412-79v8試験無料問題集（196題）「EC-COUNCIL EC-Council Certified Security Analyst (ECSA) 認定」

出題：1

Which of the following is the objective of Gramm-Leach-Bliley Act?

A. To ease the transfer of financial information between institutions and banks

B. To set a new or enhanced standards for all U.S. public company boards, management and public accounting firms

C. To protect the confidentiality, integrity, and availability of data

D. To certify the accuracy of the reported financial statement

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

An attacker injects malicious query strings in user input fields to bypass web service authentication mechanisms and to access back-end databases. Which of the following attacks is this?

A. XPath Injection Attack

B. LDAP Injection Attack

C. Frame Injection Attack

D. SOAP Injection Attack

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

By default, the TFTP server listens on UDP port 69. Which of the following utility reports the port status of target TCP and UDP ports on a local or a remote computer and is used to troubleshoot TCP/IP connectivity issues?

A. Netstat

B. Tracert

C. Telnet

D. PortQry

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

Identify the type of firewall represented in the diagram below:

A. Stateful multilayer inspection firewall

B. Packet filter

C. Applicationlevel gateway

D. Circuit level gateway

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：5

Snort, an open source network-based intrusion detection sensor, is the most widely installed NIDS in the world. It can be configured to run in the four modes. Which one of the following modes reads the packets off the network and displays them in a continuous stream on the console (screen)?

A. Packet Sniffer Mode

B. Inline Mode

C. Packet Logger Mode

D. Network Intrusion Detection System Mode

正解：A 解答を投票する

出題：6

During external penetration testing, which of the following techniques uses tools like Nmap to predict the sequence numbers generated by the targeted server and use this information to perform session hijacking techniques?

A. IPID Sequence Number Prediction

B. IPID State Number Prediction

C. TCP Sequence Number Prediction

D. TCP State Number Prediction

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：7

Which one of the following components of standard Solaris Syslog is a UNIX command that is used to add single-line entries to the system log?

A. "Syslogd.conf"

B. "/etc/syslog.conf"

C. "Syslogd"

D. "Logger"

正解：D 解答を投票する

出題：8

War Driving is the act of moving around a specific area, mapping the population of wireless access points for statistical purposes. These statistics are then used to raise awareness of the security problems associated with these types of networks. Which one of the following is a Linux based program that exploits the weak IV (Initialization Vector) problem documented with static WEP?

A. Aircrack

B. Airpwn

C. Airsnort

D. WEPCrack

正解：C 解答を投票する

出題：9

Which of the following methods is used to perform server discovery?

A. SQL Injection

B. Whois Lookup

C. SessionHijacking

D. Banner Grabbing

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：10

A chipset is a group of integrated circuits that are designed to work together and are usually marketed as a single product." It is generally the motherboard chips or the chips used on the expansion card. Which one of the following is well supported in most wireless applications?

A. Cisco chipset

B. Orinoco chipsets

C. Prism II chipsets

D. Atheros Chipset

正解：C 解答を投票する

412-79v8試験無料問題集「EC-COUNCIL EC-Council Certified Security Analyst (ECSA) 認定」