EC-COUNCIL 412-79v10 問題集

質問 1：
Simon is a former employee of Trinitron XML Inc. He feels he was wrongly terminated and wants to hack into his former company's network. Since Simon remembers some of the server names, he attempts to run the AXFR and IXFR commands using DIG.
What is Simon trying to accomplish here?
A. Perform DNS poisoning
B. Perform a zone transfer
C. Enumerate all the users in the domain
D. Send DOS commands to crash the DNS servers
正解：B

質問 2：
Paulette works for an IT security consulting company that is currently performing an audit for the firm ACE Unlimited. Paulette's duties include logging on to all the company's network equipment to ensure IOS versions are up-to-date and all the other security settings are as stringent as possible.
Paulette presents the following screenshot to her boss so he can inform the clients about necessary changes need to be made. From the screenshot, what changes should the client company make?
Exhibit:

A. The banner should have more detail on the version numbers for the network equipment
B. The banner should not state "only authorized IT personnel may proceed"
C. Remove any identifying numbers, names, or version information
D. The banner should include the Cisco tech support contact information as well
正解：C

質問 3：
John and Hillary works at the same department in the company. John wants to find out Hillary's network password so he can take a look at her documents on the file server. He enables Lophtcrack program to sniffing mode. John sends Hillary an email with a link to Error! Reference source not found.
What information will he be able to gather from this?
A. The SAM file from Hillary's computer
B. The network shares that Hillary has permissions
C. Hillary's network username and password hash
D. The SID of Hillary's network account
正解：C

質問 4：
Wireshark is a network analyzer. It reads packets from the network, decodes them, and presents them in an easy-to-understand format. Which one of the following is the command-line version of Wireshark, which can be used to capture the live packets from the wire or to read the saved capture files?
A. Idl2wrs
B. Tcpdump
C. Tshark
D. Capinfos
正解：D

質問 5：
Firewall and DMZ architectures are characterized according to its design. Which one of the following architectures is used when routers have better high-bandwidth data stream handling capacity?
A. Strong Screened-Subnet Architecture
B. "Inside Versus Outside" Architecture
C. "Three-Homed Firewall" DMZ Architecture
D. Weak Screened Subnet Architecture
正解：D

質問 6：
Identify the framework that comprises of five levels to guide agency assessment of their security programs and assist in prioritizing efforts for improvement:
A. Microsoft Internet Security Framework
B. Nortells Unified Security Framework
C. Information System Security Assessment Framework (ISSAF)
D. Federal Information Technology Security Assessment Framework
正解：D

質問 7：
Which of the following password hashing algorithms is used in the NTLMv2 authentication mechanism?
A. DES (ECB mode)
B. RC5
C. MD5
D. AES
正解：C

質問 8：
Identify the type of firewall represented in the diagram below:

A. Packet filter
B. Stateful multilayer inspection firewall
C. Circuit level gateway
D. Application level gateway
正解：B