跳到主要內容

ECIH_A_201-205

 =201==

Adam is an attacker who along with his team launched multiple attacks on target organization for financial benefits.

Adam 是一名攻擊者,他與他的團隊針對目標組織發起多次攻擊以獲取財務利益。

Worried about getting caught, he decided to forge his identity.

擔心被抓住,他決定偽造身份。

To do so, he created a new identity by obtaining information from different victims.

為此,他通過獲取不同受害者的信息創建了一個新身份。

Identify the type of identity theft Adam has performed.

識別 Adam 所進行的身份盜竊類型。

A. Tax identity theft 稅務身份盜竊

B. Social identity theft 社會身份盜竊

C. Synthetic identity theft 合成身份盜竊

D. Medical identity theft 醫療身份盜竊

 

=202==

Tom received a phishing email and accidentally opened its attachment.

Tom 收到一封網絡釣魚郵件並不小心打開了其附件。

This resulted in redirection of all traffics to a fraudulent website.

這導致所有流量被重定向到欺詐網站。

What type of phishing attack happens?

發生了哪種類型的網絡釣魚攻擊?

A. Whaling 捕鯨

B. Spear Phishing 魚叉式網絡釣魚

C. Pharming 網絡欺騙

D. Spimming 廣告垃圾信息

 

=203==

Malicious software programs that infect computers and corrupt or delete the data on them.

感染計算機並損壞或刪除其上的數據的惡意軟件程序。

The above-mentioned statement defines which of the following terms?

上述陳述定義了以下哪個術語?

A. Trojan 木馬

B. Spyware 間諜軟體

C. Worm 蠕蟲

D. Virus 病毒

 

=204==

Introduction of malicious programs onto the device connected to the campus network (Trojan Horse, email bombs, virus, etc.) is called?

將惡意程序引入連接到校園網絡的設備(木馬、電子郵件炸彈、病毒等)被稱為?

A. Network Access 網絡訪問

B. Unauthorized Access 未經授權的訪問

C. Inappropriate Usage 不當使用

D. Authorize Access 授權訪問

 

=205==

Which one of the following is Inappropriate Usage Incidents?

以下哪一項是不當使用事件?

A. Denial of Service Attack 拒絕服務攻擊

B. Reconnaissance Attack 偵察攻擊

C. Access Control Attack 訪問控制攻擊

D. Insider Threat 內部威脅

CBDAD

標籤:

留言

張貼留言

這個網誌中的熱門文章

ECIH_A_051-060

  =051== In which of the following phases of incident handling and response (IH&R) process are the identified security incidents analyzed, validated, categorized, and prioritized? 在事件處理和響應 (IH&R) 流程的哪個階段,已識別的安全事件會被分析、驗證、分類和優先排序? A. Incident triage, 事件分類 B. Notification, 通知 C. Incident recording and assignment, 事件記錄和分配 D. Containment, 控制   =052== Browser data can be used to access various credentials. 瀏覽器數據可以用來訪問各種憑證。 Which of the following tools is used to analyze the history data files in Microsoft Edge browser? 以下哪個工具用於分析 Microsoft Edge 瀏覽器中的歷史數據文件? A. MZHistoryView B. BrowsingHistoryView C. ChromeHistoryView D. MZCacheView   =053== Eve is an incident handler in ABC organization. Eve 是 ABC 組織的事件處理人員。 One day, she got a complaint about an email hacking incident from one of the employees of the organization. 有一天,她收到該組織的一名員工關於電子郵件駭客事件的投訴。 As an incident handler, Eve follows a set of recovery steps in order to recover...
張貼留言
閱讀完整內容

ECIH_B_001-010

  =001== XYZ Corp. recently shifted its infrastructure to Microsoft Azure and soon after faced an unexpected data breach. XYZ 公司最近將其基礎設施轉移到 Microsoft Azure ,但不久後就遭遇了意外的數據洩漏事件。 The event led to confidential data being accessed by an unauthorized user. 該事件導致機密數據被未經授權的用戶訪問。 As the newly appointed EC-Council Certified Incident Handler, you are tasked with improving the incident response strategy to prevent such security incidents in the future. 作為新任命的 EC-Council 認證事件處理人員,您被要求改進事件響應策略,以防止未來發生此類安全事件。 What is the best course of action? 最佳行動方案是什麼? · Activate Azure disk encryption for all data stored in the cloud. 啟用 Azure 磁碟加密,對雲端中儲存的所有數據進行加密。 · Transition all operations to Azure private network to enhance control over data. 將所有操作轉移到 Azure 私人網路,以增強對數據的控制。 · Implement Azure network security groups to limit access to resources. 實施 Azure 網路安全群組,限制對資源的訪問。 · Set up Azure Security Center and enable just-in-time VM access. 設置 Azure 安全中心並啟用即時虛擬機存取。 =002== The CEO of a l...
張貼留言
閱讀完整內容

ECIH_B_031-040

=031== An employee accidentally emails confidential customer information to a personal email address. 一名員工不小心將機密客戶資訊發送到個人電子郵件地址。 What is the biggest challenge faced by the incident response team in this scenario? 在此情境中,事件回應團隊面臨的最大挑戰是什麼? Ⓐ Determining the intent of the employee 確定員工的意圖 Ⓑ Balancing the need for confidentiality and transparency with stakeholders 平衡保密需求與對利害關係人保持透明之間的需求 Ⓒ Identifying the extent of the damage caused by the incident 確定事件造成的損害程度 Ⓓ Identifying the source of the email server used to send the email 確定用於發送郵件的電子郵件伺服器的來源 =032== An incident handling team has been alerted about a possible security breach on a Linux system. 一個事件處理團隊收到有關 Linux 系統可能發生安全漏洞的警報。 As an EC-Council Certified Incident Handler, you decide to perform an incident triage using a tool named buck-security on Linux. 作為 EC-Council 認證的事件處理人員,您決定使用名為 buck-security 的工具在 Linux 上進行事件分類。 After conducting the security check, buck-security returns a warning message indicating a ...
張貼留言
閱讀完整內容