EC-COUNCIL ECSAv10 問題集

質問 1：
John, the penetration testing manager in a pen testing firm, needs to prepare a pen testing pricing report for a client. Which of the following factors does he need to consider while preparing the pen testing pricing report?

A. Number of servers available in the client organization
B. Number of client computers to be tested and resources required to perform a pen test
C. Number of employees in the client organization
D. Complete structure of the organization
正解：B

質問 2：
Identify the policy that defines the standards for the organizational network connectivity and security standards for computers that are connected in the organizational network.
A. Acceptable-Use Policy
B. Information-Protection Policy
C. Special-Access Policy
D. Remote-Access Policy
正解：D

質問 3：
DNS information records provide important data about:
A. Location and Type of Servers
B. New Customer
C. Phone and Fax Numbers
D. Agents Providing Service to Company Staff
正解：A

質問 4：
Which of the following policies states that the relevant application owner must authorize requests for additional access to specific business applications in writing to the IT Department/resource?
A. User Identification and Password Policy
B. User-Account Policy
C. Personal Computer Acceptable Use Policy
D. Special-Access Policy
正解：A

質問 5：
Identify the port numbers used by POP3 and POP3S protocols.
A. 113 and 981
B. 109 and 973
C. 111 and 982
D. 110 and 995
正解：D

質問 6：
Which one of the following architectures has the drawback of internally considering the hosted services individually?
A. Strong Screened-Subnet Architecture
B. "Inside Versus Outside" Architecture
C. "Three-Homed Firewall" DMZ Architecture
D. Weak Screened Subnet Architecture
正解：C