EC-Council 312-50v11 시험

Question No : 1

To invisibly maintain access to a machine, an attacker utilizes a toolkit that sits undetected In the core components of the operating system .
What is this type of rootkit an example of?

• A.Mypervisor rootkit
• B.Kernel toolkit
• C.Hardware rootkit
• D.Firmware rootkit

답을 확인하기

정답:
Explanation:
Kernel-mode rootkits run with the best operating system privileges (Ring 0) by adding code or replacement parts of the core operating system, as well as each the kernel and associated device drivers. Most operative systems support kernel-mode device drivers, that execute with a similar privileges because the software itself. As such, several kernel-mode rootkits square measure developed as device drivers or loadable modules,
like loadable kernel modules in Linux or device drivers in Microsoft Windows. This category of rootkit has unrestricted security access, however is tougher to jot down. The quality makes bugs common, and any bugs in code operative at the kernel level could seriously impact system stability, resulting in discovery of the rootkit. one amongst the primary wide familiar kernel rootkits was developed for Windows NT four.0 and discharged in Phrack magazine in 1999 by Greg Hoglund. Kernel rootkits is particularly tough to observe and take away as a result of they operate at a similar security level because the software itself, and square measure therefore able to intercept or subvert the foremost sure software operations. Any package, like antivirus package, running on the compromised system is equally vulnerable. during this scenario, no a part of the system is sure.

Question No : 2

What is a NULL scan?

• A.A scan in which all flags are turned off
• B.A scan in which certain flags are off
• C.A scan in which all flags are on
• D.A scan in which the packet size is set to zero
• E.A scan with an illegal packet size

답을 확인하기

정답:

Question No : 3

You went to great lengths to install all the necessary technologies to prevent hacking attacks, such as expensive firewalls, antivirus software, anti-spam systems and intrusion detection/prevention tools in your company's network. You have configured the most secure policies and tightened every device on your network. You are confident that hackers will never be able to gain access to your network with complex security system in place.
Your peer, Peter Smith who works at the same department disagrees with you.
He says even the best network security technologies cannot prevent hackers gaining access to the network because of presence of "weakest link" in the security chain.
What is Peter Smith talking about?

• A.Untrained staff or ignorant computer users who inadvertently become the weakest link in your security chain
• B."zero-day" exploits are the weakest link in the security chain since the IDS will not be able to detect these attacks
• C."Polymorphic viruses" are the weakest link in the security chain since the Anti-Virus scanners will not be able to detect these attacks
• D.Continuous Spam e-mails cannot be blocked by your security system since spammers use different techniques to bypass the filters in your gateway

답을 확인하기

정답:

Question No : 4

A large mobile telephony and data network operator has a data center that houses network elements. These are essentially large computers running on Linux. The perimeter of the data center is secured with firewalls and IPS systems.
What is the best security policy concerning this setup?

• A.Network elements must be hardened with user ids and strong passwords. Regular security tests and audits should be performed.
• B.As long as the physical access to the network elements is restricted, there is no need for additional measures.
• C.There is no need for specific security measures on the network elements as long as firewalls and IPS systems exist.
• D.The operator knows that attacks and down time are inevitable and should have a backup site.

답을 확인하기

정답:

Question No : 5

A penetration tester is conducting a port scan on a specific host. The tester found several ports opened that were confusing in concluding the Operating System (OS) version installed.
Considering that NMAP result below, which of the following is likely to be installed on the target machine by the OS?
Starting NMAP 5.21 at 2011-03-15 11:06 NMAP scan report for 172.16.40.65 Host is up (1.00s latency). Not shown: 993 closed ports PORT STATE SERVICE 21/tcp open ftp 23/tcp open telnet 80/tcp open http 139/tcp open netbios-ssn 515/tcp open 631/tcp open ipp 9100/tcp open MAC Address: 00:00:48:0D:EE:8

• A.The host is likely a Linux machine.
• B.The host is likely a printer.
• C.The host is likely a router.
• D.The host is likely a Windows machine.

답을 확인하기

정답:

Question No : 6

What is not a PCI compliance recommendation?

• A.Use a firewall between the public network and the payment card data.
• B.Use encryption to protect all transmission of card holder data over any public network.
• C.Rotate employees handling credit card transactions on a yearly basis to different departments.
• D.Limit access to card holder data to as few individuals as possible.

답을 확인하기

정답:

Question No : 7

What is one of the advantages of using both symmetric and asymmetric cryptography in SSL/TLS?

• A.Symmetric algorithms such as AES provide a failsafe when asymmetric methods fail.
• B.Asymmetric cryptography is computationally expensive in comparison. However, it is well-suited to securely negotiate keys for use with symmetric cryptography.
• C.Symmetric encryption allows the server to securely transmit the session keys out-of-band.
• D.Supporting both types of algorithms allows less-powerful devices such as mobile phones to use symmetric encryption instead.

답을 확인하기

정답:

Question No : 8

Tremp is an IT Security Manager, and he is planning to deploy an IDS in his small company.
He is looking for an IDS with the following characteristics:
- Verifies success or failure of an attack
- Monitors system activities Detects attacks that a network-based IDS fails to detect
- Near real-time detection and response
- Does not require additional hardware
- Lower entry cost Which type of IDS is best suited for Tremp's requirements?

• A.Gateway-based IDS
• B.Network-based IDS
• C.Host-based IDS
• D.Open source-based

답을 확인하기

정답:

Question No : 9

The Payment Card Industry Data Security Standard (PCI DSS) contains six different categories of control objectives. Each objective contains one or more requirements, which must be followed in order to achieve compliance .
Which of the following requirements would best fit under the objective, "Implement strong access control measures"?

• A.Regularly test security systems and processes.
• B.Encrypt transmission of cardholder data across open, public networks.
• C.Assign a unique ID to each person with computer access.
• D.Use and regularly update anti-virus software on all systems commonly affected by malware.

답을 확인하기

정답:

Question No : 10

You have successfully logged on a Linux system. You want to now cover your trade Your login attempt may be logged on several files located in /var/log .
Which file does NOT belongs to the list:

• A.user.log
• B.auth.fesg
• C.wtmp
• D.btmp

답을 확인하기

정답:

Question No : 11

Internet Protocol Security IPsec is actually a suite pf protocols. Each protocol within the suite provides different functionality. Collective IPsec does everything except.

• A.Protect the payload and the headers
• B.Encrypt
• C.Work at the Data Link Layer
• D.Authenticate

답을 확인하기

정답:

Question No : 12

When purchasing a biometric system, one of the considerations that should be reviewed is the processing speed .
Which of the following best describes what it is meant by processing?

• A.The amount of time and resources that are necessary to maintain a biometric system
• B.How long it takes to setup individual user accounts
• C.The amount of time it takes to be either accepted or rejected from when an individual provides identification and authentication information
• D.The amount of time it takes to convert biometric data into a template on a smart card

답을 확인하기

정답:

Question No : 13

Larry, a security professional in an organization, has noticed some abnormalities In the user accounts on a web server. To thwart evolving attacks, he decided to harden the security of the web server by adopting a countermeasures to secure the accounts on the web server.
Which of the following countermeasures must Larry implement to secure the user accounts on the web server?

• A.Enable unused default user accounts created during the installation of an OS
• B.Enable all non-interactive accounts that should exist but do not require interactive login
• C.Limit the administrator or toot-level access to the minimum number of users
• D.Retain all unused modules and application extensions

답을 확인하기

정답:

Question No : 14

George is a security professional working for iTech Solutions. He was tasked with securely transferring sensitive data of the organization between industrial systems. In this process, he used a short-range communication protocol based on the IEEE 203.15.4 standard. This protocol is used in devices that transfer data infrequently at a low rate in a restricted area, within a range of 10-100 m .
What is the short-range wireless communication technology George employed in the above scenario?

• A.MQTT
• B.LPWAN
• C.Zigbee
• D.NB-IoT

답을 확인하기

정답:
Explanation:
Zigbee could be a wireless technology developed as associate open international normal to deal with the unique desires of affordable, low-power wireless IoT networks. The Zigbee normal operates on the IEEE 802.15.4 physical radio specification and operates in unauthorised bands as well as a pair of.4 GHz, 900 MHz and 868 MHz.
The 802.15.4 specification upon that the Zigbee stack operates gained confirmation by the Institute of Electrical and physical science Engineers (IEEE) in 2003. The specification could be a packet-based radio protocol supposed for affordable, battery-operated devices. The protocol permits devices to speak in an exceedingly kind of network topologies and may have battery life lasting many years.
The Zigbee three.0 Protocol
The Zigbee protocol has been created and ratified by member corporations of the Zigbee Alliance. Over three hundred leading semiconductor makers, technology corporations, OEMs and repair corporations comprise the Zigbee Alliance membership. The Zigbee protocol was designed to supply associate easy-to-use wireless information answer characterised by secure, reliable wireless network architectures.
THE ZIGBEE ADVANTAGE
The Zigbee 3.0 protocol is intended to speak information through rip-roaring RF environments that area unit common in business and industrial applications. Version 3.0 builds on the prevailing Zigbee normal however unifies the market-specific application profiles to permit all devices to be wirelessly connected within the same network, no matter their market designation and performance. what is more, a Zigbee 3.0 certification theme ensures the ability of product from completely different makers. Connecting Zigbee three.0 networks to the information science domain unveil observance and management from devices like smartphones and tablets on a local area network or WAN, as well as the web, and brings verity net of Things to fruition.
Zigbee protocol options include:
✑ Support for multiple network topologies like point-to-point, point-to-multipoint and mesh networks
✑ Low duty cycle C provides long battery life
✑ Low latency
✑ Direct Sequence unfold Spectrum (DSSS)
✑ Up to 65,000 nodes per network
✑ 128-bit AES encryption for secure information connections
✑ Collision avoidance, retries and acknowledgements

Question No : 15

Which of the following statements is TRUE?

• A.Packet Sniffers operate on the Layer 1 of the OSI model.
• B.Packet Sniffers operate on Layer 2 of the OSI model.
• C.Packet Sniffers operate on both Layer 2 & Layer 3 of the OSI model.
• D.Packet Sniffers operate on Layer 3 of the OSI model.

답을 확인하기

정답: