933 お客様のコメント
質問 1:
Andrews and Sons Corp. has decided to share threat information among sharing partners. Garry, a threat analyst, working in Andrews and Sons Corp., has asked to follow a trust model necessary to establish trust between sharing partners. In the trust model used by him, the first organization makes use of a body of evidence in a second organization, and the level of trust between two organizations depends on the degree and quality of evidence provided by the first organization.
Which of the following types of trust model is used by Garry to establish the trust?
A. Direct historical trust
B. Mediated trust
C. Validated trust
D. Mandated trust
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
Which of the following types of threat attribution deals with the identification of the specific person, society, or a country sponsoring a well-planned and executed intrusion or attack over its target?
A. Nation-state attribution
B. True attribution
C. Campaign attribution
D. Intrusion-set attribution
正解:B
質問 3:
An attacker instructs bots to use camouflage mechanism to hide his phishing and malware delivery locations in the rapidly changing network of compromised bots. In this particular technique, a single domain name consists of multiple IP addresses.
Which of the following technique is used by the attacker?
A. Dynamic DNS
B. Fast-Flux DNS
C. DNS zone transfer
D. DNS interrogation
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 4:
Tyrion, a professional hacker, is targeting an organization to steal confidential information. He wants to perform website footprinting to obtain the following information, which is hidden in the web page header.
Connection status and content type
Accept-ranges and last-modified information
X-powered-by information
Web server in use and its version
Which of the following tools should the Tyrion use to view header content?
A. Burp suite
B. AutoShun
C. Vanguard enforcer
D. Hydra
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 5:
H&P, Inc. is a small-scale organization that has decided to outsource the network security monitoring due to lack of resources in the organization. They are looking for the options where they can directly incorporate threat intelligence into their existing network defense solutions.
Which of the following is the most cost-effective methods the organization can employ?
A. Look for an individual within the organization
B. Recruit managed security service providers (MSSP)
C. Recruit data management solution provider
D. Recruit the right talent
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
Andrews and Sons Corp. has decided to share threat information among sharing partners. Garry, a threat analyst, working in Andrews and Sons Corp., has asked to follow a trust model necessary to establish trust between sharing partners. In the trust model used by him, the first organization makes use of a body of evidence in a second organization, and the level of trust between two organizations depends on the degree and quality of evidence provided by the first organization.
Which of the following types of trust model is used by Garry to establish the trust?
A. Direct historical trust
B. Mediated trust
C. Validated trust
D. Mandated trust
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
Which of the following types of threat attribution deals with the identification of the specific person, society, or a country sponsoring a well-planned and executed intrusion or attack over its target?
A. Nation-state attribution
B. True attribution
C. Campaign attribution
D. Intrusion-set attribution
正解:B
質問 3:
An attacker instructs bots to use camouflage mechanism to hide his phishing and malware delivery locations in the rapidly changing network of compromised bots. In this particular technique, a single domain name consists of multiple IP addresses.
Which of the following technique is used by the attacker?
A. Dynamic DNS
B. Fast-Flux DNS
C. DNS zone transfer
D. DNS interrogation
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 4:
Tyrion, a professional hacker, is targeting an organization to steal confidential information. He wants to perform website footprinting to obtain the following information, which is hidden in the web page header.
Connection status and content type
Accept-ranges and last-modified information
X-powered-by information
Web server in use and its version
Which of the following tools should the Tyrion use to view header content?
A. Burp suite
B. AutoShun
C. Vanguard enforcer
D. Hydra
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 5:
H&P, Inc. is a small-scale organization that has decided to outsource the network security monitoring due to lack of resources in the organization. They are looking for the options where they can directly incorporate threat intelligence into their existing network defense solutions.
Which of the following is the most cost-effective methods the organization can employ?
A. Look for an individual within the organization
B. Recruit managed security service providers (MSSP)
C. Recruit data management solution provider
D. Recruit the right talent
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
Kato -
とりあえずこれ1冊しっかりやれば合格できる内容です。312-85平易な記述となっているので初学者でも自学自習進めやすい内容だと思います。