Black Friday Special - 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dm70dm

412-79v10 EC-Council Certified Security Analyst (ECSA) V10 Questions and Answers

Questions 4

Larry is an IT consultant who works for corporations and government agencies. Larry plans on shutting down the city's network using BGP devices and Zombies? What type of Penetration Testing is Larry planning to carry out?

Options:

A.

Internal Penetration Testing

B.

Firewall Penetration Testing

C.

DoS Penetration Testing

D.

Router Penetration Testing

Buy Now
Questions 5

Kyle is performing the final testing of an application he developed for the accounting department. His last round of testing is to ensure that the program is as secure as possible. Kyle runs the following command. What is he testing at this point?

include

#include

int main(int argc, char *argv[])

{

char buffer[10];

if (argc < 2)

{

fprintf(stderr, "USAGE: %s string\n", argv[0]);

return 1;

}

strcpy(buffer, argv[1]);

return 0;

}

Options:

A.

Buffer overflow

B.

Format string bug

C.

Kernal injection

D.

SQL injection

Buy Now
Questions 6

DMZ is a network designed to give the public access to the specific internal resources and you might want to do the same thing for guests visiting organizations without compromising the integrity of the internal resources. In general, attacks on the wireless networks fall into four basic categories.

Identify the attacks that fall under Passive attacks category.

Options:

A.

Wardriving

B.

Spoofing

C.

Sniffing

D.

Network Hijacking

Buy Now
Questions 7

You are a security analyst performing a penetration tests for a company in the Midwest. After some initial reconnaissance, you discover the IP addresses of some Cisco routers used by the company. You type in the following URL that includes the IP address of one of the routers:

https://172.168.4.131/level/99/exec/show/config

After typing in this URL, you are presented with the entire configuration file for that router. What have you discovered?

Options:

A.

URL Obfuscation Arbitrary Administrative Access Vulnerability

B.

Cisco IOS Arbitrary Administrative Access Online Vulnerability

C.

HTTP Configuration Arbitrary Administrative Access Vulnerability

D.

HTML Configuration Arbitrary Administrative Access Vulnerability

Buy Now
Questions 8

Rule of Engagement (ROE) is the formal permission to conduct a pen-test. It provides top-level guidance for conducting the penetration testing. Various factors are considered while preparing the scope of ROE which clearly explain the limits associated with the security test.

412-79v10 Question 8

Which of the following factors is NOT considered while preparing the scope of the Rules of Engagment (ROE)?

Options:

A.

A list of employees in the client organization

B.

A list of acceptable testing techniques

C.

Specific IP addresses/ranges to be tested

D.

Points of contact for the penetration testing team

Buy Now
Questions 9

You are trying to locate Microsoft Outlook Web Access Default Portal using Google search on the Internet. What search string will you use to locate them?

Options:

A.

intitle:"exchange server"

B.

outlook:"search"

C.

locate:"logon page"

D.

allinurl:"exchange/logon.asp"

Buy Now
Questions 10

Which of the following reports provides a summary of the complete pen testing process, its outcomes, and recommendations?

Options:

A.

Vulnerability Report

B.

Executive Report

C.

Client-side test Report

D.

Host Report

Buy Now
Questions 11

When setting up a wireless network with multiple access points, why is it important to set each access point on a different channel?

Options:

A.

Avoid cross talk

B.

Avoid over-saturation of wireless signals

C.

So that the access points will work on different frequencies

D.

Multiple access points can be set up on the same channel without any issues

Buy Now
Questions 12

Simon is a former employee of Trinitron XML Inc. He feels he was wrongly terminated and wants to hack into his former company's network. Since Simon remembers some of the server names, he attempts to run the AXFR and IXFR commands using DIG.

What is Simon trying to accomplish here?

Options:

A.

Enumerate all the users in the domain

B.

Perform DNS poisoning

C.

Send DOS commands to crash the DNS servers

D.

Perform a zone transfer

Buy Now
Questions 13

HTTP protocol specifies that arbitrary binary characters can be passed within the URL by using %xx notation, where 'xx' is the

Options:

A.

ASCII value of the character

B.

Binary value of the character

C.

Decimal value of the character

D.

Hex value of the character

Buy Now
Questions 14

One of the steps in information gathering is to run searches on a company using complex keywords in Google.

412-79v10 Question 14

Which search keywords would you use in the Google search engine to find all the PowerPoint presentations containing information about a target company, ROCHESTON?

Options:

A.

ROCHESTON fileformat:+ppt

B.

ROCHESTON ppt:filestring

C.

ROCHESTON filetype:ppt

D.

ROCHESTON +ppt:filesearch

Buy Now
Questions 15

Which of the following is a framework of open standards developed by the Internet Engineering Task Force (IETF) that provides secure transmission of the sensitive data over an unprotected medium, such as the Internet?

Options:

A.

DNSSEC

B.

Netsec

C.

IKE

D.

IPsec

Buy Now
Questions 16

Which of the following external pen testing tests reveals information on price, usernames and passwords, sessions, URL characters, special instructors, encryption used, and web page behaviors?

412-79v10 Question 16

Options:

A.

Check for Directory Consistency and Page Naming Syntax of the Web Pages

B.

Examine Server Side Includes (SSI)

C.

Examine Hidden Fields

D.

Examine E-commerce and Payment Gateways Handled by the Web Server

Buy Now
Questions 17

A framework for security analysis is composed of a set of instructions, assumptions, and limitations to analyze and solve security concerns and develop threat free applications.

Which of the following frameworks helps an organization in the evaluation of the company’s information security with that of the industrial standards?

Options:

A.

Microsoft Internet Security Framework

B.

Information System Security Assessment Framework

C.

The IBM Security Framework

D.

Nortell’s Unified Security Framework

Buy Now
Questions 18

Julia is a senior security analyst for Berber Consulting group. She is currently working on a contract for a small accounting firm in Florida. They have given her permission to perform social engineering attacks on the company to see if their in-house training did any good. Julia calls the main number for the accounting firm and talks to the receptionist. Julia says that she is an IT technician from the company's main office in Iowa.

She states that she needs the receptionist's network username and password to troubleshoot a problem they are having. Julia says that Bill Hammond, the CEO of the company, requested this information. After hearing the name of the CEO, the receptionist gave Julia all the information she asked for.

What principal of social engineering did Julia use?

Options:

A.

Reciprocation

B.

Friendship/Liking

C.

Social Validation

D.

Scarcity

Buy Now
Questions 19

What are the 6 core concepts in IT security?

412-79v10 Question 19

Options:

A.

Server management, website domains, firewalls, IDS, IPS, and auditing

B.

Authentication, authorization, confidentiality, integrity, availability, and non-repudiation

C.

Passwords, logins, access controls, restricted domains, configurations, and tunnels

D.

Biometrics, cloud security, social engineering, DoS attack, viruses, and Trojans

Buy Now
Questions 20

Which of the following methods is used to perform server discovery?

Options:

A.

Banner Grabbing

B.

Who is Lookup

C.

SQL Injection

D.

Session Hijacking

Buy Now
Questions 21

The IP protocol was designed for use on a wide variety of transmission links. Although the maximum length of an IP datagram is 64K, most transmission links enforce a smaller maximum packet length limit, called a MTU.

The value of the MTU depends on the type of the transmission link. The design of IP accommodates MTU differences by allowing routers to fragment IP datagrams as necessary. The receiving station is responsible for reassembling the fragments back into the original full size IP datagram.

IP fragmentation involves breaking a datagram into a number of pieces that can be reassembled later. The IP source, destination, identification, total length, and fragment offset fields in the IP header, are used for IP fragmentation and reassembly.

412-79v10 Question 21

The fragment offset is 13 bits and indicates where a fragment belongs in the original IP datagram. This value is a:

Options:

A.

Multiple of four bytes

B.

Multiple of two bytes

C.

Multiple of eight bytes

D.

Multiple of six bytes

Buy Now
Questions 22

Wireshark is a network analyzer. It reads packets from the network, decodes them, and presents them in an easy-to-understand format. Which one of the following is the command-line version of Wireshark, which can be used to capture the live packets from the wire or to read the saved capture files?

Options:

A.

Tcpdump

B.

Capinfos

C.

Tshark

D.

Idl2wrs

Buy Now
Questions 23

Variables are used to define parameters for detection, specifically those of your local network and/or specific servers or ports for inclusion or exclusion in rules. These are simple substitution variables set with the var keyword.

Which one of the following operator is used to define meta-variables?

Options:

A.

“$”

B.

“#”

C.

“*”

D.

“?”

Buy Now
Questions 24

Windows stores user passwords in the Security Accounts Manager database (SAM), or in the Active Directory database in domains. Passwords are never stored in clear text; passwords are hashed and the results are stored in the SAM.

NTLM and LM authentication protocols are used to securely store a user's password in the SAM database using different hashing methods.

412-79v10 Question 24

The SAM file in Windows Server 2008 is located in which of the following locations?

Options:

A.

c:\windows\system32\config\SAM

B.

c:\windows\system32\drivers\SAM

C.

c:\windows\system32\Setup\SAM

D.

c:\windows\system32\Boot\SAM

Buy Now
Questions 25

Security auditors determine the use of WAPs on their networks with Nessus vulnerability scanner which identifies the commonly used WAPs.

One of the plug-ins that the Nessus Vulnerability Scanner uses is ID #11026 and is named “Access Point Detection”. This plug-in uses four techniques to identify the presence of a WAP.

Which one of the following techniques is mostly used for uploading new firmware images while upgrading the WAP device?

Options:

A.

NMAP TCP/IP fingerprinting

B.

HTTP fingerprinting

C.

FTP fingerprinting

D.

SNMP fingerprinting

Buy Now
Questions 26

In which of the following IDS evasion techniques does IDS reject the packets that an end system accepts?

Options:

A.

IPS evasion technique

B.

IDS evasion technique

C.

UDP evasion technique

D.

TTL evasion technique

Buy Now
Questions 27

A firewall’s decision to forward or reject traffic in network filtering is dependent upon which of the following?

Options:

A.

Destination address

B.

Port numbers

C.

Source address

D.

Protocol used

Buy Now
Questions 28

During the process of fingerprinting a web application environment, what do you need to do in order to analyze HTTP and HTTPS request headers and the HTML source code?

Options:

A.

Examine Source of the Available Pages

B.

Perform Web Spidering

C.

Perform Banner Grabbing

D.

Check the HTTP and HTML Processing by the Browser

Buy Now
Questions 29

Transmission control protocol accepts data from a data stream, divides it into chunks, and adds a TCP header creating a TCP segment. The TCP header is the first 24 bytes of a TCP segment that contains the parameters and state of an end-to-end TCP socket. It is used to track the state of communication between two TCP endpoints.

For a connection to be established or initialized, the two hosts must synchronize. The synchronization requires each side to send its own initial sequence number and to receive a confirmation of exchange in an acknowledgment (ACK) from the other side

The below diagram shows the TCP Header format:

412-79v10 Question 29

Options:

A.

16 bits

B.

32 bits

C.

8 bits

D.

24 bits

Buy Now
Questions 30

War Driving is the act of moving around a specific area, mapping the population of wireless access points for statistical purposes. These statistics are then used to raise awareness of the security problems associated with these types of networks.

Which one of the following is a Linux based program that exploits the weak IV (Initialization Vector) problem documented with static WEP?

Options:

A.

Airsnort

B.

Aircrack

C.

WEPCrack

D.

Airpwn

Buy Now
Exam Code: 412-79v10
Exam Name: EC-Council Certified Security Analyst (ECSA) V10
Last Update: Nov 17, 2024
Questions: 201

PDF + Testing Engine

$49.5  $164.99

Testing Engine

$37.5  $124.99
buy now 412-79v10 testing engine

PDF (Q&A)

$31.5  $104.99
buy now 412-79v10 pdf
dumpsmate guaranteed to pass
24/7 Customer Support

DumpsMate's team of experts is always available to respond your queries on exam preparation. Get professional answers on any topic of the certification syllabus. Our experts will thoroughly satisfy you.

Site Secure

mcafee secure

TESTED 24 Nov 2024