EC-COUNCIL 312-50v10 問題集

質問 1：
Which component of IPsec performs protocol-level functions that are required to encrypt and decrypt the packets?
A. IPsec driver
B. Oakley
C. Internet Key Exchange (IKE)
D. IPsec Policy Agent
正解：C

質問 2：
DHCP snooping is a great solution to prevent rogue DHCP servers on your network. Which security feature on switches leverages the DHCP snooping database to help prevent man-in-the-middle attacks?
A. Port security
B. Dynamic ARP inspection (DAI)
C. Spanning tree
D. A Layer 2 Attack Prevention Protocol (LAPP)
正解：B

質問 3：
The "black box testing" methodology enforces which kind of restriction?
A. The internal operation of a system is completely known to the tester.
B. Only the internal operation of a system is known to the tester.
C. The internal operation of a system is only partly accessible to the tester.
D. Only the external operation of a system is accessible to the tester.
正解：D
解説: (Topexam メンバーにのみ表示されます)

質問 4：
Bob is acknowledged as a hacker of repute and is popular among visitors of "underground" sites.
Bob is willing to share his knowledge with those who are willing to learn, and many have expressed their interest in learning from him. However, this knowledge has a risk associated with it, as it can be used for malevolent attacks as well.
In this context, what would be the most effective method to bridge the knowledge gap between the "black" hats or crackers and the "white" hats or computer security professionals? (Choose the test answer.)
A. Educate everyone with books, articles and training on risk analysis, vulnerabilities and safeguards.
B. Hire more computer security monitoring personnel to monitor computer systems and networks.
C. Train more National Guard and reservist in the art of computer security to help out in times of emergency or crises.
D. Make obtaining either a computer security certification or accreditation easier to achieve so more individuals feel that they are a part of something larger than life.
正解：A

質問 5：
A company's policy requires employees to perform file transfers using protocols which encrypt traffic. You suspect some employees are still performing file transfers using unencrypted protocols because the employees do not like changes. You have positioned a network sniffer to capture traffic from the laptops used by employees in the data ingest department. Using Wire shark to examine the captured traffic, which command can be used as a display filter to find unencrypted file transfers?
A. tcp.port = 23
B. tcp.port != 21
C. tcp.port ==21 || tcp.port ==22
D. tcp.port ==21
正解：C

質問 6：
Which of the following is an extremely common IDS evasion technique in the web world?
A. port knocking
B. spyware
C. unicode characters
D. subnetting
正解：C
解説: (Topexam メンバーにのみ表示されます)

質問 7：
Which of the following viruses tries to hide from anti-virus programs by actively altering and corrupting the chosen service call interruptions when they are being run?
A. Tunneling virus
B. Stealth virus
C. Polymorphic virus
D. Cavity virus
正解：B

質問 8：
In an internal security audit, the white hat hacker gains control over a user account and attempts to acquire access to another account's confidential files and information. How can he achieve this?
A. Port Scanning
B. Shoulder-Surfing
C. Hacking Active Directory
D. Privilege Escalation
正解：D