Black Friday Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Top Tips for Passing the ECCouncil 412-79v10 Exam on Your First Try

Questions 21

Metasploit framework in an open source platform for vulnerability research, development, and penetration testing. Which one of the following metasploit options is used to exploit multiple systems at once?

Options:

A.

NinjaDontKill

B.

NinjaHost

C.

RandomNops

D.

EnablePython

Buy Now
Questions 22

You are trying to locate Microsoft Outlook Web Access Default Portal using Google search on the Internet. What search string will you use to locate them?

Options:

A.

intitle:"exchange server"

B.

outlook:"search"

C.

locate:"logon page"

D.

allinurl:"exchange/logon.asp"

Buy Now
Questions 23

Which one of the following Snort logger mode commands is associated to run a binary log file through Snort in sniffer mode to dump the packets to the screen?

Options:

A.

./snort -dvr packet.log icmp

B.

./snort -dev -l ./log

C.

./snort -dv -r packet.log

D.

./snort -l ./log –b

Buy Now
Questions 24

A firewall’s decision to forward or reject traffic in network filtering is dependent upon which of the following?

Options:

A.

Destination address

B.

Port numbers

C.

Source address

D.

Protocol used

Buy Now
Questions 25

The objective of this act was to protect consumers personal financial information held by financial institutions and their service providers.

Options:

A.

HIPAA

B.

Sarbanes-Oxley 2002

C.

Gramm-Leach-Bliley Act

D.

California SB 1386a

Buy Now
Questions 26

To locate the firewall, SYN packet is crafted using Hping or any other packet crafter and sent to the firewall. If ICMP unreachable type 13 message (which is an admin prohibited packet) with a source IP address of the access control device is received, then it means which of the following type of firewall is in place?

Options:

A.

Circuit level gateway

B.

Stateful multilayer inspection firewall

C.

Packet filter

D.

Application level gateway

Buy Now
Questions 27

Which of the following acts is a proprietary information security standard for organizations that handle cardholder information for the major debit, credit, prepaid, e-purse, ATM, and POS cards and applies to all entities involved in payment card processing?

Options:

A.

PIPEDA

B.

PCI DSS

C.

Human Rights Act 1998

D.

Data Protection Act 1998

Buy Now
Questions 28

Which of the following attributes has a LM and NTLMv1 value as 64bit + 64bit + 64bit and NTLMv2 value as 128 bits?

Options:

A.

Hash Key Length

B.

C/R Value Length

C.

C/R Key Length

D.

Hash Value Length

Buy Now
Questions 29

A pen tester has extracted a database name by using a blind SQL injection. Now he begins to test the table inside the database using the below query and finds the table:

http://juggyboy.com/page.aspx?id=1; IF (LEN(SELECT TOP 1 NAME from sysobjects where xtype='U')=3) WAITFOR DELAY '00:00:10'--

http://juggyboy.com/page.aspx?id=1; IF (ASCII(lower(substring((SELECT TOP 1 NAME from sysobjects where xtype=char(85)),1,1)))=101) WAITFOR DELAY '00:00:10'--

http://juggyboy.com/page.aspx?id=1; IF (ASCII(lower(substring((SELECT TOP 1 NAME from sysobjects where xtype=char(85)),2,1)))=109) WAITFOR DELAY '00:00:10'--

http://juggyboy.com/page.aspx?id=1; IF (ASCII(lower(substring((SELECT TOP 1 NAME from sysobjects where xtype=char(85)),3,1)))=112) WAITFOR DELAY '00:00:10'—

What is the table name?

Options:

A.

CTS

B.

QRT

C.

EMP

D.

ABC

Buy Now
Questions 30

Rule of Engagement (ROE) is the formal permission to conduct a pen-test. It provides top-level guidance for conducting the penetration testing. Various factors are considered while preparing the scope of ROE which clearly explain the limits associated with the security test.

412-79v10 Question 30

Which of the following factors is NOT considered while preparing the scope of the Rules of Engagment (ROE)?

Options:

A.

A list of employees in the client organization

B.

A list of acceptable testing techniques

C.

Specific IP addresses/ranges to be tested

D.

Points of contact for the penetration testing team

Buy Now
Exam Code: 412-79v10
Exam Name: EC-Council Certified Security Analyst (ECSA) V10
Last Update: Dec 4, 2024
Questions: 201

PDF + Testing Engine

$164.99
$66

Testing Engine

$124.99
$50

PDF (Q&A)

$104.99
$42