Black Friday Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Top Tips for Passing the ECCouncil 412-79v10 Exam on Your First Try

Questions 1

Simon is a former employee of Trinitron XML Inc. He feels he was wrongly terminated and wants to hack into his former company's network. Since Simon remembers some of the server names, he attempts to run the AXFR and IXFR commands using DIG.

What is Simon trying to accomplish here?

Options:

A.

Enumerate all the users in the domain

B.

Perform DNS poisoning

C.

Send DOS commands to crash the DNS servers

D.

Perform a zone transfer

Buy Now
Questions 2

During the process of fingerprinting a web application environment, what do you need to do in order to analyze HTTP and HTTPS request headers and the HTML source code?

Options:

A.

Examine Source of the Available Pages

B.

Perform Web Spidering

C.

Perform Banner Grabbing

D.

Check the HTTP and HTML Processing by the Browser

Buy Now
Questions 3

Identify the framework that comprises of five levels to guide agency assessment of their security programs and assist in prioritizing efforts for improvement:

Options:

A.

Information System Security Assessment Framework (ISSAF)

B.

Microsoft Internet Security Framework

C.

Nortells Unified Security Framework

D.

Federal Information Technology Security Assessment Framework

Buy Now
Questions 4

A framework is a fundamental structure used to support and resolve complex issues. The framework that delivers an efficient set of technologies in order to develop applications which are more secure in using Internet and Intranet is:

Options:

A.

Microsoft Internet Security Framework

B.

Information System Security Assessment Framework (ISSAF)

C.

Bell Labs Network Security Framework

D.

The IBM Security Framework

Buy Now
Questions 5

Which one of the following is a supporting tool for 802.11 (wireless) packet injections, it spoofs 802.11 packets to verify whether the access point is valid or not?

Options:

A.

Airsnort

B.

Aircrack

C.

Airpwn

D.

WEPCrack

Buy Now
Questions 6

George is the network administrator of a large Internet company on the west coast. Per corporate policy, none of the employees in the company are allowed to use FTP or SFTP programs without obtaining approval from the IT department. Few managers are using SFTP program on their computers.

Before talking to his boss, George wants to have some proof of their activity. George wants to use Ethereal to monitor network traffic, but only SFTP traffic to and from his network. What filter should George use in Ethereal?

Options:

A.

net port 22

B.

udp port 22 and host 172.16.28.1/24

C.

src port 22 and dst port 22

D.

src port 23 and dst port 23

Buy Now
Questions 7

Which of the following is developed to address security concerns on time and reduce the misuse or threat of attacks in an organization?

Options:

A.

Vulnerabilities checklists

B.

Configuration checklists

C.

Action Plan

D.

Testing Plan

Buy Now
Questions 8

Amazon, an IT based company, conducts a survey on the usage of the Internet. They found that company employees spend most of the time at work surfing the web for their personal use and for inappropriate web site viewing. Management decide to block all such web sites using URL filtering software.

412-79v10 Question 8

How can employees continue to see the blocked websites?

Options:

A.

Using session hijacking

B.

Using proxy servers

C.

Using authentication

D.

Using encryption

Buy Now
Questions 9

What is the maximum value of a “tinyint” field in most database systems?

Options:

A.

222

B.

224 or more

C.

240 or less

D.

225 or more

Buy Now
Questions 10

A penetration test will show you the vulnerabilities in the target system and the risks associated with it. An educated valuation of the risk will be performed so that the vulnerabilities can be reported as High/Medium/Low risk issues.

412-79v10 Question 10

What are the two types of ‘white-box’ penetration testing?

Options:

A.

Announced testing and blind testing

B.

Blind testing and double blind testing

C.

Blind testing and unannounced testing

D.

Announced testing and unannounced testing

Buy Now
Exam Code: 412-79v10
Exam Name: EC-Council Certified Security Analyst (ECSA) V10
Last Update: Dec 14, 2024
Questions: 201

PDF + Testing Engine

$164.99
$66

Testing Engine

$124.99
$50

PDF (Q&A)

$104.99
$42