[Free] 2018(Jan) EnsurePass Dumpsleader ECCouncil 412-79v8 Dumps with VCE and PDF 41-50

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released 412-79v8
100% Free Download! 100% Pass Guaranteed!

EC-Council Certified Security Analyst (ECSA)

Question No: 41

This is a group of people hired to give details of the vulnerabilities present in the system found after a penetration test. They are elite and extremely competent penetration testers and intrusion analysts. This team prepares a report on the vulnerabilities in the system,attack methods, and how to defend against them.

Ensurepass 2018 PDF and VCE

What is this team called?

  1. Blue team

  2. Tiger team

  3. Gorilla team

  4. Lion team

Answer: B

Question No: 42

Identify the type of testing that is carried out without giving any information to the employees or administrative head of the organization.

  1. Unannounced Testing

  2. Double Blind Testing

  3. Announced Testing

  4. Blind Testing

Answer: B

Question No: 43

Which of the following methods is used to perform server discovery?

  1. Banner Grabbing

  2. Whois Lookup

  3. SQL Injection

  4. SessionHijacking

Answer: B


Question No: 44

Which among the following information is not furnished by the Rules of Engagement (ROE) document?

  1. Techniques for data collection from systems upon termination of the test

  2. Techniques for data exclusion from systems upon termination of the test

  3. Details on how data should be transmitted during and after the test

  4. Details on how organizational data is treated throughout and after the test

Answer: A

Question No: 45

Snort, an open source network-based intrusion detection sensor, is the most widely installed NIDS in the world. It can be configured to run in the four modes. Which one of the following modes reads the packets off the network and displays them in a continuous stream on the console (screen)?

  1. Packet Sniffer Mode

  2. Packet Logger Mode

  3. Network Intrusion Detection System Mode

  4. Inline Mode

Answer: A

Question No: 46

During external penetration testing, which of the following techniques uses tools like Nmap to predict the sequence numbers generated by the targeted server and use this information to perform session hijacking techniques?

  1. TCP Sequence Number Prediction

  2. IPID State Number Prediction

  3. TCP State Number Prediction

  4. IPID Sequence Number Prediction

Answer: A

Reference:http://www.scribd.com/doc/133636402/LPTv4-Module-18-External-Penetration- Testing-NoRestriction(p.43)

Question No: 47

A firewall’s decision to forward or reject traffic in network filtering is dependent upon which of the following?

  1. Destination address

  2. Port numbers

  3. Source address

  4. Protocol used

Answer: D

Reference:http://www.vicomsoft.com/learning-center/firewalls/(what does afirewall do)

Question No: 48

The amount of data stored in organizational databases has increased rapidly in recent years due to the rapid advancement of information technologies. A high percentage of these data is sensitive, private and critical to the organizations, their clients and partners.

Therefore, databases are usually installed behind internal firewalls, protected with intrusion detection mechanisms and accessed only by applications. To access a database, users have to connect to one of these applications and submit queries through them to the database. The threat to databases arises when these applications do not behave properly and construct these queries without sanitizing user inputs first.

Identify the injection attack represented in the diagram below:

Ensurepass 2018 PDF and VCE

  1. Frame Injection Attack

  2. LDAP Injection Attack

  3. XPath Injection Attack

  4. SOAP Injection Attack

Answer: B

Reference: ehttps://www.blackhat.com/presentations/bh-europe-08/Alonso- Parada/Whitepaper/bh-eu-08-alonso-parada-WP.pdf( page 3 to 5)

Question No: 49

Application security assessment is one of the activity that a pen tester performs in the attack phase. It is designed to identify and assess threats to the organization through bespoke, proprietary applications or systems. It checks the application so that a malicious user cannot access, modify, or destroy data or services within the system.

Ensurepass 2018 PDF and VCE

Identify the type of application security assessment which analyzes the application-based code to confirm that it does not contain any sensitive information that an attacker might use to exploit an application.

  1. Web Penetration Testing

  2. Functionality Testing

  3. Authorization Testing

  4. Source Code Review

Answer: D

Question No: 50

Port numbers are used to keep track of different conversations crossing the network at the same time. Both TCP and UDP use port (socket) numbers to pass information to the upper layers. Port numbers have theassigned ranges.

Ensurepass 2018 PDF and VCE

Port numbers above 1024 are considered which one of the following?

  1. Dynamically assigned port numbers

  2. Statically assigned port numbers

  3. Well-known port numbers

  4. Unregistered port numbers

Answer: A

Reference:http://stackoverflow.com/questions/136709/what-port-number-should-i-use- when-testing-connections-in-my-local-intranet-in(see post 4)

100% Ensurepass Free Download!
Download Free Demo:412-79v8 Demo PDF
100% Ensurepass Free Guaranteed!
412-79v8 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No