[Free] 2018(Jan) EnsurePass Dumpsleader ECCouncil 412-79v8 Dumps with VCE and PDF 111-120

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released 412-79v8
100% Free Download! 100% Pass Guaranteed!

EC-Council Certified Security Analyst (ECSA)

Question No: 111

Traffic on which port is unusual for both the TCP and UDP ports?

  1. Port 81

  2. Port 443

  3. Port 0

  4. Port21

Answer: C

Question No: 112

War Driving is the act of moving around a specific area, mapping the population of wireless access points for statistical purposes. These statistics are then used to raise awareness of the security problems associated with these types of networks. Which one of the following is a Linux based program that exploits the weak IV (Initialization Vector) problem documented with static WEP?

  1. Airsnort

  2. Aircrack

  3. WEPCrack

  4. Airpwn

Answer: A

Question No: 113

Identify the injection attack represented in the diagram below:

Ensurepass 2018 PDF and VCE

  1. XPath Injection Attack

  2. XML Request Attack

  3. XML Injection Attack

  4. Frame Injection Attack

Answer: C

Reference:http://projects.webappsec.org/w/page/13247004/XML Injection

Question No: 114

Which one of the following is a command line tool used for capturing data from the live network and copying those packets to a file?

  1. Wireshark: Capinfos

  2. Wireshark: Tcpdump

  3. Wireshark: Text2pcap

  4. Wireshark: Dumpcap

Answer: D

Question No: 115

What is a goal of the penetration testing report?

Ensurepass 2018 PDF and VCE

  1. The penetration testing report helps you comply with local laws and regulations related

    to environmental conditions in the organization.

  2. The penetration testing report allows you to sleep better at night thinking your organization is protected

  3. The pen testing report helps executive management to make decisions on implementing security controls in the organization and helps the security team implement security controls and patch any flaws discovered during testing.

  4. The penetration testing report allows you to increase sales performance by effectively communicating with the internal security team.

Answer: C

Question No: 116

Which one of the following log analysis tools is used for analyzing the server’s log files?

  1. Performance Analysis of Logs tool

  2. Network Sniffer Interface Test tool

  3. Ka Log Analyzer tool

  4. Event Log Tracker tool

Answer: C

Question No: 117

Fuzz testing or fuzzing is a software/application testing technique used to discover coding errors and security loopholes in software, operating systems, or networks by inputting massive amounts of random data, called fuzz, to the system in anattempt to make it crash.

Fuzzers work best for problems that can cause a program to crash, such as buffer overflow, cross-site scripting, denial of service attacks, format bugs, and SQL injection.

Fuzzer helps to generate and submit a large number ofinputs supplied to the application for testing it against the inputs. This will help us to identify the SQL inputs that generate malicious output.

Suppose a pen tester knows the underlying structure of the database used by the application (i.e., name, number of columns, etc.) that she is testing.

Which of the following fuzz testing she will perform where she can supply specific data to the application to discover vulnerabilities?

  1. Clever Fuzz Testing

  2. Dumb Fuzz Testing

  3. Complete Fuzz Testing

  4. Smart Fuzz Testing

Answer: D

Question No: 118

A penetration test consists of three phases: pre-attack phase, attack phase, and post- attack phase.

Ensurepass 2018 PDF and VCE

Active reconnaissance which includes activities such as network mapping, web profiling, and perimeter mapping is a part which phase(s)?

  1. Post-attack phase

  2. Pre-attack phase and attack phase

  3. Attack phase

  4. Pre-attack phase

Answer: D Reference:https://www.duo.uio.no/bitstream/handle/10852/34904/Shrestha- masterthesis.pdf?sequence=1(page 28, first para)

Question No: 119

Which of the following documents helps in creating a confidential relationship between the pen tester and client to protect critical and confidential information or trade secrets?

  1. Penetration Testing Agreement

  2. Rules of Behavior Agreement

  3. Liability Insurance

  4. Non-Disclosure Agreement

Answer: D

Question No: 120

Amazon, an IT based company, conducts a survey on the usage of the Internet. They found that company employees spend most of the time at work surfing the web for their personal use and for inappropriate web site viewing. Management decide to block all such web sites using URL filtering software.

Ensurepass 2018 PDF and VCE

How can employees continue to see the blocked websites?

  1. Using session hijacking

  2. Using proxy servers

  3. Using authentication

  4. Using encryption

Answer: B

100% Ensurepass Free Download!
Download Free Demo:412-79v8 Demo PDF
100% Ensurepass Free Guaranteed!
412-79v8 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.