최신EC-COUNCIL EC-Council Certified Security Analyst (ECSA) - 412-79무료샘플문제
문제1
TCP/IP model is a framework for the Internet Protocol suite of computer network protocols that defines the communication in an IP-based network. It provides end-to-end connectivity specifying how data should be formatted, addressed, transmitted, routed and received at the destination. This functionality has been organized into four abstraction layers which are used to sort all related protocols according to the scope of networking involved.
Which of the following TCP/IP layers selects the best path through the network for packets to travel?
TCP/IP model is a framework for the Internet Protocol suite of computer network protocols that defines the communication in an IP-based network. It provides end-to-end connectivity specifying how data should be formatted, addressed, transmitted, routed and received at the destination. This functionality has been organized into four abstraction layers which are used to sort all related protocols according to the scope of networking involved.
Which of the following TCP/IP layers selects the best path through the network for packets to travel?
정답: A
문제2
Which of the following policies helps secure data and protects the privacy of organizational information?
Which of the following policies helps secure data and protects the privacy of organizational information?
정답: B
문제3
ARP spoofing is a technique whereby an attacker sends fake ("spoofed") Address Resolution Protocol (ARP) messages onto a Local Area Network. Generally, the aim is to associate the attacker's MAC address with the IP address of another host (such as the default gateway), causing any traffic meant for that IP address to be sent to the attacker instead.
ARP spoofing attack is used as an opening for other attacks.
What type of attack would you launch after successfully deploying ARP spoofing?
ARP spoofing is a technique whereby an attacker sends fake ("spoofed") Address Resolution Protocol (ARP) messages onto a Local Area Network. Generally, the aim is to associate the attacker's MAC address with the IP address of another host (such as the default gateway), causing any traffic meant for that IP address to be sent to the attacker instead.
ARP spoofing attack is used as an opening for other attacks.
What type of attack would you launch after successfully deploying ARP spoofing?
정답: A
문제4
Which of the following is NOT generally included in a quote for penetration testing services?
Which of the following is NOT generally included in a quote for penetration testing services?
정답: D
문제5
Why is a legal agreement important to have before launching a penetration test?
Why is a legal agreement important to have before launching a penetration test?
정답: C
문제6
Traffic on which port is unusual for both the TCP and UDP ports?
Traffic on which port is unusual for both the TCP and UDP ports?
정답: B
문제7
Which one of the following is a command line tool used for capturing data from the live network and copying those packets to a file?
Which one of the following is a command line tool used for capturing data from the live network and copying those packets to a file?
정답: C
문제8
Identify the port numbers used by POP3 and POP3S protocols.
Identify the port numbers used by POP3 and POP3S protocols.
정답: B
문제9
What sort of vulnerability assessment approach starts by building an inventory of protocols found on the machine?
What sort of vulnerability assessment approach starts by building an inventory of protocols found on the machine?
정답: C
문제10
Hackers today have an ever-increasing list of weaknesses in the web application structure at their disposal, which they can exploit to accomplish a wide variety of malicious tasks.
New flaws in web application security measures are constantly being researched, both by hackers and by security professionals. Most of these flaws affect all dynamic web applications whilst others are dependent on specific application technologies. In both cases, one may observe how the evolution and refinement of web technologies also brings about new exploits which compromise sensitive databases, provide access to theoretically secure networks, and pose a threat to the daily operation of online businesses.
What is the biggest threat to Web 2.0 technologies?
Hackers today have an ever-increasing list of weaknesses in the web application structure at their disposal, which they can exploit to accomplish a wide variety of malicious tasks.
New flaws in web application security measures are constantly being researched, both by hackers and by security professionals. Most of these flaws affect all dynamic web applications whilst others are dependent on specific application technologies. In both cases, one may observe how the evolution and refinement of web technologies also brings about new exploits which compromise sensitive databases, provide access to theoretically secure networks, and pose a threat to the daily operation of online businesses.
What is the biggest threat to Web 2.0 technologies?
정답: B