1. Home
  2. EC-COUNCIL
  3. 412-79

EC-Council Certified Security Analyst (ECSA)

Exam Details

  • Exam Code
    :412-79
  • Exam Name
    :EC-Council Certified Security Analyst (ECSA)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :232 Q&As
  • Last Updated
    :Apr 03, 2025

EC-COUNCIL EC-COUNCIL Certifications 412-79 Questions & Answers

  • Question 131:

    If you come across a sheepdip machine at your client site, what would you infer?

    A. Asheepdip coordinates several honeypots

    B. Asheepdip computer is another name for a honeypot

    C. Asheepdip computer is used only for virus-checking.

    D. Asheepdip computer defers a denial of service attack

  • Question 132:

    In a computer forensics investigation, what describes the route that evidence takes from the time you find it until the case is closed or goes to court?

    A. rules of evidence

    B. law of probability

    C. chain of custody

    D. policy of separation

  • Question 133:

    You are trying to locate Microsoft Outlook Web Access Default Portal using Google search on the Internet. What search string will you use to locate them?

    A. outlook:"search"

    B. allinurl:"exchange/logon.asp"

    C. locate:"logon page"

    D. intitle:"exchange server"

  • Question 134:

    What are the security risks of running a "repair" installation for Windows XP?

    A. Pressing Shift+F10 gives the user administrative rights

    B. Pressing Ctrl+F10 gives the user administrative rights

    C. There are no security risks when running the "repair" installation for Windows XP

    D. Pressing Shift+F1 gives the user administrative rights

  • Question 135:

    What will the following command produce on a website login page?What will the following command produce on a website? login page?

    SELECT email, passwd, login_id, full_name FROM members WHERE email = '[email protected]'; DROP TABLE members; --'

    A. This command will not produce anything since the syntax is incorrect

    B. Inserts the Error! Reference source not found. email address into the members table

    C. Retrieves the password for the first user in the members table

    D. Deletes the entire members table

  • Question 136:

    You are carrying out the last round of testing for your new website before it goes live. The website has many dynamic pages and connects to a SQL backend that accesses your product inventory in a database. You come across a web

    security site that recommends inputting the following code into a search field on web pages to check for vulnerabilities:

    When you type this and click on search, you receive a pop-up window that says:

    "This is a test."

    What is the result of this test?

    A. Your website is vulnerable to CSS

    B. Your website is not vulnerable

    C. Your website is vulnerable to SQL injection

    D. Your website is vulnerable to web bugs

  • Question 137:

    At what layer of the OSI model do routers function on?

    A. 5

    B. 1

    C. 4

    D. 3

  • Question 138:

    What is the target host IP in the following command?

    A. Firewalk does not scan target hosts

    B. 172.16.28.95

    C. This command is using FIN packets, which cannot scan target hosts

    D. 10.10.150.1

  • Question 139:

    You setup SNMP in multiple offices of your company. Your SNMP software manager is not receiving data from other offices like it is for your main office. You suspect that firewall changes are to blame. What ports should you open for SNMP to work through Firewalls (Select 2)

    A. 162

    B. 160

    C. 163

    D. 161

  • Question 140:

    Click on the Exhibit Button

    Paulette works for an IT security consulting company that is currently performing an audit for the firm ACE Unlimited. Paulette's duties include logging on to all the company's network equipment to ensure IOS versions are up-to-date and all the other security settings are as stringent as possible. Paulette presents the following screenshot to her boss so he can inform the client about necessary changes need to be made. From the screenshot, what changes should the client company make?

    Exhibit:

    A. The banner should not state "only authorized IT personnel may proceed"

    B. Remove any identifying numbers, names, or version information

    C. The banner should have more detail on the version numbers for the network equipment

    D. The banner should include the Cisco tech support contact information as well

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 412-79 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.