IT認証試験問題集
毎月、GOWUKAKUは1500人以上の受験者が試験準備を助けて、試験に合格するために受験者にご協力します
 ホームページ / 412-79V10 問題集  / 412-79V10 問題練習

EC-Council 412-79V10 問題練習

EC-Council Certified Security Analyst (ECSA) V10 試験

最新更新時間: 2024/03/19,合計201問。

【2024年3月キャンペーン】:412-79V10 最新真題を買う時、日本語版と英語版両方を同時に獲得できます。

実際の問題集を練習し、試験のポイントを了解し、テストに申し込むするかどうかを決めることができます。

さらに試験準備時間の35%を節約するには、412-79V10 問題集を使用してください。

 / 4

Question No : 1
Which one of the following acts makes reputational risk of poor security a reality because it requires public disclosure of any security breach that involves personal information if it is unencrypted or if it is reasonably believed that the information has been acquired by an unauthorized person?

正解:

Question No : 2
When you are running a vulnerability scan on a network and the IDS cuts off your connection, what type of IDS is being used?

正解:

Question No : 3
Which of the following attributes has a LM and NTLMv1 value as 64bit + 64bit + 64bit and NTLMv2 value as 128 bits?

正解:

Question No : 4
You are the security analyst working for a private company out of France. Your current assignment is to obtain credit card information from a Swiss bank owned by that company. After initial reconnaissance, you discover that the bank security defenses are very strong and would take too long to penetrate. You decide to get the information by monitoring the traffic between the bank and one of its subsidiaries in London.
After monitoring some of the traffic, you see a lot of FTP packets traveling back and forth. You want to sniff the traffic and extract usernames and passwords.
What tool could you use to get this information?

正解:

Question No : 5
Which of the following defines the details of services to be provided for the client’s organization and the list of services required for performing the test in the organization?

正解:

Question No : 6
What is the difference between penetration testing and vulnerability testing?



正解:

Question No : 7
What are the scanning techniques that are used to bypass firewall rules and logging mechanisms and disguise themselves as usual network traffic?

正解:

Question No : 8
What are the 6 core concepts in IT security?



正解:

Question No : 9
After passing her CEH exam, Carol wants to ensure that her network is completely secure. She implements a DMZ, statefull firewall, NAT, IPSEC, and a packet filtering firewall. Since all security measures were taken, none of the hosts on her network can reach the Internet.
Why is that?

正解:

Question No : 10
What is the maximum value of a “tinyint” field in most database systems?

正解:

Question No : 11
The term social engineering is used to describe the various tricks used to fool people (employees, business partners, or customers) into voluntarily giving away information that would not normally be known to the general public.



What is the criminal practice of social engineering where an attacker uses the telephone system in an attempt to scam the user into surrendering private information?

正解:

Question No : 12
TCP/IP provides a broad range of communication protocols for the various applications on the network. The TCP/IP model has four layers with major protocols included within each layer.
Which one of the following protocols is used to collect information from all the network devices?

正解:

Question No : 13
Which of the following will not handle routing protocols properly?

正解:

Question No : 14
Which of the following password hashing algorithms is used in the NTLMv2 authentication mechanism?

正解:

Question No : 15
ARP spoofing is a technique whereby an attacker sends fake ("spoofed") Address Resolution Protocol (ARP) messages onto a Local Area Network. Generally, the aim is to associate the attacker's MAC address with the IP address of another host (such as the default gateway), causing any traffic meant for that IP address to be sent to the attacker instead.
ARP spoofing attack is used as an opening for other attacks.



What type of attack would you launch after successfully deploying ARP spoofing?

正解:

 / 4
EC-Council