[Free] 2018(Jan) EnsurePass Dumpsleader ECCouncil 412-79v8 Dumps with VCE and PDF 11-20

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released 412-79v8
100% Free Download! 100% Pass Guaranteed!

EC-Council Certified Security Analyst (ECSA)

Question No: 11

What sort of vulnerability assessment approach starts by building an inventory of protocols found on the machine?

  1. Inference-based Assessment

  2. Service-based Assessment Solutions

  3. Product-based Assessment Solutions

  4. Tree-based Assessment

Answer: A Reference:http://www.businessweek.com/adsections/2005/pdf/wp_mva.pdf(page 26, first para on the page)

Question No: 12

Logs are the record of the system and network activities. Syslog protocol is used for delivering log information across an IP network. Syslog messages can be sent via which one of thefollowing?

  1. UDP and TCP

  2. TCP and SMTP

  3. SMTP

  4. UDP and SMTP

Answer: A

Question No: 13

Which one of the following components of standard Solaris Syslog isa UNIX command that is used to add single-line entries to the system log?

  1. “Logger”

  2. “/etc/syslog.conf”

  3. “Syslogd”

  4. “Syslogd.conf”

Answer: A

Question No: 14

Information gathering is performed to:

  1. Collect basic information about the target company and its network

  2. Determine the operating system used, platforms running, web server versions, etc.

  3. Find vulnerabilities and exploits

Ensurepass 2018 PDF and VCE

Which of the following pen testing tests yields information about a company’s technology infrastructure?

  1. Searching for web page posting patterns

  2. Analyzing the link popularity of the company’s website

  3. Searching for trade association directories

  4. Searching for a company’s job postings

Answer: D

Question No: 15

The Web parameter tampering attack is based on the manipulation of parameters exchanged between client and server in order to modify application data, such as user credentials and permissions, price and quantity of products, etc. Usually, this information is stored in cookies, hidden form fields, or URL Query Strings, and is used to increase application functionality and control.

This attack takes advantage of the fact that many programmers rely on hidden or fixed fields (such as a hidden tag in a form or a parameter in a URL) as the only security measure for certain operations. Attackers can easily modify these parameters to bypass the security mechanisms that rely on them.

Ensurepass 2018 PDF and VCE

What is the best way to protect web applications from parameter tampering attacks?

  1. Validating some parameters of the web application

  2. Minimizing the allowable length of parameters

  3. Using an easily guessable hashing algorithm

  4. Applying effective input field filtering parameters

Answer: D

Question No: 16

Which vulnerability assessment phase describes the scope of the assessment, identifies and ranks the critical assets, and creates proper information protection procedures such as effective planning, scheduling, coordination, and logistics?

  1. Threat-Assessment Phase

  2. Pre-Assessment Phase

  3. Assessment Phase

  4. Post-Assessment Phase

Answer: B

Question No: 17

In the TCP/IP model, thetransport layer is responsible for reliability and flow control from source to the destination. TCP provides the mechanism for flow control by allowing the sending and receiving hosts to communicate. A flow control mechanism avoids the problem

with a transmitting host overflowing the buffers in the receiving host.

Ensurepass 2018 PDF and VCE

Which of the following flow control mechanism guarantees reliable delivery of data?

  1. Sliding Windows

  2. Windowing

  3. Positive Acknowledgment with Retransmission (PAR)

  4. Synchronization

Answer: C

Reference:http://condor.depaul.edu/jkristof/technotes/tcp.html(1.1.3 Reliability)

Question No: 18

Which one of the following architectures has the drawback of internally considering the hosted services individually?

  1. Weak Screened Subnet Architecture

  2. quot;Inside Versus Outsidequot; Architecture

  3. quot;Three-Homed Firewallquot; DMZ Architecture

  4. Strong Screened-Subnet Architecture

Answer: C

Question No: 19

Besides the policy implications of chat rooms, Internet Relay Chat (IRC) is frequented by attackers and used as a command and control mechanism. IRC normally uses which one of the following TCP ports?

  1. 6566 TCP port

  2. 6771 TCP port

  3. 6667 TCP port

  4. 6257 TCP port

Answer: C

Question No: 20

Which of the following external pen testing tests reveals information on price, usernames and passwords, sessions, URL characters, special instructors, encryption used, and web page behaviors?

Ensurepass 2018 PDF and VCE

  1. Check for Directory Consistency and Page Naming Syntax of the Web Pages

  2. Examine Server Side Includes (SSI)

  3. Examine Hidden Fields

  4. Examine E-commerce and Payment Gateways Handled by the Web Server

Answer: C

Reference:http://www.scribd.com/doc/133636402/LPTv4-Module-18-External-Penetration- Testing-NoRestriction(page 71)

100% Ensurepass Free Download!
Download Free Demo:412-79v8 Demo PDF
100% Ensurepass Free Guaranteed!
412-79v8 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No