Which of the following statement correctly defines ICMP Flood Attack? (Select 2 answers)

A. ECHO packets are flooded on the network saturating the bandwidth of the subnet causing denial of service
B. The ICMP packets signal the victim system to reply and the combination of traffic saturates the bandwidth of the victim's network
C. A DDoS ICMP flood attack occurs when the zombies send large volumes of ICMP_ECHO_REPLY packets to the victim system.
D. Bogus ECHO reply packets are flooded on the network spoofing the IP and MAC address
正解:B,C
質問 2:
Neil is closely monitoring his firewall rules and logs on a regular basis. Some of the users have complained to Neil that there are a few employees who are visiting offensive web site during work hours, without any consideration for others. Neil knows that he has an up-todate content filtering system and such access should not be authorized. What type of technique might be used by these offenders to access the Internet without restriction?
A. They are using an older version of Internet Explorer that allow them to bypass the proxy server
B. They are using UDP that is always authorized at the firewall
C. They are using HTTP tunneling software that allows them to communicate with protocols in a way it was not intended
D. They have been able to compromise the firewall,modify the rules,and give themselves proper access
正解:C
質問 3:
Erik notices a big increase in UDP packets sent to port 1026 and 1027 occasionally. He
enters the following at the command prompt.
$ nc -l -p 1026 -u -v
In response, he sees the following message.
cell(?(c)????STOPALERT77STOP! WINDOWS REQUIRES IMMEDIATE ATTENTION.
Windows has found 47 Critical Errors.
To fix the errors please do the following:
1.Download Registry Repair from: www.reg-patch.com
2.Install Registry Repair
3.Run Registry Repair
4.Reboot your computer
FAILURE TO ACT NOW MAY LEAD TO DATA LOSS AND CORRUPTION!
What would you infer from this alert?
A. It is a messenger spam. Windows creates a listener on one of the low dynamic ports from 1026 to 1029 and the message usually promotes malware disguised as legitimate utilities
B. An attacker has compromised the machine and backdoored ports 1026 and 1027
C. The machine is redirecting traffic to www.reg-patch.com using adware
D. It is a genuine fault of windows registry and the registry needs to be backed up
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 4:
Which of the following is a component of a risk assessment?
A. Physical security
B. DMZ
C. Logical interface
D. Administrative safeguards
正解:D
質問 5:
Clive has been hired to perform a Black-Box test by one of his clients.
How much information will Clive obtain from the client before commencing his test?
A. Only the IP address range.
B. Nothing but corporate name.
C. IP Range,OS,and patches installed.
D. All that is available from the client site.
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 6:
Identify SQL injection attack from the HTTP requests shown below:
A. http%3a%2f%2fwww.yourserver.c0m%2fbadscript.js%22%3e%3c%2fscript%3e
B. http://www.victim.com/example accountnumber=67891&creditamount=999999999
C. http://www.myserver.c0m/search.asp? lname=smith%27%3bupdate%20usertable%20set%20passwd%3d%27hAx0r%27%3b-%00
D. http://www.myserver.c0m/script.php?mydata=%3cscript%20src=%22
正解:C
質問 7:
In which part of OSI layer, ARP Poisoning occurs?

A. Transport Layer
B. Physical Layer
C. Application layer
D. Datalink Layer
正解:D
質問 8:
Eve is spending her day scanning the library computers. She notices that Alice is using a computer whose port 445 is active and listening. Eve uses the ENUM tool to enumerate Alice machine. From the command prompt, she types the following command.
For /f "tokens=1 %%a in (hackfile.txt) do net use * \\10.1.2.3\c$ /user:"Administrator" %%a
What is Eve trying to do?
A. Eve is trying to enumerate all users with Administrative privileges
B. Eve is trying to carry out a password crack for user Administrator
C. Eve is trying to escalate privilege of the null user to that of Administrator
D. Eve is trying to connect as an user with Administrator privileges
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
松原** -
まずは6~7割程度まで一気に仕上げさせる構成が優れていると感じました。この312-50v8対策書のおかげで比較的短時間で全体を把握できたことが自信につながりました。