최신EC-COUNCIL EC-Council Certified Security Analyst (ECSA) - ECSAv8무료샘플문제
문제1
Identify the attack represented in the diagram below:
Identify the attack represented in the diagram below:
정답: D
설명: (KoreaDumps 회원만 볼 수 있음)
문제2
Identify the port numbers used by POP3 and POP3S protocols.
Identify the port numbers used by POP3 and POP3S protocols.
정답: C
설명: (KoreaDumps 회원만 볼 수 있음)
문제3
Many security and compliance projects begin with a simple idea: assess the organization's risk, vulnerabilities, and breaches. Implementing an IT security risk assessment is critical to the overall security posture of any organization.
An effective security risk assessment can prevent breaches and reduce the impact of realized breaches.
What is the formula to calculate risk?
Many security and compliance projects begin with a simple idea: assess the organization's risk, vulnerabilities, and breaches. Implementing an IT security risk assessment is critical to the overall security posture of any organization.
An effective security risk assessment can prevent breaches and reduce the impact of realized breaches.
What is the formula to calculate risk?
정답: A
문제4
Which of the following policy forbids everything with strict restrictions on all usage of the company systems and network?
Which of the following policy forbids everything with strict restrictions on all usage of the company systems and network?
정답: D
문제5
Identify the transition mechanism to deploy IPv6 on the IPv4 network from the following diagram.
Identify the transition mechanism to deploy IPv6 on the IPv4 network from the following diagram.
정답: D
문제6
Which of the following shields Internet users from artificial DNS data, such as a deceptive or mischievous address instead of the genuine address that was requested?
Which of the following shields Internet users from artificial DNS data, such as a deceptive or mischievous address instead of the genuine address that was requested?
정답: C
설명: (KoreaDumps 회원만 볼 수 있음)
문제7
What sort of vulnerability assessment approach starts by building an inventory of protocols found on the machine?
What sort of vulnerability assessment approach starts by building an inventory of protocols found on the machine?
정답: D
설명: (KoreaDumps 회원만 볼 수 있음)
문제8
Traffic on which port is unusual for both the TCP and UDP ports?
Traffic on which port is unusual for both the TCP and UDP ports?
정답: D
문제9
Due to illegal inputs, various types of TCP stacks respond in a different manner. Some IDSs do not take into account the TCP protocol's urgency feature, which could allow testers to evade the IDS.
Penetration tester needs to try different combinations of TCP flags (e.g. none, SYN/FIN, SYN/RST, SYN/FIN/ACK, SYN/RST/ACK, and All Flags) to test the IDS.
Which of the following TCP flag combinations combines the problem of initiation, midstream, and termination flags with the PSH and URG?
Due to illegal inputs, various types of TCP stacks respond in a different manner. Some IDSs do not take into account the TCP protocol's urgency feature, which could allow testers to evade the IDS.
Penetration tester needs to try different combinations of TCP flags (e.g. none, SYN/FIN, SYN/RST, SYN/FIN/ACK, SYN/RST/ACK, and All Flags) to test the IDS.
Which of the following TCP flag combinations combines the problem of initiation, midstream, and termination flags with the PSH and URG?
정답: D
설명: (KoreaDumps 회원만 볼 수 있음)
문제10
A penetration test will show you the vulnerabilities in the target system and the risks associated with it. An educated valuation of the risk will be performed so that the vulnerabilities can be reported as High/Medium/Low risk issues.
What are the two types of 'white-box' penetration testing?
A penetration test will show you the vulnerabilities in the target system and the risks associated with it. An educated valuation of the risk will be performed so that the vulnerabilities can be reported as High/Medium/Low risk issues.
What are the two types of 'white-box' penetration testing?
정답: C