412-79試験無料問題集（205題）「EC-COUNCIL EC-Council Certified Security Analyst (ECSA) 認定」

出題：1

Which of the following contents of a pen testing project plan addresses the strengths, weaknesses, opportunities, and threats involved in the project?

A. Project Goal

B. Assumptions

C. Objectives

D. Success Factors

正解：B 解答を投票する

出題：2

War Driving is the act of moving around a specific area, mapping the population of wireless access points for statistical purposes. These statistics are then used to raise awareness of the security problems associated with these types of networks. Which one of the following is a Linux based program that exploits the weak IV (Initialization Vector) problem documented with static WEP?

A. Aircrack

B. Airpwn

C. Airsnort

D. WEPCrack

正解：C 解答を投票する

出題：3

Which of the following attacks does a hacker perform in order to obtain UDDI information such as businessEntity, businesService, bindingTemplate, and tModel?

A. Service Level Configuration Attacks

B. Web Services Footprinting Attack

C. URL Tampering Attacks

D. Inside Attacks

正解：B 解答を投票する

出題：4

During external penetration testing, which of the following techniques uses tools like Nmap to predict the sequence numbers generated by the targeted server and use this information to perform session hijacking techniques?

A. IPID Sequence Number Prediction

B. IPID State Number Prediction

C. TCP Sequence Number Prediction

D. TCP State Number Prediction

正解：C 解答を投票する

出題：5

Wireless communication allows networks to extend to places that might otherwise go untouched by the wired networks.
When most people say 'Wireless' these days, they are referring to one of the 802.11 standards.
There are three main 802.11 standards: B, A, and G.
Which one of the following 802.11 types uses DSSS Modulation, splitting the 2.4ghz band into channels?

A. 802.11b

B. 802.11n

C. 802.11-Legacy

D. 802.11g

正解：A 解答を投票する

出題：6

An antenna is a device that is designed to transmit and receive the electromagnetic waves that are generally called radio waves. Which one of the following types of antenna is developed from waveguide technology?

A. Aperture Antennas

B. Leaky Wave Antennas

C. Directional Antenna

D. Reflector Antenna

正解：A 解答を投票する

出題：7

Passwords protect computer resources and files from unauthorized access by malicious users. Using passwords is the most capable and effective way to protect information and to increase the security level of a company.
Password cracking is the process of recovering passwords from data that have been stored in or transmitted by a computer system to gain unauthorized access to a system.

Which of the following password cracking attacks tries every combination of characters until the password is broken?

A. Hybrid attack

B. Dictionary attack

C. Rule-based attack

D. Brute-force attack

正解：D 解答を投票する

出題：8

Which vulnerability assessment phase describes the scope of the assessment, identifies and ranks the critical assets, and creates proper information protection procedures such as effective planning, scheduling, coordination, and logistics?

A. Pre-Assessment Phase

B. Threat-Assessment Phase

C. Assessment Phase

D. Post-Assessment Phase

正解：A 解答を投票する

出題：9

Metasploit framework in an open source platform for vulnerability research, development, and penetration testing. Which one of the following metasploit options is used to exploit multiple systems at once?

A. NinjaHost

B. EnablePython

C. NinjaDontKill

D. RandomNops

正解：C 解答を投票する

出題：10

Which of the following documents helps in creating a confidential relationship between the pen tester and client to protect critical and confidential information or trade secrets?

A. Rules of Behavior Agreement

B. Non-Disclosure Agreement

C. Liability Insurance

D. Penetration Testing Agreement

正解：B 解答を投票する

412-79試験無料問題集「EC-COUNCIL EC-Council Certified Security Analyst (ECSA) 認定」