New Year Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Free ECCouncil EC0-479 Practice Exam with Questions & Answers | Set: 2

Questions 11

What are the security risks of running a "repair" installation for Windows XP?

Options:
A.

There are no security risks when running the "repair" installation for Windows XP

B.

Pressing Shift+F1 gives the user administrative rights

C.

Pressing Ctrl+F10 gives the user administrative rights

D.

Pressing Shift+F10 gives the user administrative rights

ECCouncil EC0-479 Premium Access
Questions 12

George is the network administrator of a large Internet company on the west coast. Per corporate policy, none of the employees in the company are allowed to use FTP or SFTP programs without obtaining approval from the IT department. Few managers are using SFTP program on their computers. Before talking to his boss, George wants to have some proof of their activity.

George wants to use Ethereal to monitor network traffic, but only SFTP traffic to and from his network. What filter should George use in Ethereal?

Options:
A.

net port 22

B.

udp port 22 and host 172.16.28.1/24

C.

src port 22 and dst port 22

D.

src port 23 and dst port 23

Questions 13

You are running known exploits against your network to test for possible vulnerabilities. To test the strength of your virus software, you load a test network to mimic your production network. Your software successfully blocks some simple macro and encrypted viruses. You decide to really test the software by using virus code where the code rewrites itself entirely and the signatures change from child to child, but the functionality stays the same. What type of virus is this that you are testing?

Options:
A.

Metamorphic

B.

Oligomorhic

C.

Polymorphic

D.

Transmorphic

Questions 14

Jonathan is a network administrator who is currently testing the internal security of his network. He is attempting to hijack a session, using Ettercap, of a user connected to his Web server. Why will Jonathan not succeed?

Options:
A.

Only an HTTPS session can be hijacked

B.

Only DNS traffic can be hijacked

C.

Only FTP traffic can be hijacked

D.

HTTP protocol does not maintain session

Questions 15

To make sure the evidence you recover and analyze with computer forensics software can be admitted in court, you must test and validate the software. What group is actively providing tools and creating procedures for testing and validating computer forensics software ?

Options:
A.

Computer Forensics Tools and Validation Committee (CFTVC)

B.

Association of Computer Forensics Software Manufactures (ACFSM)

C.

National Institute of Standards and Technology (NIST)

D.

Society for Valid Forensics Tools and Testing (SVFTT)

Questions 16

When conducting computer forensic analysis, you must guard against ______________ So that you remain focused on the primary job and insure that the level of work does not increase beyond what was originally expecteD.

Options:
A.

Hard Drive Failure

B.

Scope Creep

C.

Unauthorized expenses

D.

Overzealous marketing

Questions 17

The rule of thumb when shutting down a system is to pull the power plug. However, it has certain drawbacks. Which of the following would that be?

Options:
A.

Any data not yet flushed to the system will be lost

B.

All running processes will be lost

C.

The /tmp directory will be flushed

D.

Power interruption will corrupt the pagefile

Questions 18

Sectors in hard disks typically contain how many bytes?

Options:
A.

256

B.

512

C.

1024

D.

2048

Questions 19

Microsoft Outlook maintains email messages in a proprietary format in what type of file?

Options:
A.

.email

B.

.mail

C.

.pst

D.

.doc

Questions 20

What method of computer forensics will allow you to trace all ever-established user accounts on a Windows 2000 sever the course of its lifetime?

Options:
A.

forensic duplication of hard drive

B.

analysis of volatile data

C.

comparison of MD5 checksums

D.

review of SIDs in the Registry

Exam Code: EC0-479
Certification Provider: ECCouncil
Exam Name: EC-Council Certified Security Analyst (ECSA)
Last Update: Mar 28, 2025
Questions: 232

ECCouncil Related Exams

How to pass ECCouncil 412-79 - EC-Council Certified Security Analyst (ECSA) Exam
How to pass ECCouncil 412-79v10 - EC-Council Certified Security Analyst (ECSA) V10 Exam
How to pass ECCouncil ECSAv10 - EC-Council Certified Security Analyst (ECSA) v10 : Penetration Testing Exam
112-51 - Network Defense Essentials (NDE) Exam
312-38 - Certified Network Defender (CND)
212-77 - Linux Security
312-76 - Disaster Recovery Professional Practice Test
312-75 - Certified EC-Council Instructor (CEI)
312-50 - Certified Ethical Hacker Exam
312-49v9 - Computer Hacking Forensic Investigator (v9)
312-40 - EC-Council Certified Cloud Security Engineer (CCSE)
212-81 - EC-Council Certified Encryption Specialist (ECES)
312-39 - Certified SOC Analyst (CSA)
312-49v10 - Computer Hacking Forensic Investigator (CHFI-v10)
312-50v13 - Certified Ethical Hacker Exam (CEHv13)
ECCouncil Free Access
Get ECCouncil Full Access

ECCouncil Free Exams
ECCouncil Free Exams
Discover free ECCouncil exam prep resources at Examstrack. Access practice tests and study materials to enhance your ECCouncil exam success.