[Free] 2018(Jan) EnsurePass Dumpsleader ECCouncil 412-79v8 Dumps with VCE and PDF 21-30

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released 412-79v8
100% Free Download! 100% Pass Guaranteed!

EC-Council Certified Security Analyst (ECSA)

Question No: 21

Which of the following appendices gives detailed lists of all the technical terms used in the report?

  1. Required Work Efforts

  2. References

  3. Research

  4. Glossary

Answer: D

Explanation: Refere’http://en.wikipedia.org/wiki/Glossary

Question No: 22

Firewall and DMZ architectures are characterized according to its design. Which one of the following architectures is used when routers have better high-bandwidth data stream handling capacity?

  1. Weak Screened Subnet Architecture

  2. quot;Inside Versus Outsidequot; Architecture

  3. quot;Three-Homed Firewallquot; DMZ Architecture

  4. Strong Screened-Subnet Architecture

Answer: A

Question No: 23

Vulnerability assessment is an examination of the ability of a system or application, including current security proceduresand controls, to withstand assault. It recognizes, measures, and classifies security vulnerabilities in a computer system, network, and communication channels.

A vulnerability assessment is used to identify weaknesses that could be exploited and predict the effectiveness of additional security measures in protecting information resources from attack.

Ensurepass 2018 PDF and VCE

Which of the following vulnerability assessment technique is used to test the web server infrastructure for any misconfiguration and outdated content?

  1. Passive Assessment

  2. Host-based Assessment

  3. External Assessment

  4. Application Assessment

Answer: D

Question No: 24

The SnortMain () function begins by associating a set ofhandlers for the signals, Snort receives. It does this using the signal () function. Which one of the following functions is used as a programspecific signal and the handler for this calls the DropStats() function to output the current Snort statistics?

  1. SIGUSR1




Answer: A

Question No: 25

HTTP protocol specifies that arbitrary binary characters canbe passed within the URL by using %xx notation, where #39;xx#39; is the

  1. ASCII value of the character

  2. Binary value of the character

  3. Decimal value of the character

  4. Hex value of the character

Answer: D Explanation:

https://books.google.nl/books?id=0RfANAwOUdICamp;pg=PA720amp;lpg=PA720amp;dq=”xx no tation” binaryamp;source=blamp;ots=pGMqass7tiamp;sig=rnIg1xZ78ScUvuIlTmDY3r7REucamp;hl= nlamp;sa=Xamp;ei=8C4dVYe1NorgasrzgoALamp;ved=0CEQQ6AEwBQ#v=onepageamp;q=”xx n otation” binaryamp;f=false

Question No: 26

What is a difference between host-based intrusion detection systems (HIDS) and network- based intrusion detection systems (NIDS)?

Ensurepass 2018 PDF and VCE

  1. NIDS are usually a more expensive solution to implement compared to HIDS.

  2. Attempts to install Trojans or backdoors cannot be monitored by a HIDS whereas NIDS can monitor and stop such intrusion events.

  3. NIDS are standalone hardware appliances that include network intrusion detection capabilities whereas HIDS consist of software agents installed on individual computers within the system.

  4. HIDS requires less administration and training compared to NIDS.

Answer: C

Question No: 27

A chipset is a group of integrated circuits that are designed to work together and are usually marketed as a single product.” It is generally the motherboard chips or the chips used on the expansion card. Which one of the following is well supported in most wireless applications?

  1. Orinoco chipsets

  2. Prism II chipsets

  3. Atheros Chipset

  4. Cisco chipset

Answer: B

Question No: 28

The objective of social engineering pen testing is to test the strength of human factors in a security chain within the organization. It is often used to raise the level of security awareness among employees.

Ensurepass 2018 PDF and VCE

The tester should demonstrate extreme care and professionalism during a social engineering pen test as it might involve legal issues such as violation of privacy and may result in an embarrassing situation for the organization.

Which of the following methods ofattempting social engineering is associated with bribing, handing out gifts, and becoming involved in a personal relationship to befriend someone inside the company?

  1. Accomplice social engineering technique

  2. Identity theft

  3. Dumpster diving

  4. Phishing social engineering technique

Answer: A

Question No: 29

John, the penetration testing manager in a pen testing firm, needs to prepare a pen testing pricing report for a client.

Which of the following factors does he need to consider while preparing the pen testingpricing report?

Ensurepass 2018 PDF and VCE

  1. Number of employees in the client organization

  2. Complete structure of the organization

  3. Number of client computers to be tested and resources required to perform a pen test

  4. Number of servers available in the client organization

Answer: C

Question No: 30

Which of the following scan option is able to identify the SSL services?

  1. -sS

  2. -sV

  3. -sU

  4. -sT

Answer: B

Reference:https://www.owasp.org/index.php/Testing_for_SSL-TLS_(OWASP-CM-001) (blackboxtest and example, second para)

100% Ensurepass Free Download!
Download Free Demo:412-79v8 Demo PDF
100% Ensurepass Free Guaranteed!
412-79v8 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No