Summer Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: geek65

412-79v10 EC-Council Certified Security Analyst (ECSA) V10 Questions and Answers

Questions 4

An attacker injects malicious query strings in user input fields to bypass web service authentication mechanisms and to access back-end databases. Which of the following attacks is this?

Options:

A.

Frame Injection Attack

B.

LDAP Injection Attack

C.

XPath Injection Attack

D.

SOAP Injection Attack

Buy Now
Questions 5

Jim performed a vulnerability analysis on his network and found no potential problems. He runs another utility that executes exploits against his system to verify the results of the vulnerability test. The second utility executes five known exploits against his network in which the vulnerability analysis said were not exploitable.

What kind of results did Jim receive from his vulnerability analysis?

Options:

A.

True negatives

B.

False negatives

C.

False positives

D.

True positives

Buy Now
Questions 6

Software firewalls work at which layer of the OSI model?

Options:

A.

Data Link

B.

Network

C.

Transport

D.

Application

Buy Now
Questions 7

Harold is a security analyst who has just run the rdisk /s command to grab the backup SAM file on a computer. Where should Harold navigate on the computer to find the file?

Options:

A.

%systemroot%\LSA

B.

%systemroot%\repair

C.

%systemroot%\system32\drivers\etc

D.

%systemroot%\system32\LSA

Buy Now
Questions 8

Attackers create secret accounts and gain illegal access to resources using backdoor while bypassing the authentication procedures. Creating a backdoor is a where an attacker obtains remote access to a computer on a network.

Which of the following techniques do attackers use to create backdoors to covertly gather critical information about a target machine?

Options:

A.

Internal network mapping to map the internal network of the target machine

B.

Port scanning to determine what ports are open or in use on the target machine

C.

Sniffing to monitor all the incoming and outgoing network traffic

D.

Social engineering and spear phishing attacks to install malicious programs on the target machine

Buy Now
Questions 9

Which of the following approaches to vulnerability assessment relies on the administrator providing baseline of system configuration and then scanning continuously without incorporating any information found at the time of scanning?

Options:

A.

Service-based Assessment Solutions

B.

Product-based Assessment Solutions

C.

Tree-based Assessment

D.

Inference-based Assessment

Buy Now
Questions 10

Paulette works for an IT security consulting company that is currently performing an audit for the firm ACE Unlimited. Paulette's duties include logging on to all the company's network equipment to ensure IOS versions are up-to-date and all the other security settings are as stringent as possible.

Paulette presents the following screenshot to her boss so he can inform the clients about necessary changes need to be made. From the screenshot, what changes should the client company make?

Exhibit:

Options:

A.

The banner should not state "only authorized IT personnel may proceed"

B.

Remove any identifying numbers, names, or version information

C.

The banner should include the Cisco tech support contact information as well

D.

The banner should have more detail on the version numbers for the network equipment

Buy Now
Questions 11

Frank is working on a vulnerability assessment for a company on the West coast. The company hired Frank to assess its network security through scanning, pen tests, and vulnerability assessments. After discovering numerous known vulnerabilities detected by a temporary IDS he set up, he notices a number of items that show up as unknown but questionable in the logs. 

He looks up the behavior on the Internet, but cannot find anything related. What organization should Frank submit the log to find out if it is a new vulnerability or not?

Options:

A.

CVE

B.

IANA

C.

RIPE

D.

APIPA

Buy Now
Questions 12

Which one of the following acts related to the information security in the US fix the responsibility of management for establishing and maintaining an adequate internal control structure and procedures for financial reporting?

Options:

A.

California SB 1386

B.

Sarbanes-Oxley 2002

C.

Gramm-Leach-Bliley Act (GLBA)

D.

USA Patriot Act 2001

Buy Now
Questions 13

Which of the following policies states that the relevant application owner must authorize requests for additional access to specific business applications in writing to the IT Department/resource?

Options:

A.

Special-Access Policy

B.

User Identification and Password Policy

C.

Personal Computer Acceptable Use Policy

D.

User-Account Policy

Buy Now
Questions 14

What is the target host IP in the following command?

Options:

A.

Firewalk does not scan target hosts

B.

172.16.28.95

C.

This command is using FIN packets, which cannot scan target hosts

D.

10.10.150.1

Buy Now
Questions 15

Which of the following acts is a proprietary information security standard for organizations that handle cardholder information for the major debit, credit, prepaid, e-purse, ATM, and POS cards and applies to all entities involved in payment card processing?

Options:

A.

PIPEDA

B.

PCI DSS

C.

Human Rights Act 1998

D.

Data Protection Act 1998

Buy Now
Questions 16

An external intrusion test and analysis identify security weaknesses and strengths of the client's systems and networks as they appear from outside the client's security perimeter, usually from the Internet.

The goal of an external intrusion test and analysis is to demonstrate the existence of known vulnerabilities that could be exploited by an external attacker.

During external penetration testing, which of the following scanning techniques allow you to determine a port’s state without making a full connection to the host?

Options:

A.

XMAS Scan

B.

SYN scan

C.

FIN Scan

D.

NULL Scan

Buy Now
Questions 17

Identify the type of testing that is carried out without giving any information to the employees or administrative head of the organization.

Options:

A.

Unannounced Testing

B.

Double Blind Testing

C.

Announced Testing

D.

Blind Testing

Buy Now
Questions 18

In which of the following firewalls are the incoming or outgoing packets blocked from accessing services for which there is no proxy?

Options:

A.

Circuit level firewalls

B.

Packet filters firewalls

C.

Stateful multilayer inspection firewalls

D.

Application level firewalls

Buy Now
Questions 19

Identify the attack represented in the diagram below:

Options:

A.

Input Validation

B.

Session Hijacking

C.

SQL Injection

D.

Denial-of-Service

Buy Now
Questions 20

A WHERE clause in SQL specifies that a SQL Data Manipulation Language (DML) statement should only affect rows that meet specified criteria. The criteria are expressed in the form of predicates. WHERE clauses are not mandatory clauses of SQL DML statements, but can be used to limit the number of rows affected by a SQL DML statement or returned by a query.

A pen tester is trying to gain access to a database by inserting exploited query statements with a WHERE clause. The pen tester wants to retrieve all the entries from the database using the WHERE clause from a particular table (e.g. StudentTable).

What query does he need to write to retrieve the information?

Options:

A.

EXTRACT* FROM StudentTable WHERE roll_number = 1 order by 1000

B.

DUMP * FROM StudentTable WHERE roll_number = 1 AND 1=1—

C.

SELECT * FROM StudentTable WHERE roll_number = '' or '1' = '1‘

D.

RETRIVE * FROM StudentTable WHERE roll_number = 1'#

Buy Now
Questions 21

Identify the policy that defines the standards for the organizational network connectivity and security standards for computers that are connected in the organizational network.

Options:

A.

Information-Protection Policy

B.

Special-Access Policy

C.

Remote-Access Policy

D.

Acceptable-Use Policy

Buy Now
Questions 22

Which of the following equipment could a pen tester use to perform shoulder surfing?

Options:

A.

Binoculars

B.

Painted ultraviolet material

C.

Microphone

D.

All the above

Buy Now
Questions 23

Which of the following password hashing algorithms is used in the NTLMv2 authentication mechanism?

Options:

A.

AES

B.

DES (ECB mode)

C.

MD5

D.

RC5

Buy Now
Questions 24

If a web application sends HTTP cookies as its method for transmitting session tokens, it may be vulnerable which of the following attacks?

Options:

A.

Parameter tampering Attack

B.

Sql injection attack

C.

Session Hijacking

D.

Cross-site request attack

Buy Now
Questions 25

Which among the following information is not furnished by the Rules of Engagement (ROE) document?

Options:

A.

Techniques for data collection from systems upon termination of the test

B.

Techniques for data exclusion from systems upon termination of the test

C.

Details on how data should be transmitted during and after the test

D.

Details on how organizational data is treated throughout and after the test

Buy Now
Questions 26

Vulnerability assessment is an examination of the ability of a system or application, including current security procedures and controls, to withstand assault. It recognizes, measures, and classifies security vulnerabilities in a computer system, network, and communication channels.

A vulnerability assessment is used to identify weaknesses that could be exploited and predict the effectiveness of additional security measures in protecting information resources from attack.

Which of the following vulnerability assessment technique is used to test the web server infrastructure for any misconfiguration and outdated content?

Options:

A.

Passive Assessment

B.

Host-based Assessment

C.

External Assessment

D.

Application Assessment

Buy Now
Questions 27

In Linux, what is the smallest possible shellcode?

Options:

A.

800 bytes

B.

8 bytes

C.

80 bytes

D.

24 bytes

Buy Now
Questions 28

Jessica works as systems administrator for a large electronics firm. She wants to scan her network quickly to detect live hosts by using ICMP ECHO Requests. What type of scan is Jessica going to perform?

Options:

A.

Smurf scan

B.

Tracert

C.

Ping trace

D.

ICMP ping sweep

Buy Now
Questions 29

Amazon, an IT based company, conducts a survey on the usage of the Internet. They found that company employees spend most of the time at work surfing the web for their personal use and for inappropriate web site viewing. Management decide to block all such web sites using URL filtering software.

How can employees continue to see the blocked websites?

Options:

A.

Using session hijacking

B.

Using proxy servers

C.

Using authentication

D.

Using encryption

Buy Now
Questions 30

Many security and compliance projects begin with a simple idea: assess the organization's risk, vulnerabilities, and breaches. Implementing an IT security risk assessment is critical to the overall security posture of any organization.

An effective security risk assessment can prevent breaches and reduce the impact of realized breaches.

What is the formula to calculate risk?

Options:

A.

Risk = Budget x Time

B.

Risk = Goodwill x Reputation

C.

Risk = Loss x Exposure factor

D.

Risk = Threats x Attacks

Buy Now
Exam Code: 412-79v10
Exam Name: EC-Council Certified Security Analyst (ECSA) V10
Last Update: Jun 17, 2024
Questions: 201
412-79v10 pdf

412-79v10 PDF

$28  $80
412-79v10 Engine

412-79v10 Testing Engine

$33.25  $95
412-79v10 PDF + Engine

412-79v10 PDF + Testing Engine

$45.5  $130