821 お客様のコメント
質問 1:
It is a kind of malware (malicious software) that criminals install on your computer so they can lock it from a remote location. This malware generates a pop-up windows, webpage,or email warning from what looks like an officialauthority. It explains your computer has been locked because of possible illegal activities and demands payment before you can access your files and programs again.
Which term best matches this definition?
A. Ransomware
B. Adware
C. Riskware
D. Spyware
正解:A
質問 2:
You are tasked to perform a penetration test. While you are performinginformation gathering, you find ab employee list in Google. You find receptionist's email, and you send her an email changing the source email to her boss's email ( boss@company ). In this email, you ask for a pdf with information. She reads your email and sends back a pdf with links. You exchange the pdf links with your malicious links (these links contain malware) and send back the modified pdf, saying that the links don't work. She reads your email, opens the links, and her machine gets infected.
What testing method did you use?
A. Evesdropping
B. Tailgating
C. Piggybacking
D. Social engineering
正解:D
質問 3:
While performing online banking using a web browser, a user receives an email that contains alink to an interesting Web site. When the user clicks on the link, another web browser session starts and displays a video of cats playing a piano. The next business day, the user receives what looks like an email from his bank, indicating that his bank account has been accessed from a foreign country. The email asks the user to call his bank and verify the authorization of a funds transfer that took place.
What web browser-based security vulnerability was exploited to compromise the user?
A. Cross-Site Request Forgery
B. Web form input validation
C. Cross-Site Scripting
D. Clickjacking
正解:A
質問 4:
You are a Network Security Officer. You have two machines. The first machine
(192.168.0.99) has snort installed, and the second machine (192.168.0.150) has kiwi syslog installed. You perform a syn scan in your network, and you notice that kiwi syslog is not receiving the alert message from snort. You decide to run wireshark in the snort machine to check if the messages are going to the kiwi syslog machine.
What wireshark filter will show the connections from the snort machineto kiwi syslog machine?
A. tcp.srcport==514 && ip.src==192.168.0.99
B. tcp.srcport==514 && ip.src==192.168.150
C. tcp.dstport==514 &&ip.dst==192.168.0.99
D. tcp.dstport==514 && ip.dst==192.168.0.150
正解:D
質問 5:
You are the Systems Administrator for a large corporate organization. You need to monitor all network traffic on your local network for suspicious activities and receive notifications when an attack is occurring. Which tool would allow you to accomplish this goal?
A. Host-based IDS
B. Proxy
C. Network-Based IDS
D. Firewall
正解:C
It is a kind of malware (malicious software) that criminals install on your computer so they can lock it from a remote location. This malware generates a pop-up windows, webpage,or email warning from what looks like an officialauthority. It explains your computer has been locked because of possible illegal activities and demands payment before you can access your files and programs again.
Which term best matches this definition?
A. Ransomware
B. Adware
C. Riskware
D. Spyware
正解:A
質問 2:
You are tasked to perform a penetration test. While you are performinginformation gathering, you find ab employee list in Google. You find receptionist's email, and you send her an email changing the source email to her boss's email ( boss@company ). In this email, you ask for a pdf with information. She reads your email and sends back a pdf with links. You exchange the pdf links with your malicious links (these links contain malware) and send back the modified pdf, saying that the links don't work. She reads your email, opens the links, and her machine gets infected.
What testing method did you use?
A. Evesdropping
B. Tailgating
C. Piggybacking
D. Social engineering
正解:D
質問 3:
While performing online banking using a web browser, a user receives an email that contains alink to an interesting Web site. When the user clicks on the link, another web browser session starts and displays a video of cats playing a piano. The next business day, the user receives what looks like an email from his bank, indicating that his bank account has been accessed from a foreign country. The email asks the user to call his bank and verify the authorization of a funds transfer that took place.
What web browser-based security vulnerability was exploited to compromise the user?
A. Cross-Site Request Forgery
B. Web form input validation
C. Cross-Site Scripting
D. Clickjacking
正解:A
質問 4:
You are a Network Security Officer. You have two machines. The first machine
(192.168.0.99) has snort installed, and the second machine (192.168.0.150) has kiwi syslog installed. You perform a syn scan in your network, and you notice that kiwi syslog is not receiving the alert message from snort. You decide to run wireshark in the snort machine to check if the messages are going to the kiwi syslog machine.
What wireshark filter will show the connections from the snort machineto kiwi syslog machine?
A. tcp.srcport==514 && ip.src==192.168.0.99
B. tcp.srcport==514 && ip.src==192.168.150
C. tcp.dstport==514 &&ip.dst==192.168.0.99
D. tcp.dstport==514 && ip.dst==192.168.0.150
正解:D
質問 5:
You are the Systems Administrator for a large corporate organization. You need to monitor all network traffic on your local network for suspicious activities and receive notifications when an attack is occurring. Which tool would allow you to accomplish this goal?
A. Host-based IDS
B. Proxy
C. Network-Based IDS
D. Firewall
正解:C
Mori -
勉強しやすくなっていました。一からの学習にも試験直前の学習にも使える312-50v9問題集だと思う。