March Special Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 2493360325

Good News !!! 412-79v10 EC-Council Certified Security Analyst (ECSA) V10 is now Stable and With Pass Result

412-79v10 Practice Exam Questions and Answers

EC-Council Certified Security Analyst (ECSA) V10

Last Update 16 hours ago
Total Questions : 201

412-79v10 is stable now with all latest exam questions are added 16 hours ago. Just download our Full package and start your journey with ECCouncil EC-Council Certified Security Analyst (ECSA) V10 certification. All these ECCouncil 412-79v10 practice exam questions are real and verified by our Experts in the related industry fields.

412-79v10 PDF

412-79v10 PDF (Printable)
$48
$119.99

412-79v10 Testing Engine

412-79v10 PDF (Printable)
$56
$139.99

412-79v10 PDF + Testing Engine

412-79v10 PDF (Printable)
$70.8
$176.99
Question # 1

George is a senior security analyst working for a state agency in Florida. His state's congress just passed a bill mandating every state agency to undergo a security audit annually. After learning what will be required, George needs to implement an IDS as soon as possible before the first audit occurs.

The state bill requires that an IDS with a "time-based induction machine" be used. What IDS feature must George implement to meet this requirement?

Options:

A.  

Pattern matching

B.  

Statistical-based anomaly detection

C.  

Real-time anomaly detection

D.  

Signature-based anomaly detection

Discussion 0
Question # 2

The framework primarily designed to fulfill a methodical and organized way of addressing five threat classes to network and that can be used to access, plan, manage, and maintain secure computers and communication networks is:

Options:

A.  

Nortells Unified Security Framework

B.  

The IBM Security Framework

C.  

Bell Labs Network Security Framework

D.  

Microsoft Internet Security Framework

Discussion 0
Question # 3

Which of the following is not the SQL injection attack character?

Options:

A.  

$

B.  

PRINT

C.  

#

D.  

@@variable

Discussion 0
Question # 4

What are the scanning techniques that are used to bypass firewall rules and logging mechanisms and disguise themselves as usual network traffic?

Options:

A.  

Connect Scanning Techniques

B.  

SYN Scanning Techniques

C.  

Stealth Scanning Techniques

D.  

Port Scanning Techniques

Discussion 0
Question # 5

Which of the following policy forbids everything with strict restrictions on all usage of the company systems and network?

Options:

A.  

Information-Protection Po

B.  

Paranoid Policy

C.  

Promiscuous Policy

D.  

Prudent Policy

Discussion 0
Question # 6

To locate the firewall, SYN packet is crafted using Hping or any other packet crafter and sent to the firewall. If ICMP unreachable type 13 message (which is an admin prohibited packet) with a source IP address of the access control device is received, then it means which of the following type of firewall is in place?

Options:

A.  

Circuit level gateway

B.  

Stateful multilayer inspection firewall

C.  

Packet filter

D.  

Application level gateway

Discussion 0
Question # 7

Which type of vulnerability assessment tool provides security to the IT system by testing for vulnerabilities in the applications and operation system?

Options:

A.  

Active/Passive Tools

B.  

Application-layer Vulnerability Assessment Tools

C.  

Location/Data Examined Tools

D.  

Scope Assessment Tools

Discussion 0
Question # 8

Identify the type of firewall represented in the diagram below:

Question # 8

Options:

A.  

Stateful multilayer inspection firewall

B.  

Application level gateway

C.  

Packet filter

D.  

Circuit level gateway

Discussion 0
Question # 9

Kimberly is studying to be an IT security analyst at a vocational school in her town. The school offers many different programming as well as networking languages. What networking protocol language should she learn that routers utilize?

Options:

A.  

OSPF

B.  

BPG

C.  

ATM

D.  

UDP

Discussion 0
Question # 10

What is kept in the following directory? HKLM\SECURITY\Policy\Secrets

Options:

A.  

Service account passwords in plain text

B.  

Cached password hashes for the past 20 users

C.  

IAS account names and passwords

D.  

Local store PKI Kerberos certificates

Discussion 0
Question # 11

Transmission Control Protocol (TCP) is a connection-oriented four layer protocol. It is responsible for breaking messages into segments, re-assembling them at the destination station, and re-sending. Which one of the following protocols does not use the TCP?

Options:

A.  

Reverse Address Resolution Protocol (RARP)

B.  

HTTP (Hypertext Transfer Protocol)

C.  

SMTP (Simple Mail Transfer Protocol)

D.  

Telnet

Discussion 0
Question # 12

In a virtual test environment, Michael is testing the strength and security of BGP using multiple routers to mimic the backbone of the Internet. This project will help him write his doctoral thesis on "bringing down the Internet".

Without sniffing the traffic between the routers, Michael sends millions of RESET packets to the routers in an attempt to shut one or all of them down. After a few hours, one of the routers finally shuts itself down.

What will the other routers communicate between themselves?

Options:

A.  

More RESET packets to the affected router to get it to power back up

B.  

RESTART packets to the affected router to get it to power back up

C.  

The change in the routing fabric to bypass the affected router

D.  

STOP packets to all other routers warning of where the attack originated

Discussion 0
Question # 13

Which one of the following 802.11 types uses either FHSS or DSSS for modulation?

Options:

A.  

802.11b

B.  

802.11a

C.  

802.11n

D.  

802.11-Legacy

Discussion 0
Question # 14

Which of the following is the objective of Gramm-Leach-Bliley Act?

Options:

A.  

To ease the transfer of financial information between institutions and banks

B.  

To protect the confidentiality, integrity, and availability of data

C.  

To set a new or enhanced standards for all U.S. public company boards, management and public accounting firms

D.  

To certify the accuracy of the reported financial statement

Discussion 0
Question # 15

You work as a penetration tester for Hammond Security Consultants. You are currently working on a contract for the state government of California. Your next step is to initiate a DoS attack on their network. Why would you want to initiate a DoS attack on a system you are testing?

Options:

A.  

Use attack as a launching point to penetrate deeper into the network

B.  

Demonstrate that no system can be protected against DoS attacks

C.  

List weak points on their network

D.  

Show outdated equipment so it can be replaced

Discussion 0
Question # 16

Which one of the following tools of trade is an automated, comprehensive penetration testing product for assessing the specific information security threats to an organization?

Options:

A.  

Sunbelt Network Security Inspector (SNSI)

B.  

CORE Impact

C.  

Canvas

D.  

Microsoft Baseline Security Analyzer (MBSA)

Discussion 0
Question # 17

Identify the injection attack represented in the diagram below:

Question # 17

Options:

A.  

XPath Injection Attack

B.  

XML Request Attack

C.  

XML Injection Attack

D.  

Frame Injection Attack

Discussion 0
Question # 18

Kyle is performing the final testing of an application he developed for the accounting department. His last round of testing is to ensure that the program is as secure as possible. Kyle runs the following command. What is he testing at this point?

include

#include

int main(int argc, char *argv[])

{

char buffer[10];

if (argc < 2)

{

fprintf(stderr, "USAGE: %s string\n", argv[0]);

return 1;

}

strcpy(buffer, argv[1]);

return 0;

}

Options:

A.  

Buffer overflow

B.  

Format string bug

C.  

Kernal injection

D.  

SQL injection

Discussion 0
Question # 19

Which of the following policies states that the relevant application owner must authorize requests for additional access to specific business applications in writing to the IT Department/resource?

Options:

A.  

Special-Access Policy

B.  

User Identification and Password Policy

C.  

Personal Computer Acceptable Use Policy

D.  

User-Account Policy

Discussion 0
Question # 20

Identify the type of testing that is carried out without giving any information to the employees or administrative head of the organization.

Options:

A.  

Unannounced Testing

B.  

Double Blind Testing

C.  

Announced Testing

D.  

Blind Testing

Discussion 0
Question # 21

Which of the following statements is true about the LM hash?

Options:

A.  

Disabled in Windows Vista and 7 OSs

B.  

Separated into two 8-character strings

C.  

Letters are converted to the lowercase

D.  

Padded with NULL to 16 characters

Discussion 0
Question # 22

What is the following command trying to accomplish?

Question # 22

Options:

A.  

Verify that NETBIOS is running for the 192.168.0.0 network

B.  

Verify that TCP port 445 is open for the 192.168.0.0 network

C.  

Verify that UDP port 445 is open for the 192.168.0.0 network

D.  

Verify that UDP port 445 is closed for the 192.168.0.0 networks

Discussion 0
Question # 23

From where can clues about the underlying application environment can be collected?

Options:

A.  

From source code

B.  

From file types and directories

C.  

From executable file

D.  

From the extension of the file

Discussion 0
Question # 24

Variables are used to define parameters for detection, specifically those of your local network and/or specific servers or ports for inclusion or exclusion in rules. These are simple substitution variables set with the var keyword.

Which one of the following operator is used to define meta-variables?

Options:

A.  

“$”

B.  

“#”

C.  

“*”

D.  

“?”

Discussion 0
Question # 25

What will the following URL produce in an unpatched IIS Web Server?

Question # 25

Options:

A.  

Execute a buffer flow in the C: drive of the web server

B.  

Insert a Trojan horse into the C: drive of the web server

C.  

Directory listing of the C:\windows\system32 folder on the web server

D.  

Directory listing of C: drive on the web server

Discussion 0
Question # 26

Which of the following documents helps in creating a confidential relationship between the pen tester and client to protect critical and confidential information or trade secrets?

Options:

A.  

Penetration Testing Agreement

B.  

Rules of Behavior Agreement

C.  

Liability Insurance

D.  

Non-Disclosure Agreement

Discussion 0
Question # 27

Many security and compliance projects begin with a simple idea: assess the organization's risk, vulnerabilities, and breaches. Implementing an IT security risk assessment is critical to the overall security posture of any organization.

An effective security risk assessment can prevent breaches and reduce the impact of realized breaches.

Question # 27

What is the formula to calculate risk?

Options:

A.  

Risk = Budget x Time

B.  

Risk = Goodwill x Reputation

C.  

Risk = Loss x Exposure factor

D.  

Risk = Threats x Attacks

Discussion 0
Question # 28

Hackers today have an ever-increasing list of weaknesses in the web application structure at their disposal, which they can exploit to accomplish a wide variety of malicious tasks.

Question # 28

New flaws in web application security measures are constantly being researched, both by hackers and by security professionals. Most of these flaws affect all dynamic web applications whilst others are dependent on specific application technologies.

In both cases, one may observe how the evolution and refinement of web technologies also brings about new exploits which compromise sensitive databases, provide access to theoretically secure networks, and pose a threat to the daily operation of online businesses.

What is the biggest threat to Web 2.0 technologies?

Options:

A.  

SQL Injection Attacks

B.  

Service Level Configuration Attacks

C.  

Inside Attacks

D.  

URL Tampering Attacks

Discussion 0
Question # 29

Identify the person who will lead the penetration-testing project and be the client point of contact.

Options:

A.  

Database Penetration Tester

B.  

Policy Penetration Tester

C.  

Chief Penetration Tester

D.  

Application Penetration Tester

Discussion 0
Question # 30

Besides the policy implications of chat rooms, Internet Relay Chat (IRC) is frequented by attackers and used as a command and control mechanism. IRC normally uses which one of the following TCP ports?

Options:

A.  

6566 TCP port

B.  

6771 TCP port

C.  

6667 TCP port

D.  

6257 TCP port

Discussion 0
Get 412-79v10 dumps and pass your exam in 24 hours!

Free Exams Sample Questions