最新的EC-COUNCIL Certified Ethical Hacker v8 - 312-50v8免費考試真題
問題1
Bob has been hired to perform a penetration test on XYZ.com. He begins by looking at IP address ranges owned by the company and details of domain name registration. He then goes to News Groups and financial web sites to see if they are leaking any sensitive information of have any technical details online.
Within the context of penetration testing methodology, what phase is Bob involved with?
Within the context of penetration testing methodology, what phase is Bob involved with?
正確答案: B
說明:(僅 VCESoft 成員可見)
問題2
Which of the following systems would not respond correctly to an nmap XMAS scan?
正確答案: A
說明:(僅 VCESoft 成員可見)
問題3
Joseph has just been hired on to a contractor company of the Department of Defense as their Senior Security Analyst. Joseph has been instructed on the company's strict security policies that have been implemented, and the policies that have yet to be put in place. Per the Department of Defense, all DoD users and the users of their contractors must use two-factor authentication to access their networks. Joseph has been delegated the task of researching and implementing the best two-factor authentication method for his company. Joseph's supervisor has told him that they would like to use some type of hardware device in tandem with a security or identifying pin number. Joseph's company has already researched using smart cards and all the resources needed to implement them, but found the smart cards to not be cost effective. What type of device should Joseph use for two-factor authentication?
正確答案: B
問題4
Bob wants to prevent attackers from sniffing his passwords on the wired network. Which of the following lists the best options?
正確答案: C
說明:(僅 VCESoft 成員可見)
問題5
This TCP flag instructs the sending system to transmit all buffered data immediately.
正確答案: C
問題6
Jason's Web server was attacked by a trojan virus. He runs protocol analyzer and notices that the trojan communicates to a remote server on the Internet. Shown below is the standard "hexdump" representation of the network packet, before being decoded. Jason wants to identify the trojan by looking at the destination port number and mapping to a trojan-port number database on the Internet. Identify the remote server's port number by decoding the packet?
正確答案: C
說明:(僅 VCESoft 成員可見)
問題7
Tess King is making use of Digest Authentication for her Web site. Why is this considered to be more secure than Basic authentication?
正確答案: A
說明:(僅 VCESoft 成員可見)
問題8
The following script shows a simple SQL injection. The script builds an SQL query by concatenating hard-coded strings together with a string entered by the user:
The user is prompted to enter the name of a city on a Web form. If she enters Chicago, the query assembled by the script looks similar to the following:
SELECT * FROM OrdersTable WHERE ShipCity = 'Chicago'
How will you delete the OrdersTable from the database using SQL Injection?
The user is prompted to enter the name of a city on a Web form. If she enters Chicago, the query assembled by the script looks similar to the following:
SELECT * FROM OrdersTable WHERE ShipCity = 'Chicago'
How will you delete the OrdersTable from the database using SQL Injection?
正確答案: D
問題9
Which of the following is a strong post designed to stop a car?
正確答案: A
