Certified Ethical Hacker Exam V9 試験
Question No : 1
A Regional bank hires your company to perform a security assessment on their network after a recent data breach. The attacker was able to steal financial data from the bank by compromising only a single server.
Based on this information, what should be one of your key recommendations to the bank?
Question No : 2
A company’s security states that all web browsers must automatically delete their HTTP browser cookies upon terminating. What sort of security breach is this policy attempting to mitigate?
Question No : 3
Which of these options is the most secure procedure for strong backup tapes?
Question No : 4
How does the Address Resolution Protocol (ARP) work?
Question No : 5
It is a regulation that has a set if guideline, which should be adhered to by anyone who handles any electronic medical data. These guidelines stipulate that all medical practices must ensure that all necessary measures are in place while saving, accessing, and sharing any electronic medical data to keep patient data secure.
Which of the following regulations best matches the description?
Question No : 6
During a security audit of IT processes, an IS auditor found that there was no documented security procedures. What should the IS auditor do?
Question No : 7
An incident investigator asks to receive a copy of the event from all firewalls, proxy servers, and Intrusion Detection Systems (IDS) on the network of an organization that has experienced a possible breach of security. When the investigator attempts to correlate the information in all of the logs the sequence of many of the logged events do not match up.
What is the most likely cause?
Question No : 8
> NMAP Csn 192.168.11.200-215
The NMAP command above performs which of the following?
Question No : 9
Which of the following statements regarding ethical hacking is incorrect?
Question No : 10
You are logged in as a local admin on a Windows 7 system and you need to launch the Computer Management Console from command line.
Which command would you use?
Question No : 11
A penetration tester is conducting a port scan on a specific host. The tester found several ports opened that were confusing in concluding the Operating System (OS) version installed. Considering the NMAP result below, which of the follow is likely to be installed on the target machine by the OS? Starting NMAP 5.21 at 2011-03-15 11:06 NMAP scan report for 172.16.40.65 Host is up (1.00s latency). Not shown: 993 closed ports PORT STATE SERVICE 21/tcp open ftp 23/tcp open telnet 80 /tcp open http 139/tcp open netbios-ssn 515/tcp open 631/tec open ipp 9100/tcp open MAC Address: 00:00:48:0D:EE:8
Question No : 12
Which of the following is a design pattern based on distinct pieces of software providing application functionality as services to other applications?
Question No : 13
The phase will increase the odds of success in later phases of the penetration test. It is also the very first step in Information Gathering, and it will tell you what the “landscape” looks like.
What is the most important phase of ethical hacking in which you need to spend a considerable amount of time?
Question No : 14
What term describes the amount of risk that remains after the vulnerabilities are classified and the countermeasures have been deployed?
Question No : 15
Which of the following is the greatest threat posed by backups?