최신 312-50v9 무료덤프 - EC-COUNCIL Certified Ethical Hacker v9

문제1

Risk = Threats x Vulnerabilities is referred to as the:

A. Disaster recovery formula

B. Threat assessment

C. Risk equation

D. BIA equation

정답: C

문제2

A medium-sized healthcare IT business decides to implement a risk management strategy. Which of the following is NOT one of the five basic responses to risk?

A. Mitigate

B. Avoid

C. Delegate

D. Accept

정답: C

문제3

An incident investigator asks to receive a copy of the event from all firewalls, prosy servers, and Intrusion Detection Systems (IDS) on the network of an organization that has experienced a possible breach of security. When the investigator attempts to correlate the information in all of the logs the sequence of many of the logged events do not match up.
What is the most likely cause?

A. The attack altered or erased events from the logs.

B. The securitybreach was a false positive.

C. Proper chain of custody was not observed while collecting the logs.

D. The network devices are not all synchronized

정답: A

문제4

You are performing information gathering for an important penetration test. You have found pdf, doc, and images in your objective. You decide to extract metadata from these files and analyze it.
What tool will help you with the task?

A. Armitage

B. Dimitry

C. cdpsnarf

D. Metagoofil

정답: D

문제5

Which of the following security operations is used for determining the attack surface of an organization?

A. Reviewing the need for a security clearance for each employee

B. Using configuration management to determine when and where to apply security patches

C. Training employees on the security policy regarding social engineering

D. Running a network scan to detect network services in the corporate DMZ

정답: D

문제6

When you return to your desk after a lunch break, you notice a strange email in your inbox. The senders is someone you did business with recently but the subject line has strange characters in it.
What should you do?

A. Delete the email and pretend nothing happened.

B. Reply to the sender and ask them for more information about the message contents.

C. Forward the message to your company's security response team and permanently delete the message from your computer.

D. Forward the message to your supervisor andask for her opinion on how to handle the situation.

정답: C

문제7

What is the process of logging, recording, and resolving events that take place in an organization?

A. Metrics

B. Incident Management Process

C. Security Policy

D. Internal Procedure

정답: B

문제8

Which of these options is the most secure procedure for strong backup tapes?

A. On a different floor in the same building

B. In a cool dry environment

C. Inside the data center for faster retrieval in afireproof safe

D. In a climate controlled facility offsite

정답: D

문제9

During a blackbox pen test you attempt to pass IRC traffic over post 80/TCP from a compromised web enabled host. The traffic gets blocked; however outbound HTTP traffic is unimpeded.
What type of firewall is inspecting outbound traffic?

A. Application

B. Circuit

C. Packet Filtering

D. Stateful

정답: A

문제10

It isan entity or event with the potential to adversely impact a system through unauthorized access destruction disclosures denial of service or modification of data.
Which of the following terms best matches this definition?

A. Risk

B. Threat

C. Vulnerability

D. Attack

정답: B

최신 312-50v9 무료덤프 - EC-COUNCIL Certified Ethical Hacker v9

우리와 연락하기

유용한 링크

최신 업데이트