[Free] 2018(Jan) EnsurePass Dumpsleader ECCouncil 412-79v8 Dumps with VCE and PDF 31-40

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released 412-79v8
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/412-79v8.html

EC-Council Certified Security Analyst (ECSA)

Question No: 31

Which of the following contents of a pen testing project plan addresses the strengths, weaknesses, opportunities, and threats involved in the project?

  1. Project Goal

  2. Success Factors

  3. Objectives

  4. Assumptions

Answer: D

Question No: 32

Identify the attack represented in the diagram below:

Ensurepass 2018 PDF and VCE

  1. Input Validation

  2. Session Hijacking

  3. SQL Injection

  4. Denial-of-Service

Answer: B

Reference:http://en.wikipedia.org/wiki/Session_hijacking

Question No: 33

If a web application sends HTTP cookies as its method for transmitting session tokens, it may be vulnerable which of the following attacks?

  1. Parameter tampering Attack

  2. Sql injection attack

  3. Session Hijacking

  4. Cross-site request attack

Answer: D

Reference:https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)

Question No: 34

DNS information records provide important data about:

  1. Phone and Fax Numbers

  2. Location and Type of Servers

  3. Agents Providing Service to Company Staff

  4. New Customer

Answer: B

Question No: 35

Which of the following has an offset field that specifies the length of the header and data?

  1. IP Header

  2. UDP Header

  3. ICMP Header

  4. TCP Header

Answer: D

Question No: 36

Identify the type of firewall represented in the diagram below:

Ensurepass 2018 PDF and VCE

  1. Stateful multilayer inspection firewall

  2. Applicationlevel gateway

  3. Packet filter

  4. Circuit level gateway

Answer: A

Reference:http://www.technicolorbroadbandpartner.com/getfile.php?id=4159(page 13)

Question No: 37

The firstand foremost step for a penetration test is information gathering. The main objective of this test is to gather information about the target system which can be used in a malicious manner to gain access to the target systems.

Ensurepass 2018 PDF and VCE

Which of the following information gathering terminologies refers to gathering information through social engineering on-site visits, face-to-face interviews, and direct questionnaires?

  1. Active Information Gathering

  2. Pseudonymous Information Gathering

  3. Anonymous InformationGathering

  4. Open Source or Passive Information Gathering

Answer: A

Question No: 38

One of the steps in information gathering is to run searches on a company using complex keywords in Google.

Ensurepass 2018 PDF and VCE

Which search keywords would you use in the Google search engine to find all the PowerPoint presentations containing information about a target company, ROCHESTON?

  1. ROCHESTON fileformat: ppt

  2. ROCHESTON ppt:filestring

  3. ROCHESTON filetype:ppt

  4. ROCHESTON ppt:filesearch

Answer: C

Reference:http://blog.hubspot.com/blog/tabid/6307/bid/1264/12-Quick-Tips-To-Search- Google-Like-An-Expert.aspx(specific document types)

Question No: 39

Wireless communication allows networks to extend to places that might otherwise go untouched by the wired networks. When most peoplesay ‘Wireless’ these days, they are referring to one of the 802.11 standards. There are three main 802.11 standards: B, A, and

G. Which one of the following 802.11 types uses DSSS Modulation, splitting the 2.4ghz band into channels?

A. 802.11b

B. 802.11g

C. 802.11-Legacy

D. 802.11n

Answer: A

Question No: 40

What is the difference between penetration testingand vulnerability testing?

Ensurepass 2018 PDF and VCE

  1. Penetration testing goes one step further than vulnerability testing; while vulnerability tests check for known vulnerabilities, penetration testing adopts the concept of ‘in-depth ethical hacking’

  2. Penetration testingis based on purely online vulnerability analysis while vulnerability testing engages ethical hackers to find vulnerabilities

  3. Vulnerability testing is more expensive than penetration testing

  4. Penetration testing is conducted purely for meeting compliance standards while vulnerability testing is focused on online scans

Answer: A

100% Ensurepass Free Download!
Download Free Demo:412-79v8 Demo PDF
100% Ensurepass Free Guaranteed!
412-79v8 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.