무료 온라인 액세스 ECCouncil.312-50v13.v2025-09-09.q347 모의 시험 (Page 31)

312-50v13 문제 146

What is the purpose of a demilitarized zone on a network?

A. To scan all traffic coming through the DMZ to the internal network

B. To only provide direct access to the nodes within the DMZ and protect the network behind it

C. To provide a place to put the honeypot

D. To contain the network devices you wish to protect

312-50v13 문제 147

웹 인프라를 마비시키기 위해 레이어 7에서 DDOS 공격이 수행됩니다. 부분적인 HTTP 요청이 웹 인프라 또는 애플리케이션으로 전송됩니다. 부분적인 요청을 수신하면 대상 서버는 여러 연결을 열고 요청이 완료될 때까지 기다립니다.
여기서 설명하는 공격은 무엇입니까?

A. 비동기화

B. 슬로로리스 공격

C. 세션 스플라이싱

D. 플레싱

정답: B

Developed by Robert "RSnake" Hansen, Slowloris is DDoS attack software that permits one computer to require down an internet server. Due the straightforward yet elegant nature of this attack, it requires minimal bandwidth to implement and affects the target server's web server only, with almost no side effects on other services and ports.Slowloris has proven highly-effective against many popular sorts of web server software, including Apache 1.x and 2.x.Over the years, Slowloris has been credited with variety of high-profile server takedowns. Notably, it had been used extensively by Iranian 'hackivists' following the 2009 Iranian presidential election to attack Iranian government internet sites .Slowloris works by opening multiple connections to the targeted web server and keeping them open as long as possible. It does this by continuously sending partial HTTP requests, none of which are ever completed. The attacked servers open more and connections open, expecting each of the attack requests to be completed.Periodically, the Slowloris sends subsequent HTTP headers for every request, but never actually completes the request. Ultimately, the targeted server's maximum concurrent connection pool is filled, and extra (legitimate) connection attempts are denied.
By sending partial, as against malformed, packets, Slowloris can easily elapse traditional Intrusion Detection systems.Named after a kind of slow-moving Asian primate, Slowloris really does win the race by moving slowly and steadily. A Slowloris attack must await sockets to be released by legitimate requests before consuming them one by one.For a high-volume internet site , this will take a while . the method are often further slowed if legitimate sessions are reinitiated. But within the end, if the attack is unmitigated, Slowloris-like the tortoise-wins the race.If undetected or unmitigated, Slowloris attacks also can last for long periods of your time . When attacked sockets outing , Slowloris simply reinitiates the connections, continuing to reach the online server until mitigated.Designed for stealth also as efficacy, Slowloris are often modified to send different host headers within the event that a virtual host is targeted, and logs are stored separately for every virtual host.More importantly, within the course of an attack, Slowloris are often set to suppress log file creation. this suggests the attack can catch unmonitored servers off-guard, with none red flags appearing in log file entries.Methods of mitigationImperva's security services are enabled by reverse proxy technology, used for inspection of all incoming requests on their thanks to the clients' servers.Imperva' s secured proxy won't forward any partial connection requests-rendering all Slowloris DDoS attack attempts completely and utterly useless.

312-50v13 문제 148

Sam, a professional hacker. targeted an organization with intention of compromising AWS IAM credentials.
He attempted to lure one of the employees of the organization by initiating fake calls while posing as a legitimate employee. Moreover, he sent phishing emails to steal the AWS 1AM credentials and further compromise the employee's account. What is the technique used by Sam to compromise the AWS IAM credentials?

A. Social engineering

B. insider threat

C. Password reuse

D. Reverse engineering

정답: A

Just like any other service that accepts usernames and passwords for logging in, AWS users are vulnerable to social engineering attacks from attackers. fake emails, calls, or any other method of social engineering, may find yourself with an AWS users' credentials within the hands of an attacker.
If a user only uses API keys for accessing AWS, general phishing techniques could still use to gain access to other accounts or their pc itself, where the attacker may then pull the API keys for aforementioned AWS user.
With basic opensource intelligence (OSINT), it's usually simple to collect a list of workers of an organization that use AWS on a regular basis. This list will then be targeted with spear phishing to do and gather credentials. an easy technique may include an email that says your bill has spiked 500th within the past 24 hours, "click here for additional information", and when they click the link, they're forwarded to a malicious copy of the AWS login page designed to steal their credentials.
An example of such an email will be seen within the screenshot below. it's exactly like an email that AWS would send to you if you were to exceed the free tier limits, except for a few little changes. If you clicked on any of the highlighted regions within the screenshot, you'd not be taken to the official AWS web site and you' d instead be forwarded to a pretend login page setup to steal your credentials.
These emails will get even more specific by playing a touch bit additional OSINT before causing them out. If an attacker was ready to discover your AWS account ID on-line somewhere, they could use methods we at rhino have free previously to enumerate what users and roles exist in your account with none logs contact on your side. they could use this list to more refine their target list, further as their emails to reference services they will know that you often use.
For reference, the journal post for using AWS account IDs for role enumeration will be found here and the journal post for using AWS account IDs for user enumeration will be found here.
During engagements at rhino, we find that phishing is one in all the fastest ways for us to achieve access to an AWS environment.

312-50v13 문제 149

네트워크에 보안 시스템을 방금 구축했습니다. 다음 문자열이 구성 규칙으로 사용되는 시스템은 어떤 시스템인가요?
alert tcp any any -> 192.168.100.0/24 21 (msg: "네트워크에 FTP가 있습니다!";)

A. 방화벽 IPTable

B. FTP 서버 규칙

C. 라우터 IPTable

D. 침입 탐지 시스템

312-50v13 문제 150

해커는 뛰어난 컴퓨터 기술과 소유자의 허가 없이 컴퓨터의 소프트웨어와 하드웨어를 탐색할 수 있는 능력을 갖춘 지적인 개인입니다. 해커의 목적은 단순히 지식을 얻는 것일 수도 있고, 불법적으로 시스템을 변경하는 것일 수도 있습니다.
다음 해커 유형 중 어느 것이 다양한 상황에서 공격과 방어를 모두 수행하는 개인을 지칭합니까?

A. 화이트햇

B. 자살 해커

C. 회색 모자

D. 블랙햇

최근 업로드: 103Juniper.JN0-664.v2025-09-11.q101; 104IAPP.CIPM.v2025-09-11.q242; 110Oracle.1Z0-1160-1.v2025-09-10.q18; 107Oracle.1z0-1054-25.v2025-09-10.q50; 104Cisco.300-710.v2025-09-10.q297; 128VMware.2V0-41.24.v2025-09-10.q104; 163Avaya.78201X.v2025-09-09.q135; 142CompTIA.220-1202.v2025-09-09.q57; 183CheckPoint.156-215.81.v2025-09-09.q391; 230ECCouncil.312-50v13.v2025-09-09.q347