312-50v11リアルな試験問題312-50v11練習問題集
厳密検証された312-50v11試験問題集と解答で無料提供の312-50v11問題と正解付き
CEH V11認定試験に合格するには、候補者は倫理的ハッキングの概念と原則を完全に理解することを実証する必要があります。また、コンピューターシステム、ネットワーク、アプリケーションの脆弱性を特定し、それらを悪用する方法を理解できる必要があります。認定試験は、監督済みの環境で実施され、候補者の知識とスキルをテストする複数選択の質問で構成されています。試験は困難なように設計されており、候補者は合格するために最低60%を獲得する必要があります。
質問 # 54
Which Nmap switch helps evade IDS or firewalls?
- A. -n/-R
- B. -D
- C. -0N/-0X/-0G
- D. -T
正解:D
質問 # 55
E-mail scams and mail fraud are regulated by which of the following?
- A. 18 U.S.C. par. 1029 Fraud and Related activity in connection with Access Devices
- B. 18 U.S.C. par. 1030 Fraud and Related activity in connection with Computers
- C. 18 U.S.C. par. 2510 Wire and Electronic Communications Interception and Interception of Oral Communication
- D. 18 U.S.C. par. 1362 Communication Lines, Stations, or Systems
正解:B
質問 # 56
John is investigating web-application firewall logs and observers that someone is attempting to inject the following:
char buff[10];
buff[>o] - 'a':
What type of attack is this?
- A. CSRF
- B. XSS
- C. SQL injection
- D. Buffer overflow
正解:D
解説:
Explanation
Buffer overflow this attack is an anomaly that happens when software writing data to a buffer overflows the buffer's capacity, leading to adjacent memory locations being overwritten. In other words, an excessive amount of information is being passed into a container that doesn't have enough space, which information finishes up replacing data in adjacent containers.Buffer overflows are often exploited by attackers with a goal of modifying a computer's memory so as to undermine or take hold of program execution.
What's a buffer?A buffer, or data buffer, is a neighborhood of physical memory storage wont to temporarily store data while it's being moved from one place to a different . These buffers typically sleep in RAM memory. Computers frequently use buffers to assist improve performance; latest hard drives cash in of buffering to efficiently access data, and lots of online services also use buffers. for instance , buffers are frequently utilized in online video streaming to stop interruption. When a video is streamed, the video player downloads and stores perhaps 20% of the video at a time during a buffer then streams from that buffer. This way, minor drops in connection speed or quick service disruptions won't affect the video stream performance.Buffers are designed to contain specific amounts of knowledge . Unless the program utilizing the buffer has built-in instructions to discard data when an excessive amount of is shipped to the buffer, the program will overwrite data in memory adjacent to the buffer.Buffer overflows are often exploited by attackers to corrupt software. Despite being well-understood, buffer overflow attacks are still a serious security problem that torment cyber-security teams. In 2014 a threat referred to as 'heartbleed' exposed many many users to attack due to a buffer overflow vulnerability in SSL software.
How do attackers exploit buffer overflows?An attacker can deliberately feed a carefully crafted input into a program which will cause the program to undertake and store that input during a buffer that isn't large enough, overwriting portions of memory connected to the buffer space. If the memory layout of the program is well-defined, the attacker can deliberately overwrite areas known to contain executable code. The attacker can then replace this code together with his own executable code, which may drastically change how the program is meant to figure .For example if the overwritten part in memory contains a pointer (an object that points to a different place in memory) the attacker's code could replace that code with another pointer that points to an exploit payload. this will transfer control of the entire program over to theattacker's code.
質問 # 57
You have been authorized to perform a penetration test against a website. You want to use Google dorks to footprint the site but only want results that show file extensions. What Google dork operator would you use?
- A. inurl
- B. site
- C. filetype
- D. ext
正解:C
解説:
Restrict results to those of a certain filetype. E.g., PDF, DOCX, TXT, PPT, etc. Note: The "ext:" operator can also be used-the results are identical.
Example: apple filetype:pdf / apple ext:pdf
質問 # 58
Kevin, a professional hacker, wants to penetrate CyberTech Inc.'s network. He employed a technique, using which he encoded packets with Unicode characters. The company's IDS cannot recognize the packet, but the target web server can decode them.
What is the technique used by Kevin to evade the IDS system?
- A. Desynchronization
- B. Urgency flag
- C. Obfuscating
- D. Session splicing
正解:C
解説:
Explanation
Adversaries could decide to build an possible or file difficult to find or analyze by encrypting, encoding, or otherwise obfuscating its contents on the system or in transit. this is often common behavior which will be used across totally different platforms and therefore the network to evade defenses.
Payloads may be compressed, archived, or encrypted so as to avoid detection. These payloads may be used throughout Initial Access or later to mitigate detection. typically a user's action could also be needed to open and Deobfuscate/Decode Files or info for User Execution. The user can also be needed to input a parole to open a parole protected compressed/encrypted file that was provided by the mortal. Adversaries can also used compressed or archived scripts, like JavaScript.
Portions of files can even be encoded to cover the plain-text strings that will otherwise facilitate defenders with discovery. Payloads can also be split into separate, ostensibly benign files that solely reveal malicious practicality once reassembled.
Adversaries can also modify commands dead from payloads or directly via a Command and Scripting Interpreter. surroundings variables, aliases, characters, and different platform/language specific linguistics may be wont to evade signature based mostly detections and application management mechanisms.
質問 # 59
SQL injection (SOU) attacks attempt to inject SOL syntax into web requests, which may Bypass authentication and allow attackers to access and/or modify data attached to a web application.
Which of the following SQLI types leverages a database server's ability to make DNS requests to pass data to an attacker?
- A. Time-based blind SQLI
- B. ln-band SQLI
- C. Out-of-band SQLI
- D. Union-based SQLI
正解:D
質問 # 60
Sam is a penetration tester hired by Inception Tech, a security organization. He was asked to perform port scanning on a target host in the network. While performing the given task, Sam sends FIN/ACK probes and determines that an RST packet is sent in response by the target host, indicating that the port is closed.
What is the port scanning technique used by Sam to discover open ports?
- A. Xmas scan
- B. TCP Maimon scan
- C. ACK flag probe scan
- D. IDLE/IPID header scan
正解:C
質問 # 61
Harper, a software engineer, is developing an email application. To ensure the confidentiality of email messages. Harper uses a symmetric-key block cipher having a classical 12- or 16-round Feistel network with a block size of 64 bits for encryption, which includes large 8 x 32-bit S-boxes (S1, S2, S3, S4) based on bent functions, modular addition and subtraction, key-dependent rotation, and XOR operations. This cipher also uses a masking key(Km1)and a rotation key (Kr1) for performing its functions. What is the algorithm employed by Harper to secure the email messages?
- A. DES
- B. AES
- C. GOST block cipher
- D. CAST-128
正解:D
質問 # 62
A Security Engineer at a medium-sized accounting firm has been tasked with discovering how much information can be obtained from the firm's public facing web servers. The engineer decides to start by using netcat to port 80.
The engineer receives this output:
HTTP/1.1 200 OK
Server: Microsoft-IIS/6
Expires: Tue, 17 Jan 2011 01:41:33 GMT
Date: Mon, 16 Jan 2011 01:41:33 GMT
Content-Type: text/html
Accept-Ranges: bytes
Last Modified: Wed, 28 Dec 2010 15:32:21 GMT
ETag:"b0aac0542e25c31:89d"
Content-Length: 7369
Which of the following is an example of what the engineer performed?
- A. Banner grabbing
- B. Cross-site scripting
- C. Whois database query
- D. SQL injection
正解:A
質問 # 63
What is the most common method to exploit the "Bash Bug" or "Shellshock" vulnerability?
- A. Manipulate format strings in text fields
- B. SYN Flood
- C. SSH
- D. Through Web servers utilizing CGI (Common Gateway Interface) to send a malformed environment variable to a vulnerable Web server
正解:D
質問 # 64
Which of the following scanning method splits the TCP header into several packets and makes it difficult for packet filters to detect the purpose of the packet?
- A. SYN/FIN scanning using IP fragments
- B. ICMP Echo scanning
- C. IPID scanning
- D. ACK flag probe scanning
正解:A
質問 # 65
Calvin, a software developer, uses a feature that helps him auto-generate the content of a web page without manual involvement and is integrated with SSI directives. This leads to a vulnerability in the developed web application as this feature accepts remote user inputs and uses them on the page. Hackers can exploit this feature and pass malicious SSI directives as input values to perform malicious activities such as modifying and erasing server files. What is the type of injection attack Calvin's web application is susceptible to?
- A. Server-side template injection
- B. Server-side JS injection
- C. CRLF injection
- D. Server-side includes injection
正解:D
質問 # 66
Juliet, a security researcher in an organization, was tasked with checking for the authenticity of images to be used in the organization's magazines. She used these images as a search query and tracked the original source and details of the images, which included photographs, profile pictures, and memes. Which of the following footprinting techniques did Rachel use to finish her task?
- A. Meta search engines
- B. Google advanced search
- C. Advanced image search
- D. Reverse image search
正解:C
質問 # 67
What is the file that determines the basic configuration (specifically activities, services, broadcast receivers, etc.) in an Android application?
- A. classes.dex
- B. AndroidManifest.xml
- C. APK.info
- D. resources.asrc
正解:B
質問 # 68
John, a disgruntled ex-employee of an organization, contacted a professional hacker to exploit the organization. In the attack process, the professional hacker Installed a scanner on a machine belonging to one of the vktims and scanned several machines on the same network to Identify vulnerabilities to perform further exploitation. What is the type of vulnerability assessment tool employed by John in the above scenario?
- A. Agent-based scanner
- B. Cluster scanner
- C. Network-based scanner
- D. Proxy scanner
正解:A
解説:
Knowing when to include agents into your vulnerability management processes isn't an easy decision. Below are common use cases for agent-based vulnerability scanning to assist you build out your combined scanning strategy.
Intermittent or Irregular Connectivity: Vulnerability management teams are now tasked with scanning devices that access the company network remotely using public or home-based Wi-Fi connections. These connections are often unreliable and intermittent leading to missed network-based scans. Fortunately, the scanning frequency of agents doesn't require a network connection. The agent detects when the device is back online, sending scan data when it's ready to communicate with the VM platform.
Connecting Non-Corporate Devices to Corporate Networks:With the increased use of private devices, company networks are more exposed to malware and infections thanks to limited IT and security teams' control and visibility. Agent-based scanning gives security teams insight into weaknesses on non-corporate endpoints, keeping them informed about professional hacker is potential attack vectors in order that they can take appropriate action.
Endpoints Residing Outside of Company Networks: Whether company-issued or BYOD, remote assets frequently hook up with the web outside of traditional network bounds. An agent that resides on remote endpoints conducts regular, authenticated scans checking out system changes and unpatched software. The results are then sent back to the VM platform and combined with other scan results for review, prioritization, and mitigation planning.
質問 # 69
What is the least important information when you analyze a public IP address in a security alert?
- A. Geolocation
- B. DNS
- C. ARP
- D. Whois
正解:C
質問 # 70
The configuration allows a wired or wireless network interface controller to pass all traffic it receives to the Central Processing Unit (CPU), rather than passing only the frames that the controller is intended to receive. Which of the following is being described?
- A. Promiscuous mode
- B. Port forwarding
- C. Multi-cast mode
- D. WEM
正解:A
質問 # 71
There have been concerns in your network that the wireless network component is not sufficiently secure. You perform a vulnerability scan of the wireless network and find that it is using an old encryption protocol that was designed to mimic wired encryption, what encryption protocol is being used?
- A. WEP
- B. WPA
- C. WPA3
- D. RADIUS
正解:A
解説:
Explanation
Wired Equivalent Privacy (WEP) may be a security protocol, laid out in the IEEE wireless local area network (Wi-Fi) standard, 802.11b, that's designed to supply a wireless local area network (WLAN) with A level of security and privacy like what's usually expected of a wired LAN. A wired local area network (LAN) is usually protected by physical security mechanisms (controlled access to a building, for example) that are effective for a controlled physical environment, but could also be ineffective for WLANs because radio waves aren't necessarily bound by the walls containing the network. WEP seeks to determine similar protection thereto offered by the wired network's physical security measures by encrypting data transmitted over the WLAN. encoding protects the vulnerable wireless link between clients and access points; once this measure has been taken, other typical LAN security mechanisms like password protection, end-to-end encryption, virtual private networks (VPNs), and authentication are often put in situ to make sure privacy.A research group from the University of California at Berkeley recently published a report citing "major security flaws" in WEP that left WLANs using the protocol susceptible to attacks (called wireless equivalent privacy attacks).
within the course of the group's examination of the technology, they were ready to intercept and modify transmissions and gain access to restricted networks. The Wireless Ethernet Compatibility Alliance (WECA) claims that WEP - which is included in many networking products - was never intended to be the only security mechanism for a WLAN, and that, in conjunction with traditional security practices, it's very effective.
質問 # 72
Which type of malware spreads from one system to another or from one network to another and causes similar types of damage as viruses do to the infected system?
- A. Trojan
- B. Worm
- C. Adware
- D. Rootkit
正解:B
質問 # 73
#!/usr/bin/python import socket buffer=[""A""] counter=50 while len(buffer)<=100: buffer.append (""A""*counter) counter=counter+50 commands= [""HELP"",""STATS ."",""RTIME ."",""LTIME. "",""SRUN ."',""TRUN
."",""GMON
."",""GDOG ."",""KSTET .",""GTER ."",""HTER ."", ""LTER .",""KSTAN .""] for command in commands: for buffstring in buffer: print ""Exploiting"" +command +"":""+str(len(buffstring)) s=socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect(('127.0.0.1', 9999)) s.recv(50) s.send(command+buffstring) s.close() What is the code written for?
- A. Bruteforce
- B. Buffer Overflow
- C. Encryption
- D. Denial-of-service (DOS)
正解:B
質問 # 74
Bella, a security professional working at an it firm, finds that a security breach has occurred while transferring important files. Sensitive data, employee usernames. and passwords are shared In plaintext, paving the way for hackers 10 perform successful session hijacking. To address this situation. Bella Implemented a protocol that sends data using encryption and digital certificates. Which of the following protocols Is used by Bella?
- A. HTTPS
- B. FTPS
- C. IP
- D. FTP
正解:B
解説:
Explanation
The File Transfer Protocol (FTP) is a standard organization convention utilized for the exchange of PC records from a worker to a customer on a PC organization. FTP is based on a customer worker model engineering utilizing separate control and information associations between the customer and the server.[1] FTP clients may validate themselves with an unmistakable book sign-in convention, ordinarily as a username and secret key, however can interface namelessly if the worker is designed to permit it. For secure transmission that ensures the username and secret phrase, and scrambles the substance, FTP is frequently made sure about with SSL/TLS (FTPS) or supplanted with SSH File Transfer Protocol (SFTP).
The primary FTP customer applications were order line programs created prior to working frameworks had graphical UIs, are as yet dispatched with most Windows, Unix, and Linux working systems.[2][3] Many FTP customers and mechanization utilities have since been created for working areas, workers, cell phones, and equipment, and FTP has been fused into profitability applications, for example, HTML editors.
質問 # 75
......
CEH V11試験の準備をするには、候補者は最新の倫理的ハッキング技術、ツール、および方法論を強く理解する必要があります。また、ネットワーキングの概念、オペレーティングシステム、およびプログラミング言語をよく理解する必要があります。候補者は、オンラインコースを受講したり、トレーニングプログラムに参加したり、学習資料と練習試験を使用して自分で勉強したりすることにより、CEH V11試験の準備をすることができます。
無料でゲット!高評価EC-COUNCIL 312-50v11試験問題集を今すぐダウンロード!:https://jp.fast2test.com/312-50v11-premium-file.html
あなたを合格させる312-50v11無料最新問題集でEC-COUNCIL練習テストしよう:https://drive.google.com/open?id=1dxJiUakNv0VegSB0AW2sR9WAe70DxHyc