Session splicing is an IDS evasiontechnique in which an attacker delivers data in multiple, smallsized packets to the target computer, making it very difficult for an IDS to detect the attack signatures.
Which tool can used to perform session splicing attacks?
A. Burp
B. Whisker
C. Hydra
D. Tcpsplice
正解:B
質問 2:
As a Certified Ethical hacker, you were contracted by aprivate firm to conduct an external security assessment through penetration testing.
What document describes the specified of the testing, the associated violations, and essentially protects both the organization's interest and your li abilities as a tester?
A. Project Scope
B. Non-Disclosure Agreement
C. Service Level Agreement
D. Term of Engagement
正解:B
質問 3:
You are usingNMAP to resolve domain names into IP addresses for a ping sweep later. Which of the following commands looks for IP addresses?
A. >host -t ns hackeddomain.com
B. >host -t soa hackeddomain.com
C. >host -t AXFR hackeddomain.com
D. >host -t a hackeddomain.com
正解:D
質問 4:
What term describes the amount of risk that remains after the vulnerabilities are classified and the countermeasures have been deployed?
A. Deferred Risk
B. Impact Risk
C. Inherent Risk
D. ResidualRisk
正解:D
質問 5:
Which of the following parameters describe LM Hash:
I - The maximum password length is 14 characters.
II - There are no distinctions between uppercase and lowercase.
III - It's a simple algorithm, so 10,000,000 hashes can be generated per second.
A. I, II and III
B. I and II
C. II
D. I
正解:A
伊藤** -
312-50v9試験を合格しました。Pass4Test様がいなかったら、合格はなかったと、思います。
短い間でしたが、毎日、質疑応答に付き合ってくださりありがとうございました。