跳到主要內容

ECIH_A_061-070

 =061==

Which of the following types of fuzz testing strategies does new data get generated from scratch, and the amount of data generated is predefined based on the testing model?

以下哪一種模糊測試策略是從頭開始生成新數據,並且生成的數據量是根據測試模型預先定義的?

 

A. Log-based fuzz testing 日誌為基礎的模糊測試,

B. Protocol-based fuzz testing 協議為基礎的模糊測試,

C. Mutation-based fuzz testing 變異為基礎的模糊測試,

D. Generation-based fuzz testing 生成為基礎的模糊測試

 

=062==

Identify the Sarbanes–Oxley Act (SOX) Title, which consists of only one section, that includes measures designed to help restore investor confidence in the reporting of securities analysts.

識別《薩班斯-奧克斯利法案》(SOX)中僅包含一節的標題,其中包括旨在幫助恢復投資者對證券分析師報告的信心的措施。

 

A. Title VIII: Corporate and Criminal Fraud Accountability 第八標題:公司和刑事欺詐問責,

B. Title IX: White-Collar-Crime Penalty Enhancement 第九標題:白領犯罪懲罰加重,

C. Title V: Analyst Conflicts of Interest 第五標題:分析師利益衝突,

D. Title VII: Studies and Reports 第七標題:研究和報告

 

=063==

Alex is an incident handler for Tech-o-Tech Inc. and is tasked to identify any possible insider threats within his organization.

Alex Tech-o-Tech 公司的事件處理人員,負責識別公司內部任何可能的內部威脅。

 

Which of the following insider threat detection techniques can be used by Alex to detect insider threats based on the behavior of a suspicious employee, both individually and in a group?

以下哪種內部威脅檢測技術可由 Alex 用來基於可疑員工的行為來檢測內部威脅,無論是個別還是群體?

 

A. Physical detection 物理檢測,

B. Behavioral analysis 行為分析,

C. Profiling 形象分析,

D. Mole detection 臥底檢測

 

=064==

Smith employs various malware detection techniques to thoroughly examine the network and its systems for suspicious and malicious malware files.

Smith 使用各種惡意軟體檢測技術徹底檢查網路及其系統中可疑和惡意的惡意軟體文件。

 

Among all techniques, which one involves analyzing the memory dumps or binary codes for the traces of malware?

在所有技術中,哪一種涉及分析記憶體轉儲或二進位代碼以尋找惡意軟體的痕跡?

 

A. Static analysis 靜態分析,

B. Live system 動態系統,

C. Dynamic analysis 動態分析,

D. Intrusion analysis 入侵分析

 

=065==

John, a professional hacker, is attacking an organization, and is trying to destroy the connectivity between an AP and client to make the target unavailable to other wireless devices.

John,一名專業駭客,正在攻擊一個組織,並試圖破壞 AP 和客戶端之間的連接,使目標無法被其他無線設備使用。

 

Which of the following attacks is John performing in this case?

在這種情況下,John 進行的是以下哪種攻擊?

 

A. Routing attack 路由攻擊,

B. Disassociation attack 解除關聯攻擊,

C. Denial-of-service 拒絕服務,

D. EAP failure EAP 失敗

 

=066==

An organization named Sam Morison Inc. decided to use cloud-based services to reduce the cost of their maintenance.

一家名為 Sam Morison Inc. 的公司決定使用基於雲的服務來降低其維護成本。

 

They first identified various risks and threats associated with cloud service adoption and migrating critical business data to thirdparty systems.

他們首先識別了與採用雲服務和將關鍵業務數據遷移到第三方系統相關的各種風險和威脅。

 

Hence, the organization decided to deploy cloud-based security tools to prevent upcoming threats.

因此,該組織決定部署基於雲的安全工具來防止即將到來的威脅。

 

Which of the following tools would help the organization to secure cloud resources and services?

以下哪種工具可以幫助組織保護雲資源和服務?

 

A. Nmap Nmap

B. Burp Suite Burp 套件,

C. Wireshark Wireshark

D. Alert Logic Alert Logic

 

=067==

Which of the following terms refers to the personnel that the incident handling and response (IH&R) team must contact to report the incident and obtain the necessary permissions?

以下哪個術語是指事件處理和響應(IH&R)團隊必須聯繫以報告事件並獲得必要許可的相關人員?

 

A. Civil litigation 民事訴訟,

B. Ticketing 工單系統,

C. Criminal referral 刑事舉報,

D. Point of contact 聯絡人

 

=068==

Which of the following is not a best practice to eliminate the possibility of insider attacks?

以下哪一項不是消除內部攻擊可能性的最佳做法?

 

A. Always leave business details over voicemail or email messages 始終通過語音郵件或電子郵件留言留存業務詳情,

B. Monitoring employee behaviors and computer systems used by employees 監控員工行為和員工使用的計算機系統,

C. Disabling remote backup and disaster recovery processes for business continuity 禁用遠端備份和災難恢復過程以保持業務連續性,

D. Disallowing users from installing unauthorized software or accessing malicious websites 禁止用戶安裝未授權的軟件或訪問惡意網站

 

=069==

Francis is an incident handler and security expert.

Francis 是一名事件處理人員和安全專家。

 

He works at MorisonTech Solutions based in Sydney, Australia.

他在位於澳大利亞悉尼的 MorisonTech 解決方案公司工作。

 

He was assigned a task to detect phishing/spam mails for the client organization.

他被分配了一項任務,為客戶組織檢測網路釣魚/垃圾郵件。

 

Which of the following tools can assist Francis to perform the required task?

以下哪種工具可以幫助 Francis 執行所需的任務?

 

A. BTCCrack BTCCrack

B. Netcraft Netcraft

C. Cain and Abel Cain and Abel

D. Nessus Nessus

 

=070==

Jason is an incident handler dealing with malware incidents.

Jason 是處理惡意軟體事件的事件處理人員。

 

He was asked to perform a memory dump analysis in order to collect the information about the basic functionality of any program.

他被要求執行記憶體轉儲分析以收集有關任何程序基本功能的信息。

 

As a part of his assignment, he needs to perform string search analysis to search for the malicious string that could determine the harmful actions that a program can perform.

作為任務的一部分,他需要執行字串搜索分析,以搜索可以確定程序可執行的有害行為的惡意字串。

 

Which of the following string-searching tools does Jason need to use to perform the intended task?

Jason 需要使用以下哪種字串搜索工具來執行預定任務?

 

A. Dependency Walker Information about the resource is in the response body. Dependency Walker 資源信息在響應正文中,

B. PEView PEView

C. BinText BinText

D. Process Explorer Process Explorer

DCBAC DBCBC

標籤:

留言

張貼留言

這個網誌中的熱門文章

ECIH_A_051-060

  =051== In which of the following phases of incident handling and response (IH&R) process are the identified security incidents analyzed, validated, categorized, and prioritized? 在事件處理和響應 (IH&R) 流程的哪個階段,已識別的安全事件會被分析、驗證、分類和優先排序? A. Incident triage, 事件分類 B. Notification, 通知 C. Incident recording and assignment, 事件記錄和分配 D. Containment, 控制   =052== Browser data can be used to access various credentials. 瀏覽器數據可以用來訪問各種憑證。 Which of the following tools is used to analyze the history data files in Microsoft Edge browser? 以下哪個工具用於分析 Microsoft Edge 瀏覽器中的歷史數據文件? A. MZHistoryView B. BrowsingHistoryView C. ChromeHistoryView D. MZCacheView   =053== Eve is an incident handler in ABC organization. Eve 是 ABC 組織的事件處理人員。 One day, she got a complaint about an email hacking incident from one of the employees of the organization. 有一天,她收到該組織的一名員工關於電子郵件駭客事件的投訴。 As an incident handler, Eve follows a set of recovery steps in order to recover...
張貼留言
閱讀完整內容

ECIH_B_001-010

  =001== XYZ Corp. recently shifted its infrastructure to Microsoft Azure and soon after faced an unexpected data breach. XYZ 公司最近將其基礎設施轉移到 Microsoft Azure ,但不久後就遭遇了意外的數據洩漏事件。 The event led to confidential data being accessed by an unauthorized user. 該事件導致機密數據被未經授權的用戶訪問。 As the newly appointed EC-Council Certified Incident Handler, you are tasked with improving the incident response strategy to prevent such security incidents in the future. 作為新任命的 EC-Council 認證事件處理人員,您被要求改進事件響應策略,以防止未來發生此類安全事件。 What is the best course of action? 最佳行動方案是什麼? · Activate Azure disk encryption for all data stored in the cloud. 啟用 Azure 磁碟加密,對雲端中儲存的所有數據進行加密。 · Transition all operations to Azure private network to enhance control over data. 將所有操作轉移到 Azure 私人網路,以增強對數據的控制。 · Implement Azure network security groups to limit access to resources. 實施 Azure 網路安全群組,限制對資源的訪問。 · Set up Azure Security Center and enable just-in-time VM access. 設置 Azure 安全中心並啟用即時虛擬機存取。 =002== The CEO of a l...
張貼留言
閱讀完整內容

ECIH_B_031-040

=031== An employee accidentally emails confidential customer information to a personal email address. 一名員工不小心將機密客戶資訊發送到個人電子郵件地址。 What is the biggest challenge faced by the incident response team in this scenario? 在此情境中,事件回應團隊面臨的最大挑戰是什麼? Ⓐ Determining the intent of the employee 確定員工的意圖 Ⓑ Balancing the need for confidentiality and transparency with stakeholders 平衡保密需求與對利害關係人保持透明之間的需求 Ⓒ Identifying the extent of the damage caused by the incident 確定事件造成的損害程度 Ⓓ Identifying the source of the email server used to send the email 確定用於發送郵件的電子郵件伺服器的來源 =032== An incident handling team has been alerted about a possible security breach on a Linux system. 一個事件處理團隊收到有關 Linux 系統可能發生安全漏洞的警報。 As an EC-Council Certified Incident Handler, you decide to perform an incident triage using a tool named buck-security on Linux. 作為 EC-Council 認證的事件處理人員,您決定使用名為 buck-security 的工具在 Linux 上進行事件分類。 After conducting the security check, buck-security returns a warning message indicating a ...
張貼留言
閱讀完整內容