1. Home
  2. EC-COUNCIL
  3. 412-79

EC-Council Certified Security Analyst (ECSA)

Exam Details

  • Exam Code
    :412-79
  • Exam Name
    :EC-Council Certified Security Analyst (ECSA)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :232 Q&As
  • Last Updated
    :Mar 26, 2025

EC-COUNCIL EC-COUNCIL Certifications 412-79 Questions & Answers

  • Question 181:

    You are trying to locate Microsoft Outlook Web Access Default Portal using Google search on the Internet. What search string will you use to locate them?

    A. intitle:"exchange server"

    B. outlook:"search"

    C. locate:"logon page"

    D. allinurl:"exchange/logon.asp"

  • Question 182:

    You have compromised a lower-level administrator account on an Active Directory network of a small company in Dallas, Texas. You discover Domain Controllers through enumeration. You connect to one of the Domain Controllers on port 389 using ldp.exe. What are you trying to accomplish here?

    A. Poison the DNS records with false records

    B. Enumerate MX and A records from DNS

    C. Enumerate domain user accounts and built-in groups

    D. Establish a remote connection to the Domain Controller

  • Question 183:

    Jim performed a vulnerability analysis on his network and found no potential problems. He runs another utility that executes exploits against his system to verify the results of the vulnerability test. The second utility executes five known exploits against his network in which the vulnerability analysis said were not exploitable. What kind of results did Jim receive from his vulnerability analysis?

    A. False negatives

    B. True positives

    C. True negatives

    D. False positives

  • Question 184:

    You are working on a thesis for your doctorate degree in Computer Science. Your thesis is based on HTML, DHTML, and other web-based languages and how they have evolved over the years. You navigate to archive.org and view the HTML code of news.com. You then navigate to the current news.com website and copy over the source code. While searching through the code, you come across something abnormal:

    What have you found?

    A. Trojan.downloader

    B. Blind bug

    C. Web bug

    D. CGI code

  • Question 185:

    Click on the Exhibit Button

    Paulette works for an IT security consulting company that is currently performing an audit for the firm ACE Unlimited. Paulette's duties include logging on to all the company's network equipment to ensure IOS versions are up-to-date and all the other security settings are as stringent as possible. Paulette presents the following screenshot to her boss so he can inform the client about necessary changes need to be made. From the screenshot, what changes should the client company make?

    Exhibit:

    A. The banner should not state "only authorized IT personnel may proceed"

    B. Remove any identifying numbers, names, or version information

    C. The banner should include the Cisco tech support contact information as well

    D. The banner should have more detail on the version numbers for the network equipment

  • Question 186:

    An "idle" system is also referred to as what?

    A. PC not being used

    B. PC not connected to the Internet

    C. Bot

    D. Zombie

  • Question 187:

    Simon is a former employee of Trinitron XML Inc. He feels he was wrongly terminated and wants to hack into his former company's network. Since Simon remembers some of the server names, he attempts to run the axfr and ixfr commands using DIG. What is Simon trying to accomplish here?

    A. Perform a zone transfer

    B. Perform DNS poisoning

    C. Send DOS commands to crash the DNS servers

    D. Enumerate all the users in the domain

  • Question 188:

    Why is it a good idea to perform a penetration test from the inside?

    A. It is easier to hack from the inside

    B. It is never a good idea to perform a penetration test from the inside

    C. To attack a network from a hacker's perspective

    D. Because 70% of attacks are from inside the organization

  • Question 189:

    Tyler is setting up a wireless network for his business that he runs out of his home. He has followed all the directions from the ISP as well as the wireless router manual. He does not have any encryption set and the SSID is being broadcast. On his laptop, he can pick up the wireless signal for short periods of time, but then the connection drops and the signal goes away. Eventually the wireless signal shows back up, but drops intermittently. What could be Tyler issue with his home wireless network?

    A. 2.4 Ghz Cordless phones

    B. Satellite television

    C. CB radio

    D. Computers on his wired network

  • Question 190:

    You have compromised a lower-level administrator account on an Active Directory network of a small company in Dallas, Texas. You discover Domain Controllers through enumeration. You connect to one of the Domain Controllers on port 389 using ldp.exe. What are you trying to accomplish here?

    A. Enumerate domain user accounts and built-in groups

    B. Establish a remote connection to the Domain Controller

    C. Poison the DNS records with false records

    D. Enumerate MX and A records from DNS

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 412-79 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.