New Year Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Free ECCouncil 412-79v10 Practice Exam with Questions & Answers | Set: 5

Questions 41

Which of the following attacks does a hacker perform in order to obtain UDDI information such as businessEntity, businesService, bindingTemplate, and tModel?

Options:
A.

Web Services Footprinting Attack

B.

Service Level Configuration Attacks

C.

URL Tampering Attacks

D.

Inside Attacks

ECCouncil 412-79v10 Premium Access
Questions 42

Identify the person who will lead the penetration-testing project and be the client point of contact.

Options:
A.

Database Penetration Tester

B.

Policy Penetration Tester

C.

Chief Penetration Tester

D.

Application Penetration Tester

Questions 43

You work as an IT security auditor hired by a law firm in Boston. You have been assigned the responsibility to audit the client for security risks. When assessing the risk to the clients network, what step should you take first?

Options:
A.

Analyzing, categorizing and prioritizing resources

B.

Evaluating the existing perimeter and internal security

C.

Checking for a written security policy

D.

Analyzing the use of existing management and control architecture

Questions 44

You work as a penetration tester for Hammond Security Consultants. You are currently working on a contract for the state government of California. Your next step is to initiate a DoS attack on their network. Why would you want to initiate a DoS attack on a system you are testing?

Options:
A.

Use attack as a launching point to penetrate deeper into the network

B.

Demonstrate that no system can be protected against DoS attacks

C.

List weak points on their network

D.

Show outdated equipment so it can be replaced

Questions 45

What is a good security method to prevent unauthorized users from "tailgating"?

Options:
A.

Electronic key systems

B.

Man trap

C.

Pick-resistant locks

D.

Electronic combination locks

Questions 46

A firewall protects networked computers from intentional hostile intrusion that could compromise confidentiality or result in data corruption or denial of service. It examines all traffic routed between the two networks to see if it meets certain criteria. If it does, it is routed between the networks, otherwise it is stopped.

412-79v10 Question 46

Why is an appliance-based firewall is more secure than those implemented on top of the commercial operating system (Software based)?

Options:
A.

Appliance based firewalls cannot be upgraded

B.

Firewalls implemented on a hardware firewall are highly scalable

C.

Hardware appliances does not suffer from security vulnerabilities associated with the underlying operating system

D.

Operating system firewalls are highly configured

Questions 47

The first and foremost step for a penetration test is information gathering. The main objective of this test is to gather information about the target system which can be used in a malicious manner to gain access to the target systems.

412-79v10 Question 47

Which of the following information gathering terminologies refers to gathering information through social engineering on-site visits, face-to-face interviews, and direct questionnaires?

Options:
A.

Active Information Gathering

B.

Pseudonymous Information Gathering

C.

Anonymous Information Gathering

D.

Open Source or Passive Information Gathering

Questions 48

Which of the following has an offset field that specifies the length of the header and data?

Options:
A.

IP Header

B.

UDP Header

C.

ICMP Header

D.

TCP Header

Questions 49

Which of the following protocols cannot be used to filter VoIP traffic?

Options:
A.

Media Gateway Control Protocol (MGCP)

B.

Real-time Transport Control Protocol (RTCP)

C.

Session Description Protocol (SDP)

D.

Real-Time Publish Subscribe (RTPS)

Questions 50

John, the penetration testing manager in a pen testing firm, needs to prepare a pen testing pricing report for a client. Which of the following factors does he need to consider while preparing the pen testing pricing report?

412-79v10 Question 50

Options:
A.

Number of employees in the client organization

B.

Complete structure of the organization

C.

Number of client computers to be tested and resources required to perform a pen test

D.

Number of servers available in the client organization

Exam Code: 412-79v10
Certification Provider: ECCouncil
Exam Name: EC-Council Certified Security Analyst (ECSA) V10
Last Update: Mar 28, 2025
Questions: 201

ECCouncil Related Exams

How to pass ECCouncil 412-79 - EC-Council Certified Security Analyst (ECSA) Exam
How to pass ECCouncil EC0-479 - EC-Council Certified Security Analyst (ECSA) Exam
How to pass ECCouncil ECSAv10 - EC-Council Certified Security Analyst (ECSA) v10 : Penetration Testing Exam
312-82 - EC-CouncilBlockchain Fintech CertificationB|FC exam
ICS-SCADA - ICS/SCADA Cyber Security Exam
312-85 - Certified Threat Intelligence Analyst (CTIA)
ECSS - EC-Council Certified Security Specialist
312-50v13 - Certified Ethical Hacker Exam (CEHv13)
212-89 - EC Council Certified Incident Handler (ECIH v3)
312-50v12 - Certified Ethical Hacker Exam (CEHv12)
312-75 - Certified EC-Council Instructor (CEI)
312-76 - Disaster Recovery Professional Practice Test
212-81 - EC-Council Certified Encryption Specialist (ECES)
212-77 - Linux Security
EC0-350 - Ethical Hacking and Countermeasures V8
ECCouncil Free Access
Get ECCouncil Full Access

ECCouncil Free Exams
ECCouncil Free Exams
Discover free ECCouncil exam prep resources at Examstrack. Access practice tests and study materials to enhance your ECCouncil exam success.