919 お客様のコメント
質問 1:
Adam is an incident handler who intends to use DBCC LOG command to analyze a database and retrieve the active transaction log files for the specified database. The syntax of DBCC LOG command is DBCC LOG(, ), where the output parameter specifies the level of information an incident handler wants to retrieve. If Adam wants to retrieve the full information on each operation along with the hex dump of a current transaction row, which of the following output parameters should Adam use?
A. 4
B. 1
C. 3
D. 2
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
Eric works as a system administrator in ABC organization. He granted privileged users with unlimited permissions to access the systems. These privileged users can misuse their rights unintentionally or maliciously or attackers can trick them to perform malicious activities.
Which of the following guidelines helps incident handlers to eradicate insider attacks by privileged users?
A. Do not allow administrators to use unique accounts during the installation process
B. Do not control the access to administrators and privileged users
C. Do not enable the default administrative accounts to ensure accountability
D. Do not use encryption methods to prevent administrators and privileged users from accessing backup tapes and sensitive information
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 3:
Racheal is an incident handler working in InceptionTech organization. Recently, numerous employees are complaining about receiving emails from unknown senders. In order to prevent employees against spoofing emails and keeping security in mind, Racheal was asked to take appropriate actions in this matter. As a part of her assignment, she needs to analyze the email headers to check the authenticity of received emails.
Which of the following protocol/authentication standards she must check in email header to analyze the email authenticity?
A. POP
B. ARP
C. SNMP
D. DKIM
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 4:
Which of the following are malicious software programs that infect computers and corrupt or deletethe data on them?
A. Trojans
B. Spyware
C. Worms
D. Virus
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 5:
Your manager hands you several items of digital evidence and asks you to investigate them in the order of volatility. Which of the following is the MOST volatile?
A. Disk
B. Cache
C. Temp files
D. Emails
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 6:
Elizabeth, who works for OBC organization as an incident responder, is assessing the risks to the organizational security. As part of the assessment process, she is calculating the probability of a threat source exploiting an existing system vulnerability. Which of the following risk assessment steps is Elizabeth currently in?
A. System characterization
B. Likelihood analysis
C. Vulnerability identification
D. Impact analysis
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 7:
Smith employs various malware detection techniques to thoroughly examine the network and its systems for suspicious and malicious malware files. Among all techniques, which one involves analyzing the memory dumps or binary codes for the traces of malware?
A. Intrusion analysis
B. Static analysis
C. Live system
D. Dynamic analysis
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 8:
You are a systems administrator for a company. You are accessing your file server remotely for maintenance.
Suddenly, you are unable to access the server. After contacting others in your department, you find out that they cannot access the file server either. You can ping the file serverbut not connect to it via RDP. You check the Active Directory Server, and all is well. You check the email server and find that emails are sent and received normally. What is the most likely issue?
A. An admin account issue
B. An e-mail service issue
C. A denial-of-service issue
D. The file server has shut down
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 9:
John is performing memory dump analysis in order to find out the traces of malware.
He has employed volatility tool in order to achieve his objective.
Which of the following volatility framework commands he will use in order to analyze running process from the memory dump?
A. python vol.py hivelist --profile=Win2008SP1x86 -f /root/Desktop/memdump.mem
B. python vol.py imageinfo -f /root/Desktop/memdump.mem
C. python vol.py pslist --profile=Win2008SP1x86 -f /root/Desktop/memdump.mem
D. python vol.py svcscan --profile=Win2008SP1x86 -f /root/Desktop/memdump.mem | more
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
Adam is an incident handler who intends to use DBCC LOG command to analyze a database and retrieve the active transaction log files for the specified database. The syntax of DBCC LOG command is DBCC LOG(, ), where the output parameter specifies the level of information an incident handler wants to retrieve. If Adam wants to retrieve the full information on each operation along with the hex dump of a current transaction row, which of the following output parameters should Adam use?
A. 4
B. 1
C. 3
D. 2
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
Eric works as a system administrator in ABC organization. He granted privileged users with unlimited permissions to access the systems. These privileged users can misuse their rights unintentionally or maliciously or attackers can trick them to perform malicious activities.
Which of the following guidelines helps incident handlers to eradicate insider attacks by privileged users?
A. Do not allow administrators to use unique accounts during the installation process
B. Do not control the access to administrators and privileged users
C. Do not enable the default administrative accounts to ensure accountability
D. Do not use encryption methods to prevent administrators and privileged users from accessing backup tapes and sensitive information
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 3:
Racheal is an incident handler working in InceptionTech organization. Recently, numerous employees are complaining about receiving emails from unknown senders. In order to prevent employees against spoofing emails and keeping security in mind, Racheal was asked to take appropriate actions in this matter. As a part of her assignment, she needs to analyze the email headers to check the authenticity of received emails.
Which of the following protocol/authentication standards she must check in email header to analyze the email authenticity?
A. POP
B. ARP
C. SNMP
D. DKIM
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 4:
Which of the following are malicious software programs that infect computers and corrupt or deletethe data on them?
A. Trojans
B. Spyware
C. Worms
D. Virus
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 5:
Your manager hands you several items of digital evidence and asks you to investigate them in the order of volatility. Which of the following is the MOST volatile?
A. Disk
B. Cache
C. Temp files
D. Emails
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 6:
Elizabeth, who works for OBC organization as an incident responder, is assessing the risks to the organizational security. As part of the assessment process, she is calculating the probability of a threat source exploiting an existing system vulnerability. Which of the following risk assessment steps is Elizabeth currently in?
A. System characterization
B. Likelihood analysis
C. Vulnerability identification
D. Impact analysis
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 7:
Smith employs various malware detection techniques to thoroughly examine the network and its systems for suspicious and malicious malware files. Among all techniques, which one involves analyzing the memory dumps or binary codes for the traces of malware?
A. Intrusion analysis
B. Static analysis
C. Live system
D. Dynamic analysis
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 8:
You are a systems administrator for a company. You are accessing your file server remotely for maintenance.
Suddenly, you are unable to access the server. After contacting others in your department, you find out that they cannot access the file server either. You can ping the file serverbut not connect to it via RDP. You check the Active Directory Server, and all is well. You check the email server and find that emails are sent and received normally. What is the most likely issue?
A. An admin account issue
B. An e-mail service issue
C. A denial-of-service issue
D. The file server has shut down
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 9:
John is performing memory dump analysis in order to find out the traces of malware.
He has employed volatility tool in order to achieve his objective.
Which of the following volatility framework commands he will use in order to analyze running process from the memory dump?
A. python vol.py hivelist --profile=Win2008SP1x86 -f /root/Desktop/memdump.mem
B. python vol.py imageinfo -f /root/Desktop/memdump.mem
C. python vol.py pslist --profile=Win2008SP1x86 -f /root/Desktop/memdump.mem
D. python vol.py svcscan --profile=Win2008SP1x86 -f /root/Desktop/memdump.mem | more
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
Hamasaki -
ネットから調べさせて、Pass4Testという素晴らしいサイトに出会いました。とても素晴らしい内容となっております。