312-50v9試験無料問題集「EC-COUNCIL Certified Ethical Hacker v9 認定」
Initiating an attack against targeted businesses and organizations, threat actors compromise a carefully selected website byinserting an exploit resulting in malware infection. The attackers run exploits on well-known and trusted sites likely to be visited by their targeted victims. Aside from carefully choosing sites to compromise, these attacks are known toincorporate zero-day exploits that target unpatched vulnerabilities. Thus, the targeted entities are left with little or no defense against these exploits.
What type of attack is outlined in the scenario?
What type of attack is outlined in the scenario?
正解:B
解答を投票する
It is a vulnerability in GNU's bash shell, discovered in September of 2004, that gives attackers access to run remote commands on a vulnerable system. The malicious software can take control of an infected machine, launch denial-of service attacks to disrupt websites, and scan for other vulnerable devices (including routers).
Which of the following vulnerabilities is being described?
Which of the following vulnerabilities is being described?
正解:A
解答を投票する
An attacker changes the profile information of a particular user on a target website (the victim). The attacker uses this string to update the victim's profile to a text file and then submit the data to the attacker's database.
<frame src=http://www/vulnweb.com/updataif.php Style="display:none"></iframe>
What is this type of attack (that can use either HTTP GET or HRRP POST) called?
<frame src=http://www/vulnweb.com/updataif.php Style="display:none"></iframe>
What is this type of attack (that can use either HTTP GET or HRRP POST) called?
正解:A
解答を投票する
As a Certified Ethical hacker, you were contracted by aprivate firm to conduct an external security assessment through penetration testing.
What document describes the specified of the testing, the associated violations, and essentially protects both the organization's interest and your li abilities as a tester?
What document describes the specified of the testing, the associated violations, and essentially protects both the organization's interest and your li abilities as a tester?
正解:A
解答を投票する
You've gained physical access to a Windows 2008 R2 server which has as accessible disc drive. When you attempt to boot the server and log in, you are unable to guess the password. In your tool kit you have an Ubuntu 9.10 Linux LiveCD.Which Linux tool has the ability to change any user's password or to activate disabled Windows Accounts?
正解:B
解答を投票する