[Free] 2018(Jan) EnsurePass Dumpsleader ECCouncil 412-79v8 Dumps with VCE and PDF 101-110

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released 412-79v8
100% Free Download! 100% Pass Guaranteed!

EC-Council Certified Security Analyst (ECSA)

Question No: 101

Metasploit framework in an open source platform for vulnerability research, development, and penetration testing. Which one of the following metasploit options is used to exploit multiple systems at once?

  1. NinjaDontKill

  2. NinjaHost

  3. RandomNops

  4. EnablePython

Answer: A

Question No: 102

Which of the following is an application alert returned by a web application that helps an attacker guess a valid username?

  1. Invalid username or password

  2. Account username was not found

  3. Incorrect password

  4. Username or password incorrect

Answer: C

Question No: 103

Today, most organizations would agree that their most valuable IT assets reside within applications and databases. Most would probably also agree that these are areasthat have the weakest levels of security, thus making them the prime target for malicious activity from system administrators, DBAs, contractors, consultants, partners, and customers.

Ensurepass 2018 PDF and VCE

Which of the following flaws refers to an application using poorlywritten encryption code to securely encrypt and store sensitive data in the database and allows an attacker to steal or modify weakly protected data such as credit card numbers, SSNs, and other authentication credentials?

  1. SSI injection attack

  2. Insecure cryptographic storage attack

  3. Hidden field manipulation attack

  4. Man-in-the-Middle attack

Answer: B

Question No: 104

James is testing the ability of his routers to withstand DoS attacks. James sends ICMP ECHO requests to the broadcast address ofhis network. What type of DoS attack is James testing against his network?

  1. Smurf

  2. Trinoo

  3. Fraggle

  4. SYN flood

Answer: A

Question No: 105

In Linux, /etc/shadowfile stores the real password in encrypted format for user’s account with added properties associated with the user’s password.

Ensurepass 2018 PDF and VCE

In the example of a /etc/shadow file below, what does the bold letter string indicate? Vivek: $1$fnffc$GteyHdicpGOfffXX40w#5:13064:0:99999:7

  1. Number of days the user is warned before the expiration date

  2. Minimum number of days required between password changes

  3. Maximum number of days the password is valid

  4. Last password changed

Answer: B

Reference:http://www.cyberciti.biz/faq/understanding-etcshadow-file/(bullet # 4)

Question No: 106

Rules of Engagement (ROE) document provides certain rights and restriction to the test team for performing the test and helps testers to overcome legal, federal, and policy-related restrictions to use different penetration testing tools and techniques.

Ensurepass 2018 PDF and VCE

What is the last step in preparinga Rules of Engagement (ROE) document?

  1. Conduct a brainstorming session with top management and technical teams

  2. Decide the desired depth for penetration testing

  3. Conduct a brainstorming session with top management and technical teams

  4. Have pre-contract discussions with different pen-testers

Answer: C

Question No: 107

Transmission control protocol accepts data from a data stream, divides it into chunks, and adds a TCP header creating a TCP segment.

The TCP header is the first 24 bytes of a TCP segment that contains the parameters and state of an end-to-end TCP socket. It is used to track the state of communication between two TCP endpoints.

For a connection to be established or initialized, the two hosts must synchronize. The synchronization requires each side to send its own initial sequence number and to receive a confirmation of exchange in an acknowledgment (ACK) from the other side

The below diagram shows the TCP Header format:

Ensurepass 2018 PDF and VCE

How many bits is a acknowledgement number?

  1. 16 bits

  2. 32 bits

  3. 8 bits

  4. 24 bits

Answer: B Reference:http://en.wikipedia.org/wiki/Transmission_Control_Protocol(acknowledgement number)

Question No: 108

Which of the following policies helps secure data and protects the privacy of organizational


  1. Special-Access Policy

  2. Document retentionPolicy

  3. Cryptography Policy

  4. Personal Security Policy

Answer: C

Question No: 109

An antenna is a device that is designed to transmit and receive the electromagnetic waves that are generally called radio waves. Which one of the following types of antenna is developed from waveguide technology?

  1. Leaky Wave Antennas

  2. Aperture Antennas

  3. Reflector Antenna

  4. Directional Antenna

Answer: B

Question No: 110

Which one of the following scans starts, but does not complete the TCP handshake sequence for each port selected, and it works well for direct scanning and often works well through firewalls?

  1. SYN Scan

  2. Connect() scan

  3. XMAS Scan

  4. Null Scan

Answer: A

100% Ensurepass Free Download!
Download Free Demo:412-79v8 Demo PDF
100% Ensurepass Free Guaranteed!
412-79v8 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No