919 お客様のコメント
質問 1:
When working with Windows systems, what is the RID of the true administrator account?
A. 500
B. 1024
C. 1000
D. 1001
E. 501
F. 512
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
What is the following command used for?
net use \targetipc$ "" /u:""
A. Connecting to a Linux computer through Samba.
B. Grabbing the etc/passwd file
C. Grabbing the SAM
D. Enumeration of Cisco routers
E. This command is used to connect as a null session
正解:E
解説: (Pass4Test メンバーにのみ表示されます)
質問 3:
What are the default passwords used by SNMP?(Choose two.)
A. Administrator
B. Public
C. Password
D. Blank
E. SA
F. Private
正解:B,F
解説: (Pass4Test メンバーにのみ表示されます)
質問 4:
What are two things that are possible when scanning UDP ports? (Choose two.
A. An ICMP message will be returned
B. A reset will be returned
C. Nothing
D. The four-way handshake will not be completed
E. An RFC 1294 message will be returned
正解:A,C
解説: (Pass4Test メンバーにのみ表示されます)
質問 5:
Which of the following statements best describes the term Vulnerability?
A. An action or event that might prejudice security
B. An agent that has the potential to take advantage of a weakness
C. A weakness or error that can lead to a compromise
D. The loss potential of a threat.
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 6:
You ping a target IP to check if the host is up. You do not get a response. You suspect ICMP is blocked at the firewall. Next you use hping2 tool to ping the target host and you get a response. Why does the host respond to hping2 and not ping packet?
[ceh]# ping 10.2.3.4
PING 10.2.3.4 (10.2.3.4) from 10.2.3.80 : 56(84) bytes of data.
--- 10.2.3.4 ping statistics ---
3 packets transmitted, 0 packets received, 100% packet loss
[ceh]# ./hping2 -c 4 -n -i 2 10.2.3.4
HPING 10.2.3.4 (eth0 10.2.3.4): NO FLAGS are set, 40 headers +
0 data bytes
len=46 ip=10.2.3.4 flags=RA seq=0 ttl=128 id=54167 win=0 rtt=0.8 ms
len=46 ip=10.2.3.4 flags=RA seq=1 ttl=128 id=54935 win=0 rtt=0.7 ms
len=46 ip=10.2.3.4 flags=RA seq=2 ttl=128 id=55447 win=0 rtt=0.7 ms
len=46 ip=10.2.3.4 flags=RA seq=3 ttl=128 id=55959 win=0 rtt=0.7 ms
--- 10.2.3.4 hping statistic ---
4 packets tramitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 0.7/0.8/0.8 ms
A. hping2 uses stealth TCP packets to connect
B. hping2 uses TCP instead of ICMP by default
C. ping packets cannot bypass firewalls
D. you must use ping 10.2.3.4 switch
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 7:
Why would you consider sending an email to an address that you know does not exist within the company you are performing a Penetration Test for?
A. To perform a DoS
B. To test for virus protection
C. To create needless SPAM
D. To determine who is the holder of the root account
E. To illicit a response back that will reveal information about email servers and how they treat undeliverable mail
正解:E
解説: (Pass4Test メンバーにのみ表示されます)
質問 8:
How does a denial-of-service attack work?
A. A hacker prevents a legitimate user (or group of users) from accessing a service
B. A hacker uses every character, word, or letter he or she can think of to defeat authentication
C. A hacker attempts to imitate a legitimate user by confusing a computer or even another person
D. A hacker tries to decipher a password by using a system, which subsequently crashes the network
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
When working with Windows systems, what is the RID of the true administrator account?
A. 500
B. 1024
C. 1000
D. 1001
E. 501
F. 512
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
What is the following command used for?
net use \targetipc$ "" /u:""
A. Connecting to a Linux computer through Samba.
B. Grabbing the etc/passwd file
C. Grabbing the SAM
D. Enumeration of Cisco routers
E. This command is used to connect as a null session
正解:E
解説: (Pass4Test メンバーにのみ表示されます)
質問 3:
What are the default passwords used by SNMP?(Choose two.)
A. Administrator
B. Public
C. Password
D. Blank
E. SA
F. Private
正解:B,F
解説: (Pass4Test メンバーにのみ表示されます)
質問 4:
What are two things that are possible when scanning UDP ports? (Choose two.
A. An ICMP message will be returned
B. A reset will be returned
C. Nothing
D. The four-way handshake will not be completed
E. An RFC 1294 message will be returned
正解:A,C
解説: (Pass4Test メンバーにのみ表示されます)
質問 5:
Which of the following statements best describes the term Vulnerability?
A. An action or event that might prejudice security
B. An agent that has the potential to take advantage of a weakness
C. A weakness or error that can lead to a compromise
D. The loss potential of a threat.
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 6:
You ping a target IP to check if the host is up. You do not get a response. You suspect ICMP is blocked at the firewall. Next you use hping2 tool to ping the target host and you get a response. Why does the host respond to hping2 and not ping packet?
[ceh]# ping 10.2.3.4
PING 10.2.3.4 (10.2.3.4) from 10.2.3.80 : 56(84) bytes of data.
--- 10.2.3.4 ping statistics ---
3 packets transmitted, 0 packets received, 100% packet loss
[ceh]# ./hping2 -c 4 -n -i 2 10.2.3.4
HPING 10.2.3.4 (eth0 10.2.3.4): NO FLAGS are set, 40 headers +
0 data bytes
len=46 ip=10.2.3.4 flags=RA seq=0 ttl=128 id=54167 win=0 rtt=0.8 ms
len=46 ip=10.2.3.4 flags=RA seq=1 ttl=128 id=54935 win=0 rtt=0.7 ms
len=46 ip=10.2.3.4 flags=RA seq=2 ttl=128 id=55447 win=0 rtt=0.7 ms
len=46 ip=10.2.3.4 flags=RA seq=3 ttl=128 id=55959 win=0 rtt=0.7 ms
--- 10.2.3.4 hping statistic ---
4 packets tramitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 0.7/0.8/0.8 ms
A. hping2 uses stealth TCP packets to connect
B. hping2 uses TCP instead of ICMP by default
C. ping packets cannot bypass firewalls
D. you must use ping 10.2.3.4 switch
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 7:
Why would you consider sending an email to an address that you know does not exist within the company you are performing a Penetration Test for?
A. To perform a DoS
B. To test for virus protection
C. To create needless SPAM
D. To determine who is the holder of the root account
E. To illicit a response back that will reveal information about email servers and how they treat undeliverable mail
正解:E
解説: (Pass4Test メンバーにのみ表示されます)
質問 8:
How does a denial-of-service attack work?
A. A hacker prevents a legitimate user (or group of users) from accessing a service
B. A hacker uses every character, word, or letter he or she can think of to defeat authentication
C. A hacker attempts to imitate a legitimate user by confusing a computer or even another person
D. A hacker tries to decipher a password by using a system, which subsequently crashes the network
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
推定** -
今時のアプリを利用した過去問演習にも対応。きっちりとまとまっていてわかりやすかったです。