EC-Council Certified Security Analyst (ECSA) V10 온라인 연습
최종 업데이트 시간: 2024년11월08일
당신은 온라인 연습 문제를 통해 EC-Council 412-79V10 시험지식에 대해 자신이 어떻게 알고 있는지 파악한 후 시험 참가 신청 여부를 결정할 수 있다.
시험을 100% 합격하고 시험 준비 시간을 35% 절약하기를 바라며 412-79V10 덤프 (최신 실제 시험 문제)를 사용 선택하여 현재 최신 201개의 시험 문제와 답을 포함하십시오.
/ 4
Question No : 1
Which one of the following acts makes reputational risk of poor security a reality because it requires public disclosure of any security breach that involves personal information if it is unencrypted or if it is reasonably believed that the information has been acquired by an unauthorized person?
정답:
Question No : 2
When you are running a vulnerability scan on a network and the IDS cuts off your connection, what type of IDS is being used?
정답:
Question No : 3
Which of the following attributes has a LM and NTLMv1 value as 64bit + 64bit + 64bit and NTLMv2 value as 128 bits?
정답:
Question No : 4
You are the security analyst working for a private company out of France. Your current assignment is to obtain credit card information from a Swiss bank owned by that company. After initial reconnaissance, you discover that the bank security defenses are very strong and would take too long to penetrate. You decide to get the information by monitoring the traffic between the bank and one of its subsidiaries in London.
After monitoring some of the traffic, you see a lot of FTP packets traveling back and forth. You want to sniff the traffic and extract usernames and passwords.
What tool could you use to get this information?
정답:
Question No : 5
Which of the following defines the details of services to be provided for the client’s organization and the list of services required for performing the test in the organization?
정답:
Question No : 6
What is the difference between penetration testing and vulnerability testing?
정답:
Question No : 7
What are the scanning techniques that are used to bypass firewall rules and logging mechanisms and disguise themselves as usual network traffic?
정답:
Question No : 8
What are the 6 core concepts in IT security?
정답:
Question No : 9
After passing her CEH exam, Carol wants to ensure that her network is completely secure. She implements a DMZ, statefull firewall, NAT, IPSEC, and a packet filtering firewall. Since all security measures were taken, none of the hosts on her network can reach the Internet.
Why is that?
정답:
Question No : 10
What is the maximum value of a “tinyint” field in most database systems?
정답:
Question No : 11
The term social engineering is used to describe the various tricks used to fool people (employees, business partners, or customers) into voluntarily giving away information that would not normally be known to the general public.
What is the criminal practice of social engineering where an attacker uses the telephone system in an attempt to scam the user into surrendering private information?
정답:
Question No : 12
TCP/IP provides a broad range of communication protocols for the various applications on the network. The TCP/IP model has four layers with major protocols included within each layer.
Which one of the following protocols is used to collect information from all the network devices?
정답:
Question No : 13
Which of the following will not handle routing protocols properly?
정답:
Question No : 14
Which of the following password hashing algorithms is used in the NTLMv2 authentication mechanism?
정답:
Question No : 15
ARP spoofing is a technique whereby an attacker sends fake ("spoofed") Address Resolution Protocol (ARP) messages onto a Local Area Network. Generally, the aim is to associate the attacker's MAC address with the IP address of another host (such as the default gateway), causing any traffic meant for that IP address to be sent to the attacker instead.
ARP spoofing attack is used as an opening for other attacks.
What type of attack would you launch after successfully deploying ARP spoofing?