionally by unauthorized users
To protect information from loss and deliver it to its destination properly
To prevent a user from sending a message to another user with the name of a third person
質問 # 59
Which authentication technique involves mathematical pattern-recognition of the colored part of the eye behind the cornea?
- A. Iris Scanning
- B. Retinal Scanning
- C. Facial Recognition
- D. Vein Scanning
正解:A
質問 # 60
Which of the following is a network layer protocol used to obtain an IP address for a given hardware (MAC)
address?
- A. IP
- B. ARP
- C. PIM
- D. RARP
正解:D
解説:
Reverse Address Resolution Protocol (RARP) is a Network layer protocol used to obtain an IP address for a
given hardware (MAC) address. RARP is sort of the reverse of an ARP. Common protocols that use RARP are
BOOTP and DHCP.
Answer option D is incorrect. Address Resolution Protocol (ARP) is a network maintenance protocol of the
TCP/IP protocol suite. It is responsible for the resolution of IP addresses to media access control (MAC)
addresses of a network interface card (NIC). The ARP cache is used to maintain a correlation between a MAC
address and its corresponding IP address. ARP provides the protocol rules for making this correlation and
providing address conversion in both directions. ARP is limited to physical network systems that support
broadcast packets.
Answer option B is incorrect. Protocol-Independent Multicast (PIM) is a family of multicast routing protocols for
Internet Protocol (IP) networks that provide one-to-many and many-to-many distribution of data over a LAN,
WAN, or the Internet. It is termed protocol-independent because PIM does not include its own topology
discovery mechanism, but instead uses routing information supplied by other traditional routing protocols, such
as Border Gateway Protocol (BGP).
Answer option A is incorrect. The Internet Protocol (IP) is a protocol used for communicating data across a
packet-switched inter-network using the Internet Protocol Suite, also referred to as TCP/IP.
IP is the primary protocol in the Internet Layer of the Internet Protocol Suite and has the task of delivering
distinguished protocol datagrams (packets) from the source host to the destination host solely based on their
addresses. For this purpose, the Internet Protocol defines addressing methods and structures for datagram
encapsulation. The first major version of addressing structure, now referred to as Internet Protocol Version 4
(IPv4), is still the dominant protocol of the Internet, although the successor, Internet Protocol Version 6 (IPv6),
is being deployed actively worldwide.
質問 # 61
CORRECT TEXT
Fill in the blank with the appropriate term. The _____________is an application layer protocol that is used between workstations and routers for transporting SNA/NetBIOS traffic over TCP sessions.
正解:
解説:
DCAP
Explanation:
The Data Link Switching Client Access Protocol (DCAP) is an application layer protocol that is used between workstations and routers for transporting SNA/NetBIOS traffic over TCP sessions. It was introduced in order to address a few deficiencies by the Data Link Switching Protocol (DLSw). The DLSw raises the important issues of scalability and efficiency, and since DLSw is a switch-toswitch protocol, it is not efficient when implemented on workstations. DCAP was introduced in order to address these issues.
質問 # 62
Which of the following are the valid steps for securing routers? Each correct answer represents a complete solution. Choose all that apply.
- A. Use a password that is easy to remember for a router's administrative console.
- B. Use a complex password for a router's administrative console.
- C. Keep routers updated with the latest security patches.
- D. Configure access list entries to prevent unauthorized connections and traffic routing.
正解:B、C、D
解説:
The following are the valid steps for securing routers and devices:
Configure access list entries to prevent unauthorized connections and traffic routing.
Use a complex password for a router's administrative console.
Keep routers in locked rooms.
Keep routers updated with the latest security patches.
Use monitoring an equipment to protect routers and devices.
Router is a device that routes data packets between computers in different networks. It is used to connect multiple networks, and it determines the path to be taken by each data packet to its destination computer.
Router maintains a routing table of the available routes and their conditions. By using this information, along with distance and cost algorithms, the router determines the best path to be taken by the data packets to the destination computer. A router can connect dissimilar networks, such as Ethernet, FDDI, and Token Ring, and route data packets among them. Routers operate at the network layer (layer 3) of the Open Systems Interconnection (OSI) model.
A security patch is a program that eliminates a vulnerability exploited by hackers.
質問 # 63
Consider a scenario consisting of a tree network. The root Node N is connected to two man nodes N1 and N2. N1 is connected to N11 and N12. N2 is connected to N21 and N22. What will happen if any one of the main nodes fail?
- A. Does not cause any disturbance to the child nodes or its tranmission
- B. Affects the root node only
- C. Failure of the main node affects all other child nodes at the same level irrespective of the main node.
- D. Failure of the main node will affect all related child nodes connected to the main node
正解:D
質問 # 64
Which of the following IP addresses is not reserved for the hosts? Each correct answer represents a complete solution. Choose all that apply.
- A. class A
- B. B-
- C. class D
- D. E-Class
正解:C、D
質問 # 65
Which of the following is an attack on a website that changes the appearance of the site and seriously damage the website trust and reputation?
- A. Buffer overflow
- B. None
- C. spoofing
- D. Zero-day attack
- E. website defacement
正解:E
質問 # 66
Brendan wants to implement a hardware based RAID system in his network. He is thinking of choosing a suitable RAM type for the architectural setup in the system. The type he is interested in provides access times of up to 20 ns. Which type of RAM will he select for his RAID system?
- A. SRAM
- B. SDRAM
- C. NAND flash memory
- D. NVRAM
正解:A
質問 # 67
Michelle is a network security administrator working at a multinational company. She wants to provide secure access to corporate data (documents, spreadsheets, email, schedules, presentations, and other enterprise data) on mobile devices across organizations networks without being slowed down and also wants to enable easy and secure sharing of information between devices within an enterprise. Based on the above mentioned requirements, which among the following solution should Michelle implement?
- A. MAM
- B. MEM
- C. MCM
- D. MDM
正解:D
質問 # 68
Which of the following is a tool that runs on the Windows OS and analyzes iptables log messages to detect
port scans and other suspicious traffic?
- A. Hping
- B. Nmap
- C. PSAD
- D. NetRanger
正解:C
解説:
PSAD is a tool that runs on the Windows OS and analyzes iptables log messages to detect port scans and
other suspicious traffic. It includes many signatures from the IDS to detect probes for various backdoor
programs such as EvilFTP, GirlFriend, SubSeven, DDoS tools (mstream, shaft), and advanced port scans
(FIN, NULL, XMAS). If it is combined with fwsnort and the Netfilter string match extension, it detects most of
the attacks described in the Snort rule set that involve application layer data.
Answer option C is incorrect. NetRanger is the complete network configuration and information toolkit that
includes the following tools: Ping tool, Trace Route tool, Host Lookup tool, Internet time synchronizer, Whois
tool, Finger Unix hosts tool, Host and port scanning tool, check multiple POP3 mail accounts tool, manage
dialup connections tool, Quote of the day tool, and monitor Network Settings tool. These tools are integrated in
order to use an application interface with full online help. NetRanger is designed for both new and experienced
users. This tool is used to help diagnose network problems and to get information about users, hosts, and
networks on the Internet or on a user computer network. NetRanger uses multi-threaded and multi-connection
technologies in order to be very fast and efficient.
Answer option D is incorrect. Nmap is a free open-source utility for network exploration and security auditing. It
is used to discover computers and services on a computer network, thus creating a "map" of the network. Just
like many simple port scanners, Nmap is capable of discovering passive services. In addition, Nmap may be
able to determine various details about the remote computers. These include operating system, device type,
uptime, software product used to run a service, exact version number of that product, presence of some
firewall techniques and, on a local area network, even vendor of the remote network card. Nmap runs on Linux,
Microsoft Windows, etc.
質問 # 69
Which of the following statements holds true in terms of virtual machines?
- A. Hardware-level virtualization takes place in VMs
- B. All VMs share the host OS
- C. OS-level virtualization takes place in VMs
- D. VMs are light weight than container
正解:A
質問 # 70
Which of the following steps of the OPSEC process examines each aspect of the planned operation to identify OPSEC indicators that could reveal critical information and then compare those indicators with the adversary's intelligence collection capabilities identified in the previous action?
- A. Assessment of Risk
- B. Analysis of Vulnerabilities
- C. Identification of Critical Information
- D. Application of Appropriate OPSEC Measures
- E. Analysis of Threats
正解:B
解説:
OPSEC is a 5-step process that helps in developing protection mechanisms in order to safeguard sensitive information and preserve essential secrecy. The OPSEC process has five steps, which are as follows:
1.Identification of Critical Information: This step includes identifying information vitally needed by an adversary, which focuses the remainder of the OPSEC process on protecting vital information, rather than attempting to protect all classified or sensitive unclassified information.
2.Analysis of Threats: This step includes the research and analysis of intelligence, counter-intelligence, and open source information to identify likely adversaries to a planned operation.
3.Analysis of Vulnerabilities: It includes examining each aspect of the planned operation to identify OPSEC indicators that could reveal critical information and then comparing those indicators with the adversary's intelligence collection capabilities identified in the previous action. 4.Assessment of Risk: Firstly, planners analyze the vulnerabilities identified in the previous action and identify possible OPSEC measures for each vulnerability. Secondly, specific OPSEC measures are selected for execution based upon a risk assessment done by the commander and staff.
5.Application of Appropriate OPSEC Measures: The command implements the OPSEC measures selected in the assessment of risk action or, in the case of planned future operations and activities, includes the measures in specific OPSEC plans.
質問 # 71
Which of the following is the practice of sending unwanted e-mail messages, frequently with commercial
content, in large quantities to an indiscriminate set of recipients? Each correct answer represents a complete
solution. Choose all that apply.
- A. Email jamming
- B. Email spoofing
- C. E-mail spam
- D. Junk mail
正解:C、D
解説:
E-mail spam, also known as unsolicited bulk email (UBE), junk mail, or unsolicited commercial email (UCE), is
the practice of sending unwanted e-mail messages, frequently with commercial content, in large quantities to
an indiscriminate set of recipients.
Answer option A is incorrect. Email spoofing is a fraudulent email activity in which the sender address and
other parts of the email header are altered to appear as though the email originated from a different source.
Email spoofing is a technique commonly used in spam and phishing emails to hide the origin of the email
message. By changing certain properties of the email, such as the From, Return-Path and Reply-To fields
(which can be found in the message header), ill-intentioned users can make the email appear to be from
someone other than the actual sender. The result is that, although the email appears to come from the address
indicated in the From field (found in the email headers), it actually comes from another source.
Answer option D is incorrect. Email jamming is the use of sensitive words in e-mails to jam the authorities that
listen in on them by providing a form of a red herring and an intentional annoyance. In this attack, an attacker
deliberately includes "sensitive" words and phrases in otherwise innocuous emails to ensure that these are
picked up by the monitoring systems. As a result, the senders of these emails will eventually be added to a
"harmless" list and their emails will be no longer intercepted, hence it will allow them to regain some privacy.
質問 # 72
Which of the following provide an "always on" Internet access service when connecting to an ISP?Each correct answer represents a complete solution. Choose two.
- A. Digital modem
- B. DSL
- C. Cable modem
- D. Analog modem
正解:B、C
解説:
DSL and Cable modems are used in remote-access WAN technology for connecting to the Internet. Both provide an "always on" Internet access service. Answer options C and A are incorrect. Analog and Digital modems are not always in 'ON' mode when connecting to an ISP. Analog modems transmit analog voice signals, while Digital modems transmit digital signals over a link.
質問 # 73
Which type of attack is used to hack an IoT device and direct large amounts of network traffic toward a web server, resulting in overloading the server with connections and preventing any new connections?
- A. XCRF
- B. DDoS
- C. XSS
- D. Sniffing
正解:B
質問 # 74
Which of the following is a kind of security, which deals with the protection of false signals transmitted by the electrical system?
- A. emanation Safety
- B. None
- C. communications Security
- D. physical security
- E. hardware security
正解:A
質問 # 75
......
EC-Council Certified Network Defender(CND)は、サイバー脅威からコンピューターネットワークを保護および防御するために必要なスキルと知識を評価および検証する専門的な認定試験です。この認定は、ネットワークセキュリティのキャリアを追求したい個人向けに設計されており、サイバー攻撃を検出および防止し、ネットワークインフラストラクチャを保護し、セキュリティインシデントに対応するために必要なスキルを装備することを目指しています。
テストエンジン練習312-38テスト問題:https://jp.fast2test.com/312-38-premium-file.html
有効問題を試そう!312-38実際の試験問題解答:https://drive.google.com/open?id=1EczvPbQUPGF8pzq2yvSqK47gUmhMHtgN