최신 312-50v9 무료덤프 - EC-COUNCIL Certified Ethical Hacker v9

문제1

Which of the following security operations is used for determining the attack surface of an organization?

A. Reviewing the need for a security clearance for each employee

B. Using configuration management to determine when and where to apply security patches

C. Training employees on the security policy regarding social engineering

D. Running a network scan to detect network services in the corporate DMZ

정답: D

문제2

During a security audit of IT processes, an IS auditor found that there was no documented security procedures. What should the IS auditor do?

A. Identify and evaluate existing practices.

B. Terminate the audit.

C. Conduct compliance testing

D. Create a procedures document

정답: A

문제3

Which of the followingis the least-likely physical characteristic to be used in biometric control that supports a large company?

A. Voice

B. Fingerprints

C. Iris patterns

D. Height and Weight

정답: D

문제4

Which regulationdefines security and privacy controls for Federal information systems and organizations?

A. HIPAA

B. EU Safe Harbor

C. NIST-800-53

D. PCI-DSS

정답: C

문제5

You are usingNMAP to resolve domain names into IP addresses for a ping sweep later. Which of the following commands looks for IP addresses?

A. >host -t a hackeddomain.com

B. >host -t soa hackeddomain.com

C. >host -t AXFR hackeddomain.com

D. >host -t ns hackeddomain.com

정답: A

문제6

A company's security states that all web browsers must automatically delete their HTTP browser cookies upon terminating. What sort of security breach is this policy attempting to mitigate?

A. Attempts by attackers to access passwords stored on the user's computer without the user's knowledge.

B. Attempts by attackers to access Web sites that trust the Web browser user by stealing the user's authentication credentials.

C. Attempts by attackers to determine the user's Web browser usage patterns, including when sites were visited and for how long.

D. Attempts by attacks to access the user and password information stores in the company's SQL database.

정답: B

문제7

You are performing information gathering for an important penetration test. You have found pdf, doc, and images in your objective. You decide to extract metadata from these files and analyze it.
What tool will help you with the task?

A. Armitage

B. Dimitry

C. cdpsnarf

D. Metagoofil

정답: D

문제8

What does a firewall check to prevent particularports and applications from getting packets into an organizations?

A. Presentation layer headers and the session layer port numbers

B. Transport layer port numbers and application layer headers

C. Network layer headers and the session layer port numbers

D. Application layer port numbers and the transport layer headers

정답: B

문제9

The chance of a hard drive failure is once every three years. The cost to buy a new hard drive is $300. It will require 10 hours to restore the OS and software to the new hard disk. It will require a further 4 hours to restore the database from the last backup to the new hard disk. The recovery person earns $10/hour. Calculate theSLE, ARO, and ALE. Assume the EF = 1 (100%).
What is the closest approximate cost of this replacement and recovery operation per year?

A. $100

B. $146

C. 1320

D. 440

정답: B

문제10

What is the benefit of performing an unannounced Penetration Testing?

A. The tester could not provide an honest analysis.

B. The tester will have an actual security posture visibility of thetarget network.

C. It is best to catch critical infrastructure unpatched.

D. Network security would be in a "best state" posture.

정답: B

최신 312-50v9 무료덤프 - EC-COUNCIL Certified Ethical Hacker v9

우리와 연락하기

유용한 링크

최신 업데이트