In Linux, what is the smallest possible shellcode?
A. 800 bytes
B. 8 bytes
C. 80 bytes
D. 24 bytes
After passing her CEH exam, Carol wants to ensure that her network is completely secure. She implements a DMZ, statefull firewall, NAT, IPSEC, and a packet filtering firewall. Since all security measures were taken, none of the hosts on her network can reach the Internet. Why is that?
A. Statefull firewalls do not work with packet filtering firewalls
B. NAT does not work with statefull firewalls
C. NAT does not work with IPSEC
D. IPSEC does not work with packet filtering firewalls
Bill is the accounting manager for Grummon and Sons LLC in Chicago. On a regular basis, he needs to send PDF documents containing sensitive information through E-mail to his customers. Bill protects the PDF documents with a password and sends them to their intended recipients. Why PDF passwords do not offer maximum protection?
A. PDF passwords can easily be cracked by software brute force tools
B. PDF passwords are not considered safe by Sarbanes-Oxley
C. PDF passwords are converted to clear text when sent through E-mail
D. When sent through E-mail, PDF passwords are stripped from the document completely
You are the network administrator for a small bank in Dallas, Texas. To ensure network security, you enact a security policy that requires all users to have 14 character passwords. After giving your users 2 weeks notice, you change the Group Policy to force 14 character passwords. A week later you dump the SAM database from the standalone server and run a password-cracking tool against it. Over 99% of the passwords are broken within an hour. Why were these passwords cracked so quickly?
A. Networks using Active Directory never use SAM databases so the SAM database pulled was empty
B. Passwords of 14 characters or less are broken up into two 7-character hashes
C. The passwords that were cracked are local accounts on the Domain Controller
D. A password Group Policy change takes at least 3 weeks to completely replicate throughout a network
Frank is working on a vulnerability assessment for a company on the West coast. The company hired Frank to assess its network security through scanning, pen tests, and vulnerability assessments. After discovering numerous known vulnerabilities detected by a temporary IDS he set up, he notices a number of items that show up as unknown but questionable in the logs. He looks up the behavior on the Internet, but cannot find anything related. What organization should Frank submit the log to find out if it is a new vulnerability or not?
A. RIPE
B. CVE
C. IANA
D. APIPA
You setup SNMP in multiple offices of your company. Your SNMP software manager is not receiving data from other offices like it is for your main office. You suspect that firewall changes are to blame. What ports should you open for SNMP to work through Firewalls (Select 2)
A. 162
B. 160
C. 161
D. 163
What will the following command produce on a website login page?
SELECT email, passwd, login_id, full_name FROM members WHERE email = '[email protected]'; DROP TABLE members; --'
A. Inserts the Error! Reference source not found. email address into the members table
B. Retrieves the password for the first user in the members table
C. Deletes the entire members table
D. This command will not produce anything since the syntax is incorrect
You just passed your ECSA exam and are about to start your first consulting job running security audits for a financial institution in Los Angeles. The IT manager of the company you will be working for tries to see if you remember your ECSA
class. He asks about the methodology you will be using to test the company's network.
How would you answer?
A. IBM Methodology
B. LPT Methodology
C. Google Methodology
D. Microsoft Methodology
What will the following URL produce in an unpatched IIS Web Server?
http://www.thetargetsite.com/ scripts/.. %co%af../..%co%af../windows/system32/cmd.exe?/c+dir+c:\
A. Execute a buffer flow in the C: drive of the web server
B. Insert a Trojan horse into the C: drive of the web server
C. Directory listing of the C:\windows\system32 folder on the web server
D. Directory listing of C: drive on the web server
Harold is a security analyst who has just run the rdisk /s command to grab the backup SAM file on a computer. Where should Harold navigate on the computer to find the file?
A. %systemroot%\LSA
B. %systemroot%\repair
C. %systemroot%\system32\drivers\etc
D. %systemroot%\system32\LSA
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 412-79 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.