ECCouncil 412-79v8-Exam Certification Exam Material - Free Download and Guaranteed Pass
Exam code : 412-79v8
Exam name : EC-Council Certified Security Analyst (ECSA)
Which of the following password cracking techniques is used when the attacker has some
information about the password?
A. Hybrid Attack
B. Dictionary Attack
C. Syllable Attack
D. Rule-based Attack
Answer: D
Reference:http://202.154.59.182/mfile/files/Information%20System/Computer%20Forensics
%3B%20Hard%20Disk%20and%20Operating%20Systems/CHAPTER%207%20Applicatio
n%20Password%20Crackers.pdf(page 4, rule-based attack)
Which of the following is an application alert returned by a web application that helps an
attacker guess a valid username?
A. Invalid username or password
B. Account username was not found
C. Incorrect password
D. Username or password incorrect
Answer: C
A pen tester has extracted a database name by using a blind SQL injection. Now he begins
to test the table inside the database using the below query and finds the table:
http://juggyboy.com/page.aspx?id=1; IF (LEN(SELECT TOP 1 NAME from sysobjects
where xtype='U')=3) WAITFOR DELAY '00:00:10'--
http://juggyboy.com/page.aspx?id=1; IF (ASCII(lower(substring((SELECT TOP 1 NAME
from sysobjects where xtype=char(85)),1,1)))=101) WAITFOR DELAY '00:00:10'--
http://juggyboy.com/page.aspx?id=1; IF (ASCII(lower(substring((SELECT TOP 1 NAME
from sysobjects where xtype=char(85)),2,1)))=109) WAITFOR DELAY '00:00:10'--
http://juggyboy.com/page.aspx?id=1; IF (ASCII(lower(substring((SELECT TOP 1 NAME
from sysobjects where xtype=char(85)),3,1)))=112) WAITFOR DELAY '00:00:10'—
What is the table name?
A. CTS
B. QRT
C. EMP
D. ABC
Answer: C
When you are running a vulnerability scan on a network and the IDS cuts off your
connection, what type of IDS is beingused?
A. Passive IDS
B. Active IDS
C. Progressive IDS
D. NIPS
Answer: B
HTTP protocol specifies that arbitrary binary characters can be passed within the URL by
using %xx notation, where 'xx' is the
A. ASCII value of the character
B. Binary value of the character
C. Decimal value of the character
D. Hex value of the character
Answer: C
Which of the following appendices gives detailed lists of all the technical terms used in the
report?
A. Required Work Efforts
B. References
C. Research
D. Glossary
Answer: D
Explanation: Refere’http://en.wikipedia.org/wiki/Glossary
An external intrusion test and analysis identify security weaknesses and strengths of the
client's systems and networks as they appear from outside the client's security perimeter,
usually from the Internet. The goal of an external intrusion test and analysis is to
demonstrate the existence of known vulnerabilities that could be exploited by an external
attacker.
During external penetration testing, which of the following scanning techniques allow you to
determine a port’s state without making a full connection to the host?
A. XMAS Scan
B. SYN scan
C. FIN Scan
D. NULL Scan
Answer: B
Passwords protect computer resources and files from unauthorized access by malicious
users. Using passwords is the most capable and effective way to protect information and to
increase the security level of a company.
Password cracking is the process of recovering passwords from data that have been stored
in or transmitted by a computer system to gain unauthorized access to a system.
Which of the following password cracking attacks tries every combination of characters
until the password is broken?
A. Brute-force attack
B. Rule-based attack
C. Hybrid attack
D. Dictionary attack
Answer: A
Reference:http://books.google.com.pk/books?id=m2qZNW4dcyIC&pg=PA237&lpg=PA237
&dq=password+cracking+attacks+tries+every+combination+of+characters+until+the+pass
word+is+broken&source=bl&ots=RKEUUo6LYj&sig=MPEfFBEpoO0yvOwMxYCoPQuqM5
g&hl=en&sa=X&ei=ZdwdVJm3CoXSaPXsgPgM&ved=0CCEQ6AEwAQ#v=onepage&q=pa
ssword%20cracking%20attacks%20tries%20every%20combination%20of%20characters%
20until%20the%20password%20is%20broken&f=false
Rules of Engagement (ROE) document provides certain rights and restriction to the test
team for performing the test and helps testers to overcome legal, federal, and policy-related
restrictions to use different penetration testing tools and techniques.
What is the last step in preparing a Rules of Engagement (ROE) document?
A. Conduct a brainstorming session with top management and technical teams
B. Decide the desired depth for penetration testing
C. Conduct a brainstorming session with top management and technical teams
D. Have pre-contract discussions with different pen-testers
Answer: B
Which of the following is a framework of open standards developed by the Internet
Engineering Task Force (IETF) that provides secure transmission of the sensitive data over
an unprotected medium, such as the Internet?
A. DNSSEC
B. Netsec
C. IKE
D. IPsec
Answer: D
Reference:http://www.cisco.com/c/en/us/td/docs/net_mgmt/vpn_solutions_center/2-
0/ip_security/provisioning/guide/IPsecPG1.html
Mason is footprinting an organization to gather competitive intelligence. He visits the
company's website for contact information and telephone numbers but does not find any.
He knows the entire staff directory was listed on their website 12 months. How can he find
the directory?
A. Visit Google’s search engine and view the cached copy
B. Crawl and download the entire website using the Surfoffline tool and save them to his
computer
C. Visit the company's partners’ and customers' website for this information
D. Use WayBackMachine in Archive.org web site to retrieve the Internet archive
Answer: D
Application security assessment is one of the activity that a pen tester performs in the
attack phase. It is designed to identify and assess threats to the organization through
bespoke, proprietary applications or systems. It checks the application so that a malicious
user cannot access, modify, or destroy data or services within the system.
Identify the type of application security assessment which analyzes the application-based
code to confirm that it does not contain any sensitive information that an attacker might use
to exploit an application.
A. Web Penetration Testing
B. Functionality Testing
C. Authorization Testing
D. Source Code Review
Answer: D
Which of the following is not a characteristic of a firewall?
A. Manages public access to private networked resources
B. Routes packets between the networks
C. Examines all traffic routed between the two networks to see if it meets certain criteria
D. Filters only inbound traffic but not outbound traffic
Answer: B
The IP protocol was designed for use on a wide variety of transmission links. Although the
maximum length of an IP datagram is 64K, most transmission links enforce a smaller
maximum packet length limit, called a MTU.
The value of the MTU depends on the type of the transmission link. The design of IP
accommodates MTU differences by allowing routers to fragment IP datagrams as
necessary. The receiving station is responsible for reassembling the fragments back into
the original full size IP datagram.
IP fragmentation involves breaking a datagram into a number of pieces that can be
reassembled later. The IP source, destination, identification, total length, and fragment
offset fields in the IP header, are used for IP fragmentation and reassembly.
The fragment offset is 13 bits and indicates where a fragment belongs in the original IP
datagram. This value is a:
A. Multiple of four bytes
B. Multiple of two bytes
C. Multiple of eight bytes
D. Multiple of six bytes
Answer: C
Reference:http://www.freesoft.org/CIE/Course/Section3/7.htm(fragment offset: 13 bits)
From where can clues about the underlying application environment can be collected?
A. From the extension of the file
B. From executable file
C. From file types and directories
D. From source code
Answer: D
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment