412-79V9 Exam Practice Software
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
CERTSGRADE<br />
High Grade and Valuable Preparation Stuff<br />
Eccouncil<br />
<strong>412</strong>-<strong>79V9</strong><br />
EC-Council Certified Security Analyst (ECSA) v9<br />
For More Information – Visit link below:<br />
http://www.certsgrade.com/<br />
Version = Product<br />
Visit us athttps://www.certsgrade.com/pdf/<strong>412</strong>-79v9/
Question: 1<br />
What are the 6 core concepts in IT security?<br />
A. Server management, website domains, firewalls, IDS, IPS, and auditing<br />
B. Authentication, authorization, confidentiality, integrity, availability, and non-repudiation<br />
C. Passwords, logins, access controls, restricted domains, configurations, and tunnels<br />
D. Biometrics, cloud security, social engineering, DoS attack, viruses, and Trojans<br />
Question: 2<br />
Answer: B<br />
In Linux, /etc/shadow file stores the real password in encrypted format for user’s account with added<br />
properties associated with the user’s password.<br />
Visit us athttps://www.certsgrade.com/pdf/<strong>412</strong>-79v9/
In the example of a /etc/shadow file below, what does the bold letter string indicate?<br />
Vivek: $1$fnffc$GteyHdicpGOfffXX40w#5:13064:0:99999:7<br />
A. Number of days the user is warned before the expiration date<br />
B. Minimum number of days required between password changes<br />
C. Maximum number of days the password is valid<br />
D. Last password changed<br />
Explanation:<br />
Reference:<br />
http://www.cyberciti.biz/faq/understanding-etcshadow-file/ (bullet # 4)<br />
Question: 3<br />
Answer: B<br />
What is a difference between host-based intrusion detection systems (HIDS) and network-based<br />
intrusion detection systems (NIDS)?<br />
Visit us athttps://www.certsgrade.com/pdf/<strong>412</strong>-79v9/
A. NIDS are usually a more expensive solution to implement compared to HIDS.<br />
B. Attempts to install Trojans or backdoors cannot be monitored by a HIDS whereas NIDS can monitor<br />
and stop such intrusion events.<br />
C. NIDS are standalone hardware appliances that include network intrusion detection capabilities<br />
whereas HIDS consist of software agents installed on individual computers within the system.<br />
D. HIDS requires less administration and training compared to NIDS.<br />
Question: 4<br />
Answer: C<br />
Which vulnerability assessment phase describes the scope of the assessment, identifies and ranks the<br />
critical assets, and creates proper information protection procedures such as effective planning,<br />
scheduling, coordination, and logistics?<br />
A. Threat-Assessment Phase<br />
B. Pre-Assessment Phase<br />
C. Assessment Phase<br />
D. Post-Assessment Phase<br />
Question: 5<br />
Answer: B<br />
Visit us athttps://www.certsgrade.com/pdf/<strong>412</strong>-79v9/
Which of the following is not the SQL injection attack character?<br />
A. $<br />
B. PRINT<br />
C. #<br />
D. @@variable<br />
Answer: A<br />
Question: 6<br />
Which of the following is the objective of Gramm-Leach-Bliley Act?<br />
A. To ease the transfer of financial information between institutions and banks<br />
B. To protect the confidentiality, integrity, and availability of data<br />
C. To set a new or enhanced standards for all U.S. public company boards, management and public<br />
accounting firms<br />
D. To certify the accuracy of the reported financial statement<br />
Answer: A<br />
Explanation:<br />
Reference:<br />
http://www.itap.purdue.edu/security/policies/glb_safeguards_rule_training_general.pdf<br />
Question: 7<br />
Which of the following contents of a pen testing project plan addresses the strengths, weaknesses,<br />
opportunities, and threats involved in the project?<br />
A. Project Goal<br />
B. Success Factors<br />
C. Objectives<br />
D. Assumptions<br />
Question: 8<br />
Answer: D<br />
In a TCP packet filtering firewall, traffic is filtered based on specified session rules, such as when a<br />
session is initiated by a recognized computer.<br />
Visit us athttps://www.certsgrade.com/pdf/<strong>412</strong>-79v9/
Identify the level up to which the unknown traffic is allowed into the network stack.<br />
A. Level 5 – Application<br />
B. Level 2 – Data Link<br />
C. Level 4 – TCP<br />
D. Level 3 – Internet Protocol (IP)<br />
Answer: D<br />
Explanation:<br />
Reference:<br />
http://books.google.com.pk/books?id=KPjLAyA7HgoC&pg=PA208&lpg=PA208&dq=TCP+packet+filtering<br />
+firewall+level+up+to+which+the+unknown+traffic+is+allowed+into+the+network+stack&source=bl&ot<br />
s=zRrbchVYng&sig=q5G3T8lggTfAMNRkL7Kp0SRslHU&hl=en&sa=X&ei=5PUeVLSbC8TmaMzrgZgC&ved=<br />
0CBsQ6AEwAA#v=onepage&q=TCP%20packet%20filtering%20firewall%20level%20up%20to%20which%<br />
20the%20unknown%20traffic%20is%20allowed%20into%20the%20network%20stack&f=false<br />
Question: 9<br />
Phishing is typically carried out by email spoofing or instant messaging and it often directs users to enter<br />
details at a fake website whose look and feel are almost identical to the legitimate one.<br />
Phishing is an example of social engineering techniques used to deceive users, and exploits the poor<br />
usability of current web security technologies. Attempts to deal with the growing number of reported<br />
phishing incidents include legislation, user training, public awareness, and technical security measures.<br />
Visit us athttps://www.certsgrade.com/pdf/<strong>412</strong>-79v9/
What characteristics do phishing messages often have that may make them identifiable?<br />
A. Invalid email signatures or contact information<br />
B. Suspiciously good grammar and capitalization<br />
C. They trigger warning pop-ups<br />
D. Suspicious attachments<br />
Question: 10<br />
Answer: C<br />
Which of the following are the default ports used by NetBIOS service?<br />
A. 135, 136, 139, 445<br />
B. 134, 135, 136, 137<br />
C. 137, 138, 139, 140<br />
D. 133, 134, 139, 142<br />
Answer: A<br />
Question: 11<br />
What is the maximum value of a “tinyint” field in most database systems?<br />
A. 222<br />
Visit us athttps://www.certsgrade.com/pdf/<strong>412</strong>-79v9/
B. 224 or more<br />
C. 240 or less<br />
D. 225 or more<br />
Answer: D<br />
Explanation:<br />
Reference:<br />
http://books.google.com.pk/books?id=JUcIAAAAQBAJ&pg=SA3-PA3&lpg=SA3-<br />
PA3&dq=maximum+value+of+a+%E2%80%9Ctinyint%E2%80%9D+field+in+most+database+systems&so<br />
urce=bl&ots=NscGk--<br />
R5r&sig=1hMOYByxt7ebRJ4UEjbpxMijTQs&hl=en&sa=X&ei=pvgeVJnTCNDkaI_fgugO&ved=0CDYQ6AEw<br />
Aw#v=onepage&q=maximum%20value%20of%20a%20%E2%80%9Ctinyint%E2%80%9D%20field%20in%<br />
20most%20database%20systems&f=false<br />
Question: 12<br />
Which of the following policies states that the relevant application owner must authorize requests for<br />
additional access to specific business applications in writing to the IT Department/resource?<br />
A. Special-Access Policy<br />
B. User Identification and Password Policy<br />
C. Personal Computer Acceptable Use Policy<br />
D. User-Account Policy<br />
Question: 13<br />
Answer: B<br />
Identify the person who will lead the penetration-testing project and be the client point of contact.<br />
A. Database Penetration Tester<br />
B. Policy Penetration Tester<br />
C. Chief Penetration Tester<br />
D. Application Penetration Tester<br />
Answer: C<br />
Explanation:<br />
Reference:<br />
http://www.scribd.com/doc/133635286/LPTv4-Module-15-Pre-Penetration-Testing-Checklist-<br />
NoRestriction (page 15)<br />
Visit us athttps://www.certsgrade.com/pdf/<strong>412</strong>-79v9/
Question: 14<br />
A man enters a PIN number at an ATM machine, being unaware that the person next to him was<br />
watching. Which of the following social engineering techniques refers to this type of information theft?<br />
A. Shoulder surfing<br />
B. Phishing<br />
C. Insider Accomplice<br />
D. Vishing<br />
Question: 15<br />
Answer: A<br />
The Internet is a giant database where people store some of their most private information on the<br />
cloud, trusting that the service provider can keep it all safe. Trojans, Viruses, DoS attacks, website<br />
defacement, lost computers, accidental publishing, and more have all been sources of major leaks over<br />
the last 15 years.<br />
What is the biggest source of data leaks in organizations today?<br />
A. Weak passwords and lack of identity management<br />
B. Insufficient IT security budget<br />
C. Rogue employees and insider attacks<br />
D. Vulnerabilities, risks, and threats facing Web sites<br />
Visit us athttps://www.certsgrade.com/pdf/<strong>412</strong>-79v9/
Answer: C<br />
Question: 16<br />
Why is a legal agreement important to have before launching a penetration test?<br />
A. Guarantees your consultant fees<br />
B. Allows you to perform a penetration test without the knowledge and consent of the organization's<br />
upper management<br />
C. It establishes the legality of the penetration test by documenting the scope of the project and the<br />
consent of the company.<br />
D. It is important to ensure that the target organization has implemented mandatory security policies<br />
Answer: C<br />
Visit us athttps://www.certsgrade.com/pdf/<strong>412</strong>-79v9/
Powered by TCPDF (www.tcpdf.org)<br />
For More Information – Visit link below:<br />
http://www.certsgrade.com/<br />
PRODUCT FEATURES<br />
100% Money Back Guarantee<br />
90 Days Free updates<br />
Special Discounts on Bulk Orders<br />
Guaranteed Success<br />
50,000 Satisfied Customers<br />
100% Secure Shopping<br />
Privacy Policy<br />
Refund Policy<br />
WE ACCEPT<br />
Visit us athttps://www.certsgrade.com/pdf/<strong>412</strong>-79v9/
Change language