Dumps4cert.com : Latest Dumps with PDF and VCE Files
2018 Jan ECCouncil Official New Released 412-79v8
100% Free Download! 100% Pass Guaranteed!
http://www.Dumps4cert.com/412-79v8.html
EC-Council Certified Security Analyst (ECSA)
Question No: 21
Which of the following appendices gives detailed lists of all the technical terms used in the report?
-
Required Work Efforts
-
References
-
Research
-
Glossary
Answer: D
Explanation: Refere’http://en.wikipedia.org/wiki/Glossary
Question No: 22
Firewall and DMZ architectures are characterized according to its design. Which one of the following architectures is used when routers have better high-bandwidth data stream handling capacity?
-
Weak Screened Subnet Architecture
-
quot;Inside Versus Outsidequot; Architecture
-
quot;Three-Homed Firewallquot; DMZ Architecture
-
Strong Screened-Subnet Architecture
Answer: A
Question No: 23
Vulnerability assessment is an examination of the ability of a system or application, including current security proceduresand controls, to withstand assault. It recognizes, measures, and classifies security vulnerabilities in a computer system, network, and communication channels.
A vulnerability assessment is used to identify weaknesses that could be exploited and predict the effectiveness of additional security measures in protecting information resources from attack.
Which of the following vulnerability assessment technique is used to test the web server infrastructure for any misconfiguration and outdated content?
-
Passive Assessment
-
Host-based Assessment
-
External Assessment
-
Application Assessment
Answer: D
Question No: 24
The SnortMain () function begins by associating a set ofhandlers for the signals, Snort receives. It does this using the signal () function. Which one of the following functions is used as a programspecific signal and the handler for this calls the DropStats() function to output the current Snort statistics?
-
SIGUSR1
-
SIGTERM
-
SIGINT
-
SIGHUP
Answer: A
Question No: 25
HTTP protocol specifies that arbitrary binary characters canbe passed within the URL by using %xx notation, where #39;xx#39; is the
-
ASCII value of the character
-
Binary value of the character
-
Decimal value of the character
-
Hex value of the character
Answer: D Explanation:
https://books.google.nl/books?id=0RfANAwOUdICamp;pg=PA720amp;lpg=PA720amp;dq=”xx no tation” binaryamp;source=blamp;ots=pGMqass7tiamp;sig=rnIg1xZ78ScUvuIlTmDY3r7REucamp;hl= nlamp;sa=Xamp;ei=8C4dVYe1NorgasrzgoALamp;ved=0CEQQ6AEwBQ#v=onepageamp;q=”xx n otation” binaryamp;f=false
Question No: 26
What is a difference between host-based intrusion detection systems (HIDS) and network- based intrusion detection systems (NIDS)?
-
NIDS are usually a more expensive solution to implement compared to HIDS.
-
Attempts to install Trojans or backdoors cannot be monitored by a HIDS whereas NIDS can monitor and stop such intrusion events.
-
NIDS are standalone hardware appliances that include network intrusion detection capabilities whereas HIDS consist of software agents installed on individual computers within the system.
-
HIDS requires less administration and training compared to NIDS.
Answer: C
Question No: 27
A chipset is a group of integrated circuits that are designed to work together and are usually marketed as a single product.” It is generally the motherboard chips or the chips used on the expansion card. Which one of the following is well supported in most wireless applications?
-
Orinoco chipsets
-
Prism II chipsets
-
Atheros Chipset
-
Cisco chipset
Answer: B
Question No: 28
The objective of social engineering pen testing is to test the strength of human factors in a security chain within the organization. It is often used to raise the level of security awareness among employees.
The tester should demonstrate extreme care and professionalism during a social engineering pen test as it might involve legal issues such as violation of privacy and may result in an embarrassing situation for the organization.
Which of the following methods ofattempting social engineering is associated with bribing, handing out gifts, and becoming involved in a personal relationship to befriend someone inside the company?
-
Accomplice social engineering technique
-
Identity theft
-
Dumpster diving
-
Phishing social engineering technique
Answer: A
Question No: 29
John, the penetration testing manager in a pen testing firm, needs to prepare a pen testing pricing report for a client.
Which of the following factors does he need to consider while preparing the pen testingpricing report?
-
Number of employees in the client organization
-
Complete structure of the organization
-
Number of client computers to be tested and resources required to perform a pen test
-
Number of servers available in the client organization
Answer: C
Question No: 30
Which of the following scan option is able to identify the SSL services?
-
-sS
-
-sV
-
-sU
-
-sT
Answer: B
Reference:https://www.owasp.org/index.php/Testing_for_SSL-TLS_(OWASP-CM-001) (blackboxtest and example, second para)
100% Dumps4cert Free Download!
–Download Free Demo:412-79v8 Demo PDF
100% Dumps4cert Free Guaranteed!
–412-79v8 Dumps
Dumps4cert | ExamCollection | Testking | |
---|---|---|---|
Lowest Price Guarantee | Yes | No | No |
Up-to-Dated | Yes | No | No |
Real Questions | Yes | No | No |
Explanation | Yes | No | No |
PDF VCE | Yes | No | No |
Free VCE Simulator | Yes | No | No |
Instant Download | Yes | No | No |
100-105 Dumps VCE PDF
200-105 Dumps VCE PDF
300-101 Dumps VCE PDF
300-115 Dumps VCE PDF
300-135 Dumps VCE PDF
300-320 Dumps VCE PDF
400-101 Dumps VCE PDF
640-911 Dumps VCE PDF
640-916 Dumps VCE PDF
70-410 Dumps VCE PDF
70-411 Dumps VCE PDF
70-412 Dumps VCE PDF
70-413 Dumps VCE PDF
70-414 Dumps VCE PDF
70-417 Dumps VCE PDF
70-461 Dumps VCE PDF
70-462 Dumps VCE PDF
70-463 Dumps VCE PDF
70-464 Dumps VCE PDF
70-465 Dumps VCE PDF
70-480 Dumps VCE PDF
70-483 Dumps VCE PDF
70-486 Dumps VCE PDF
70-487 Dumps VCE PDF
220-901 Dumps VCE PDF
220-902 Dumps VCE PDF
N10-006 Dumps VCE PDF
SY0-401 Dumps VCE PDF