[Free] 2018(Jan) EnsurePass Dumpsleader ECCouncil 412-79v8 Dumps with VCE and PDF 91-100

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released 412-79v8
100% Free Download! 100% Pass Guaranteed!

EC-Council Certified Security Analyst (ECSA)

Question No: 91

What information can be collected by dumpster diving?

  1. Sensitive documents

  2. Email messages

  3. Customer contact information

  4. All the above

Answer: A


Question No: 92

One needs to run “Scan Server Configuration” tool to allow a remote connection to Nessus from the remote Nessus clients. This tool allows the port and bound interface of the Nessus daemon tobe configured. By default, the Nessus daemon listens to connections on whichone of the following?

  1. Localhost ( and port 1241

  2. Localhost ( and port 1240

  3. Localhost ( and port 1246

  4. Localhost ( and port 1243

Answer: A

Question No: 93

Which of the following statements is true about Multi-Layer Intrusion Detection Systems (mIDSs)?

  1. Decreases consumed employee time and increases system uptime

  2. Increases detection and reaction time

  3. Increases response time

  4. Both a and c

Answer: A

Reference:http://www.symantec.com/connect/articles/multi-layer-intrusion-detection- systems(economic advantages, first para)

Question No: 94

External penetration testing is a traditional approach to penetration testing and is more focused on the servers, infrastructure and the underlying software comprising the target. Itinvolves a comprehensive analysis of publicly available information about the target, such as Web servers, Mail servers, Firewalls, and Routers.

Ensurepass 2018 PDF and VCE

Which of the following types of penetration testing is performed with no prior knowledge of the site?

  1. Blue box testing

  2. White box testing

  3. Grey box testing

  4. Black box testing

Answer: D

Reference:http://books.google.com.pk/books?id=5m6ta2fgTswCamp;pg=SA5-PA4amp;lpg=SA5- PA4amp;dq=penetration testing is performed with no prior knowledge of the siteamp;sourc e=blamp;ots=8GkmyUBH2Uamp;sig=wdBIboWxrhk5QjlQXs3yWOcuk2Qamp;hl=enamp;sa=Xamp;ei=- SgfVI2LLc3qaOa5gIgOamp;ved=0CCkQ6AEwAQ#v=onepageamp;q=penetration testing i s performed with no prior knowledge of the siteamp;f=false

Question No: 95

Passwords protect computer resources and files from unauthorized access by malicious users. Using passwords is the most capableand effective way to protect information and to increase the security level of a company.

Password cracking is the process of recovering passwords from data that have been stored in or transmitted by a computer system to gain unauthorized access to a system.

Ensurepass 2018 PDF and VCE

Which of the following password cracking attacks tries every combination of characters until the password is broken?

  1. Brute-force attack

  2. Rule-based attack

  3. Hybrid attack

  4. Dictionary attack

Answer: A


amp;dq=password cracking attacks tries every combination of characters until the pass word is brokenamp;source=blamp;ots=RKEUUo6LYjamp;sig=MPEfFBEpoO0yvOwMxYCoPQuqM5 gamp;hl=enamp;sa=Xamp;ei=ZdwdVJm3CoXSaPXsgPgMamp;ved=0CCEQ6AEwAQ#v=onepageamp;q=pa ssword cracking attacks tries every combination of characters% 20until the password is brokenamp;f=false

Question No: 96

John, a penetration tester from a pen test firm, was asked to collect information about the host file in a Windows system directory. Which of the following is the location of the host file in Window system directory?

  1. C:\Windows\System32\Boot

  2. C:\WINNT\system32\drivers\etc

  3. C:\WINDOWS\system32\cmd.exe

  4. C:\Windows\System32\restore

Answer: B

Reference:http://en.wikipedia.org/wiki/Hosts_(file) (location in the file system, see the table)

Question No: 97

The first phase of the penetration testing plan is to develop the scope of the project in consultation with the client. Pen testing test components depend on the client’s operating environment, threat perception, security and compliance requirements, ROE, and budget.Various components need to be considered for testing while developing the scope of the project.

Ensurepass 2018 PDF and VCE

Which of the following is NOT a pen testing component to be tested?

  1. System Software Security

  2. Intrusion Detection

  3. Outside Accomplices

  4. Inside Accomplices

Answer: C

Question No: 98

Amazon Consulting Corporation provides penetration testing and managed security services to companies. Legalityand regulatory compliance is one of the important components in conducting a successful security audit.

Before starting a test, one of the agreements both the parties need to sign relates to limitations, constraints, liabilities, code of conduct, and indemnification considerations between the parties.

Ensurepass 2018 PDF and VCE

Which agreement requires a signature from both the parties (the penetration tester and the company)?

  1. Non-disclosure agreement

  2. Client fees agreement

  3. Rules of engagement agreement

  4. Confidentiality agreement

Answer: C

Question No: 99

Which of the following acts is a proprietary information security standard for organizations that handle cardholder information for the major debit, credit, prepaid, e-purse, ATM, and POS cards and applies to all entitiesinvolved in payment card processing?


  2. PCI DSS

  3. Human Rights Act 1998

  4. Data Protection Act 1998

Answer: B


Question No: 100

Which one of the following tools of trade is a commercial shellcode and payload generator written in Python by Dave Aitel?

  1. Microsoft Baseline Security Analyzer (MBSA)

  2. CORE Impact

  3. Canvas

  4. Network Security Analysis Tool (NSAT)

Answer: C

100% Ensurepass Free Download!
Download Free Demo:412-79v8 Demo PDF
100% Ensurepass Free Guaranteed!
412-79v8 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.