EC-COUNCIL 312-50v9 問題集

質問 1：
The "Black box testing" methodology enforces which kind of restriction?
A. The internal operation of a system is completely known to the tester.
B. Only the external operation of a systemis accessible to the tester
C. Only the internal operation of a system is known to the tester.
D. The internal operation of a system is only partly accessible to the tester.
正解：B

質問 2：
It is a vulnerability in GNU's bash shell, discovered in September of 2004, that gives attackers access to run remote commands on a vulnerable system. The malicious software can take control of an infected machine, launch denial-of service attacks to disrupt websites, and scan for other vulnerable devices (including routers).
Which of the following vulnerabilities is being described?
A. Shellshock
B. Rootshock
C. Rootshell
D. Shellbash
正解：A

質問 3：
When you are collecting information to perform a dataanalysis, Google commands are very useful to find sensitive information and files. These files may contain information about passwords, system functions, or documentation.
What command will help you to search files using Google as a search engine?
A. inurl: target.com filename:xls username password email
B. site:target.com file:xls username password email
C. domain: target.com archive:xls username password email
D. site: target.com filetype:xls username password email
正解：D

質問 4：
The chance of a hard drive failure is once every three years. The cost to buy a new hard drive is $300. It will require 10 hours to restore the OS and software to the new hard disk. It will require a further 4 hours to restore the database from the last backup to the new hard disk. The recovery person earns $10/hour. Calculate theSLE, ARO, and ALE. Assume the EF = 1 (100%).
What is the closest approximate cost of this replacement and recovery operation per year?
A. $146
B. $100
C. 1320
D. 440
正解：A

質問 5：
The "Gray box testing" methodology enforces what kind of restriction?
A. The internal operation of a system is completely known to the tester.
B. Only the internal operation of a system is known to the tester.
C. The internal operation of a system is only partly accessible to the tester.
D. Only the external operation of a system is accessible to the tester.
正解：C

質問 6：
Jesse receives an email with an attachment labeled "Court_Notice_21206.zip". Inside the zip file is a file named "Court_Notice_21206.docx.exe" disguised as a word document.Upon execution, a windows appears stating, "This word document is corrupt." In the background, the file copies itself to Jesse APPDATA\local directory and begins to beacon to a C2 server to download additional malicious binaries. What type of malware has Jesse encountered?
A. Trojan
B. Micro Virus
C. Key-Logger
D. Worm
正解：A

質問 7：
You have successfully gained access to your client's internal network and successfully comprised a linux server which is part of the internal IP network. You want to know which Microsoft Windows workstation have the sharing enabled.
Which port would you see listeningon these Windows machines in the network?
A. 1443
B. 445
C. 161
D. 3389
正解：B