Black Friday Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Top Tips for Passing the ECCouncil 412-79v10 Exam on Your First Try

Questions 51

Which of the following reports provides a summary of the complete pen testing process, its outcomes, and recommendations?

Options:

A.

Vulnerability Report

B.

Executive Report

C.

Client-side test Report

D.

Host Report

Buy Now
Questions 52

ARP spoofing is a technique whereby an attacker sends fake ("spoofed") Address Resolution Protocol (ARP) messages onto a Local Area Network. Generally, the aim is to associate the attacker's MAC address with the IP address of another host (such as the default gateway), causing any traffic meant for that IP address to be sent to the attacker instead.

ARP spoofing attack is used as an opening for other attacks.

412-79v10 Question 52

What type of attack would you launch after successfully deploying ARP spoofing?

Options:

A.

Parameter Filtering

B.

Social Engineering

C.

Input Validation

D.

Session Hijacking

Buy Now
Questions 53

What operating system would respond to the following command?

412-79v10 Question 53

Options:

A.

Mac OS X

B.

Windows XP

C.

Windows 95

D.

FreeBSD

Buy Now
Questions 54

Which of the following are the default ports used by NetBIOS service?

Options:

A.

135, 136, 139, 445

B.

134, 135, 136, 137

C.

137, 138, 139, 140

D.

133, 134, 139, 142

Buy Now
Questions 55

Firewall and DMZ architectures are characterized according to its design. Which one of the following architectures is used when routers have better high-bandwidth data stream handling capacity?

Options:

A.

Weak Screened Subnet Architecture

B.

"Inside Versus Outside" Architecture

C.

"Three-Homed Firewall" DMZ Architecture

D.

Strong Screened-Subnet Architecture

Buy Now
Questions 56

What are the 6 core concepts in IT security?

412-79v10 Question 56

Options:

A.

Server management, website domains, firewalls, IDS, IPS, and auditing

B.

Authentication, authorization, confidentiality, integrity, availability, and non-repudiation

C.

Passwords, logins, access controls, restricted domains, configurations, and tunnels

D.

Biometrics, cloud security, social engineering, DoS attack, viruses, and Trojans

Buy Now
Questions 57

Which one of the following acts related to the information security in the US fix the responsibility of management for establishing and maintaining an adequate internal control structure and procedures for financial reporting?

Options:

A.

California SB 1386

B.

Sarbanes-Oxley 2002

C.

Gramm-Leach-Bliley Act (GLBA)

D.

USA Patriot Act 2001

Buy Now
Questions 58

Identify the type of firewall represented in the diagram below:

412-79v10 Question 58

Options:

A.

Stateful multilayer inspection firewall

B.

Application level gateway

C.

Packet filter

D.

Circuit level gateway

Buy Now
Questions 59

Which among the following information is not furnished by the Rules of Engagement (ROE) document?

Options:

A.

Techniques for data collection from systems upon termination of the test

B.

Techniques for data exclusion from systems upon termination of the test

C.

Details on how data should be transmitted during and after the test

D.

Details on how organizational data is treated throughout and after the test

Buy Now
Questions 60

Which of the following contents of a pen testing project plan addresses the strengths, weaknesses, opportunities, and threats involved in the project?

Options:

A.

Project Goal

B.

Success Factors

C.

Objectives

D.

Assumptions

Buy Now