EC-Council 412-79V10 EC-Council Certified Security Analyst (ECSA) V10 Online Training
EC-Council 412-79V10 Online Training
The questions for 412-79V10 were last updated at Nov 22,2024.
- Exam Code: 412-79V10
- Exam Name: EC-Council Certified Security Analyst (ECSA) V10
- Certification Provider: EC-Council
- Latest update: Nov 22,2024
Which of the following pen testing reports provides detailed information about all the tasks performed during penetration testing?
- A . Client-Side Test Report
- B . Activity Report
- C . Host Report
- D . Vulnerability Report
The IP protocol was designed for use on a wide variety of transmission links. Although the maximum length of an IP datagram is 64K, most transmission links enforce a smaller maximum packet length limit, called a MTU.
The value of the MTU depends on the type of the transmission link. The design of IP accommodates MTU differences by allowing routers to fragment IP datagrams as necessary. The receiving station is responsible for reassembling the fragments back into the original full size IP datagram.
IP fragmentation involves breaking a datagram into a number of pieces that can be reassembled later. The IP source, destination, identification, total length, and fragment offset fields in the IP header, are used for IP fragmentation and reassembly.
The fragment offset is 13 bits and indicates where a fragment belongs in the original IP datagram.
This value is a:
- A . Multiple of four bytes
- B . Multiple of two bytes
- C . Multiple of eight bytes
- D . Multiple of six bytes
The Web parameter tampering attack is based on the manipulation of parameters exchanged between client and server in order to modify application data, such as user credentials and permissions, price and quantity of products, etc.
Usually, this information is stored in cookies, hidden form fields, or URL Query Strings, and is used to increase application functionality and control. This attack takes advantage of the fact that many programmers rely on hidden or fixed fields (such as a hidden tag in a form or a parameter in a URL) as the only security measure for certain operations.
Attackers can easily modify these parameters to bypass the security mechanisms that rely on them.
What is the best way to protect web applications from parameter tampering attacks?
- A . Validating some parameters of the web application
- B . Minimizing the allowable length of parameters
- C . Using an easily guessable hashing algorithm
- D . Applying effective input field filtering parameters
Which one of the following scans starts, but does not complete the TCP handshake sequence for each port selected, and it works well for direct scanning and often works well through firewalls?
- A . SYN Scan
- B . Connect() scan
- C . XMAS Scan
- D . Null Scan
The first and foremost step for a penetration test is information gathering. The main objective of this test is to gather information about the target system which can be used in a malicious manner to gain access to the target systems.
Which of the following information gathering terminologies refers to gathering information through social engineering on-site visits, face-to-face interviews, and direct questionnaires?
- A . Active Information Gathering
- B . Pseudonymous Information Gathering
- C . Anonymous Information Gathering
- D . Open Source or Passive Information Gathering
You are running known exploits against your network to test for possible vulnerabilities. To test the strength of your virus software, you load a test network to mimic your production network. Your software successfully blocks some simple macro and encrypted viruses.
You decide to really test the software by using virus code where the code rewrites itself entirely and the signatures change from child to child, but the functionality stays the same.
What type of virus is this that you are testing?
- A . Metamorphic
- B . Oligomorhic
- C . Polymorphic
- D . Transmorphic
Which of the following statements is true about Multi-Layer Intrusion Detection Systems (mIDSs)?
- A . Decreases consumed employee time and increases system uptime
- B . Increases detection and reaction time
- C . Increases response time
- D . Both Decreases consumed employee time and increases system uptime and Increases response time
Paulette works for an IT security consulting company that is currently performing an audit for the firm ACE Unlimited. Paulette’s duties include logging on to all the company’s network equipment to ensure IOS versions are up-to-date and all the other security settings are as stringent as possible.
Paulette presents the following screenshot to her boss so he can inform the clients about necessary changes need to be made. From the screenshot, what changes should the client company make?
Exhibit:
- A . The banner should not state "only authorized IT personnel may proceed"
- B . Remove any identifying numbers, names, or version information
- C . The banner should include the Cisco tech support contact information as well
- D . The banner should have more detail on the version numbers for the network equipment
Which of the following statements is true about the LM hash?
- A . Disabled in Windows Vista and 7 OSs
- B . Separated into two 8-character strings
- C . Letters are converted to the lowercase
- D . Padded with NULL to 16 characters
Which of the following is NOT related to the Internal Security Assessment penetration testing strategy?
- A . Testing to provide a more complete view of site security
- B . Testing focused on the servers, infrastructure, and the underlying software, including the target
- C . Testing including tiers and DMZs within the environment, the corporate network, or partner company connections
- D . Testing performed from a number of network access points representing each logical and physical segment
Latest 412-79V10 Dumps Valid Version with 201 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
