861 お客様のコメント
質問 1:
What is the key advantage of Session Hijacking?
A. It can be easily done and does not require sophisticated skills.
B. You can successfully predict the sequence number generation.
C. You cannot be traced in case the hijack is detected.
D. You can take advantage of an authenticated connection.
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
Ursula is a college student at a University in Amsterdam. Ursula originally went to college to study engineering but later changed to marine biology after spending a month at sea with her friends. These friends frequently go out to sea to follow and harass fishing fleets that illegally fish in foreign waters. Ursula eventually wants to put companies practicing illegal fishing out of business. Ursula decides to hack into the parent company's computers and destroy critical data knowing fully well that, if caught, she probably would be sent to jail for a very long time. What would Ursula be considered?
A. She would be called a cracker.
B. Ursula would be considered a gray hat since she is performing an act against illegal activities.
C. Ursula would be considered a black hat.
D. She would be considered a suicide hacker.
正解:D
質問 3:
An attacker has captured a target file that is encrypted with public key cryptography. Which of the attacks below is likely to be used to crack the target file?
A. Timing attack
B. Replay attack
C. Memory trade-off attack
D. Chosen plain-text attack
正解:D
質問 4:
Simon is security analyst writing signatures for a Snort node he placed internally that captures all mirrored traffic from his border firewall. From the following signature, what will Snort look for in the payload of the suspected packets?
alert tcp $EXTERNAL_NET any -> $HOME_NET 27374 (msG. "BACKDOOR SIG - SubSseven 22";flags: A+; content: "|0d0a5b52504c5d3030320d0a|"; reference:arachnids, 485;) alert
A. From this snort signature, packets with HOME_NET 27374 in the payload will be flagged.
B. Packets that contain the payload of BACKDOOR SIG - SubSseven 22 will be flagged.
C. Snort will look for 0d0a5b52504c5d3030320d0a in the payload.
D. The payload of 485 is what this Snort signature will look for.
正解:C
質問 5:
Which of the following are variants of mandatory access control mechanisms? (Choose two.)
A. Sign in register
B. Username / password
C. Two factor authentication
D. Acceptable use policy
E. User education program
正解:B,C
質問 6:
Doug is conducting a port scan of a target network. He knows that his client target network has a web server and that there is a mail server also which is up and running. Doug has been sweeping the network but has not been able to elicit any response from the remote target. Which of the following could be the most likely cause behind this lack of response? Select 4.
A. The packet TTL value is too low and cannot reach the target
B. UDP is filtered by a gateway
C. The host might be down
D. The TCP windows size does not match
E. The destination network might be down
F. ICMP is filtered by a gateway
正解:A,B,C,F
解説: (Pass4Test メンバーにのみ表示されます)
What is the key advantage of Session Hijacking?
A. It can be easily done and does not require sophisticated skills.
B. You can successfully predict the sequence number generation.
C. You cannot be traced in case the hijack is detected.
D. You can take advantage of an authenticated connection.
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
Ursula is a college student at a University in Amsterdam. Ursula originally went to college to study engineering but later changed to marine biology after spending a month at sea with her friends. These friends frequently go out to sea to follow and harass fishing fleets that illegally fish in foreign waters. Ursula eventually wants to put companies practicing illegal fishing out of business. Ursula decides to hack into the parent company's computers and destroy critical data knowing fully well that, if caught, she probably would be sent to jail for a very long time. What would Ursula be considered?
A. She would be called a cracker.
B. Ursula would be considered a gray hat since she is performing an act against illegal activities.
C. Ursula would be considered a black hat.
D. She would be considered a suicide hacker.
正解:D
質問 3:
An attacker has captured a target file that is encrypted with public key cryptography. Which of the attacks below is likely to be used to crack the target file?
A. Timing attack
B. Replay attack
C. Memory trade-off attack
D. Chosen plain-text attack
正解:D
質問 4:
Simon is security analyst writing signatures for a Snort node he placed internally that captures all mirrored traffic from his border firewall. From the following signature, what will Snort look for in the payload of the suspected packets?
alert tcp $EXTERNAL_NET any -> $HOME_NET 27374 (msG. "BACKDOOR SIG - SubSseven 22";flags: A+; content: "|0d0a5b52504c5d3030320d0a|"; reference:arachnids, 485;) alert
A. From this snort signature, packets with HOME_NET 27374 in the payload will be flagged.
B. Packets that contain the payload of BACKDOOR SIG - SubSseven 22 will be flagged.
C. Snort will look for 0d0a5b52504c5d3030320d0a in the payload.
D. The payload of 485 is what this Snort signature will look for.
正解:C
質問 5:
Which of the following are variants of mandatory access control mechanisms? (Choose two.)
A. Sign in register
B. Username / password
C. Two factor authentication
D. Acceptable use policy
E. User education program
正解:B,C
質問 6:
Doug is conducting a port scan of a target network. He knows that his client target network has a web server and that there is a mail server also which is up and running. Doug has been sweeping the network but has not been able to elicit any response from the remote target. Which of the following could be the most likely cause behind this lack of response? Select 4.
A. The packet TTL value is too low and cannot reach the target
B. UDP is filtered by a gateway
C. The host might be down
D. The TCP windows size does not match
E. The destination network might be down
F. ICMP is filtered by a gateway
正解:A,B,C,F
解説: (Pass4Test メンバーにのみ表示されます)
徳永** -
Pass4TestのEC0-350は素晴らしいです。勉強時間が少なくて、EC0-350の問題集は助けになりました。大変ありがとうございました。