EC-COUNCIL EC-Council Certified Security Analyst (ECSA) - 412-79 Exam Practice Test

Which of the following has an offset field that specifies the length of the header and data?

Correct Answer: C Vote an answer
What are the 6 core concepts in IT security?

Correct Answer: D Vote an answer
John, the penetration tester in a pen test firm, was asked to find whether NTP services are opened on the target network (10.0.0.7) using Nmap tool.

Which one of the following Nmap commands will he use to find it?

Correct Answer: A Vote an answer
Nessus can test a server or a network for DoS vulnerabilities. Which one of the following script tries to kill a service?

Correct Answer: A Vote an answer
Which of the following attacks is an offline attack?

Correct Answer: C Vote an answer
In the context of penetration testing, what does blue teaming mean?

Correct Answer: A Vote an answer
Firewall and DMZ architectures are characterized according to its design. Which one of the following architectures is used when routers have better high-bandwidth data stream handling capacity?

Correct Answer: C Vote an answer
Which one of the following is a command line tool used for capturing data from the live network and copying those packets to a file?

Correct Answer: D Vote an answer
In Linux, /etc/shadow file stores the real password in encrypted format for user's account with added properties associated with the user's password.

In the example of a /etc/shadow file below, what does the bold letter string indicate?
Vivek: $1$fnffc$GteyHdicpGOfffXX40w#5:13064:0:99999:7

Correct Answer: C Vote an answer
The IP protocol was designed for use on a wide variety of transmission links. Although the maximum length of an IP datagram is 64K, most transmission links enforce a smaller maximum packet length limit, called a MTU.
The value of the MTU depends on the type of the transmission link. The design of IP accommodates MTU differences by allowing routers to fragment IP datagrams as necessary. The receiving station is responsible for reassembling the fragments back into the original full size IP datagram.
IP fragmentation involves breaking a datagram into a number of pieces that can be reassembled later. The IP source, destination, identification, total length, and fragment offset fields in the IP header, are used for IP fragmentation and reassembly.

The fragment offset is 13 bits and indicates where a fragment belongs in the original IP datagram. This value is a:

Correct Answer: A Vote an answer
Which of the following approaches to vulnerability assessment relies on the administrator providing baseline of system configuration and then scanning continuously without incorporating any information found at the time of scanning?

Correct Answer: D Vote an answer
Which of the following is an ARP cache poisoning technique aimed at network switches?

Correct Answer: D Vote an answer
Black-box testing is a method of software testing that examines the functionality of an application (e.g. what the software does) without peering into its internal structures or workings. Black-box testing is used to detect issues in SQL statements and to detect SQL injection vulnerabilities.

Most commonly, SQL injection vulnerabilities are a result of coding vulnerabilities during the Implementation/Development phase and will likely require code changes.
Pen testers need to perform this testing during the development phase to find and fix the SQL injection vulnerability.
What can a pen tester do to detect input sanitization issues?

Correct Answer: C Vote an answer
Identify the type of testing that is carried out without giving any information to the employees or administrative head of the organization.

Correct Answer: D Vote an answer
Which one of the following is false about Wireshark? (Select all that apply)

Correct Answer: A Vote an answer

Contact Us

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Our Working Time: ( GMT 0:00-15:00 ) From Monday to Saturday

Support: Contact now 

日本語 Deutsch 繁体中文 한국어