804 お客様のコメント
クリック」
質問 1:
David is a security professional working in an organization, and he is implementing a vulnerability management program in the organization to evaluate and control the risks and vulnerabilities in its IT infrastructure. He is currently executing the process of applying fixes on vulnerable systems to reduce the impact and severity of vulnerabilities. Which phase of the vulnerability-management life cycle is David currently in?
A. verification
B. Remediation
C. Vulnerability scan
D. Risk assessment
正解:B
質問 2:
Email is transmitted across the Internet using the Simple Mail Transport Protocol. SMTP does not encrypt email, leaving the information in the message vulnerable to being read by an unauthorized person. SMTP can upgrade a connection between two mail servers to use TLS. Email transmitted by SMTP over TLS is encrypted. What is the name of the command used by SMTP to transmit email over TLS?
A. OPPORTUNISTICTLS
B. STARTTLS
C. FORCETLS
D. UPGRADETLS
正解:B
質問 3:
Suppose your company has just passed a security risk assessment exercise. The results display that the risk of the breach in the main company application is 50%. Security staff has taken some measures and implemented the necessary controls. After that, another security risk assessment was performed showing that risk has decreased to 10%. The risk threshold for the application is 20%. Which of the following risk decisions will be the best for the project in terms of its successful continuation with the most business profit?
A. Introduce more controls to bring risk to 0%
B. Avoid the risk
C. Accept the risk
D. Mitigate the risk
正解:C
質問 4:
Ricardo has discovered the username for an application in his targets environment. As he has a limited amount of time, he decides to attempt to use a list of common passwords he found on the Internet. He compiles them into a list and then feeds that list as an argument into his password-cracking application, what type of attack is Ricardo performing?
A. Password spraying
B. Dictionary
C. Known plaintext
D. Brute force
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 5:
You have gained physical access to a Windows 2008 R2 server which has an accessible disc drive. When you attempt to boot the server and log in, you are unable to guess the password. In your toolkit, you have an Ubuntu 9.10 Linux LiveCD. Which Linux-based tool can change any user's password or activate disabled Windows accounts?
A. Cain & Abel
B. SET
C. John the Ripper
D. CHNTPW
正解:D
質問 6:
Steve, a scientist who works in a governmental security agency, developed a technological solution to identify people based on walking patterns and implemented this approach to a physical control access.
A camera captures people walking and identifies the individuals using Steve's approach.
After that, people must approximate their RFID badges. Both the identifications are required to open the door. In this case, we can say:
A. Although the approach has two phases, it actually implements just one authentication factor
B. The solution will have a high level of false positives
C. The solution implements the two authentication factors: physical object and physical characteristic
D. Biological motion cannot be used to identify people
正解:C
質問 7:
jane invites her friends Alice and John over for a LAN party. Alice and John access Jane's wireless network without a password. However. Jane has a long, complex password on her router. What attack has likely occurred?
A. Wireless sniffing
B. Evil twin
C. Wardriving
D. Piggybacking
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
David is a security professional working in an organization, and he is implementing a vulnerability management program in the organization to evaluate and control the risks and vulnerabilities in its IT infrastructure. He is currently executing the process of applying fixes on vulnerable systems to reduce the impact and severity of vulnerabilities. Which phase of the vulnerability-management life cycle is David currently in?
A. verification
B. Remediation
C. Vulnerability scan
D. Risk assessment
正解:B
質問 2:
Email is transmitted across the Internet using the Simple Mail Transport Protocol. SMTP does not encrypt email, leaving the information in the message vulnerable to being read by an unauthorized person. SMTP can upgrade a connection between two mail servers to use TLS. Email transmitted by SMTP over TLS is encrypted. What is the name of the command used by SMTP to transmit email over TLS?
A. OPPORTUNISTICTLS
B. STARTTLS
C. FORCETLS
D. UPGRADETLS
正解:B
質問 3:
Suppose your company has just passed a security risk assessment exercise. The results display that the risk of the breach in the main company application is 50%. Security staff has taken some measures and implemented the necessary controls. After that, another security risk assessment was performed showing that risk has decreased to 10%. The risk threshold for the application is 20%. Which of the following risk decisions will be the best for the project in terms of its successful continuation with the most business profit?
A. Introduce more controls to bring risk to 0%
B. Avoid the risk
C. Accept the risk
D. Mitigate the risk
正解:C
質問 4:
Ricardo has discovered the username for an application in his targets environment. As he has a limited amount of time, he decides to attempt to use a list of common passwords he found on the Internet. He compiles them into a list and then feeds that list as an argument into his password-cracking application, what type of attack is Ricardo performing?
A. Password spraying
B. Dictionary
C. Known plaintext
D. Brute force
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 5:
You have gained physical access to a Windows 2008 R2 server which has an accessible disc drive. When you attempt to boot the server and log in, you are unable to guess the password. In your toolkit, you have an Ubuntu 9.10 Linux LiveCD. Which Linux-based tool can change any user's password or activate disabled Windows accounts?
A. Cain & Abel
B. SET
C. John the Ripper
D. CHNTPW
正解:D
質問 6:
Steve, a scientist who works in a governmental security agency, developed a technological solution to identify people based on walking patterns and implemented this approach to a physical control access.
A camera captures people walking and identifies the individuals using Steve's approach.
After that, people must approximate their RFID badges. Both the identifications are required to open the door. In this case, we can say:
A. Although the approach has two phases, it actually implements just one authentication factor
B. The solution will have a high level of false positives
C. The solution implements the two authentication factors: physical object and physical characteristic
D. Biological motion cannot be used to identify people
正解:C
質問 7:
jane invites her friends Alice and John over for a LAN party. Alice and John access Jane's wireless network without a password. However. Jane has a long, complex password on her router. What attack has likely occurred?
A. Wireless sniffing
B. Evil twin
C. Wardriving
D. Piggybacking
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
Ozawa -
受験直前までの仕上げ学習をガッチリサポート! Pass4Testさんの問題集は312-50v11ていねい&わかりやすい解説