1. Home
  2. EC-COUNCIL
  3. 412-79V10

EC-Council Certified Security Analyst (ECSA) V10

Exam Details

  • Exam Code
    :412-79V10
  • Exam Name
    :EC-Council Certified Security Analyst (ECSA) V10
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :201 Q&As
  • Last Updated
    :Mar 31, 2025

EC-COUNCIL EC-COUNCIL Certifications 412-79V10 Questions & Answers

  • Question 131:

    Which of the following statement holds true for TCP Operation?

    A. Port numbers are used to know which application the receiving host should pass the data to

    B. Sequence numbers are used to track the number of packets lost in transmission

    C. Flow control shows the trend of a transmitting host overflowing the buffers in the receiving host

    D. Data transfer begins even before the connection is established

  • Question 132:

    John, a penetration tester from a pen test firm, was asked to collect information about the host file in a Windows system directory. Which of the following is the location of the host file in Window system directory?

    A. C:\Windows\System32\Boot

    B. C:\WINNT\system32\drivers\etc

    C. C:\WINDOWS\system32\cmd.exe

    D. C:\Windows\System32\restore

  • Question 133:

    Identify the correct formula for Return on Investment (ROI).

    A. ROI = ((Expected Returns ?Cost of Investment) / Cost of Investment) * 100

    B. ROI = (Expected Returns + Cost of Investment) / Cost of Investment

    C. ROI = (Expected Returns Cost of Investment) / Cost of Investment

    D. ROI = ((Expected Returns + Cost of Investment) / Cost of Investment) * 100

  • Question 134:

    Which of the following external pen testing tests reveals information on price, usernames and passwords, sessions, URL characters, special instructors, encryption used, and web page behaviors?

    A. Check for Directory Consistency and Page Naming Syntax of the Web Pages

    B. Examine Server Side Includes (SSI)

    C. Examine Hidden Fields

    D. Examine E-commerce and Payment Gateways Handled by the Web Server

  • Question 135:

    An external intrusion test and analysis identify security weaknesses and strengths of the client's systems and networks as they appear from outside the client's security perimeter, usually from the Internet. The goal of an external intrusion test and analysis is to demonstrate the existence of known vulnerabilities that could be exploited by an external attacker.

    During external penetration testing, which of the following scanning techniques allow you to determine a port's state without making a full connection to the host?

    A. XMAS Scan

    B. SYN scan

    C. FIN Scan

    D. NULL Scan

  • Question 136:

    Which of the following acts is a proprietary information security standard for organizations that handle cardholder information for the major debit, credit, prepaid, e-purse, ATM, and POS cards and applies to all entities involved in payment card processing?

    A. PIPEDA

    B. PCI DSS

    C. Human Rights Act 1998

    D. Data Protection Act 1998

  • Question 137:

    You have compromised a lower-level administrator account on an Active Directory network of a small

    company in Dallas, Texas. You discover Domain Controllers through enumeration. You connect to one of

    the Domain Controllers on port 389 using Idp.exe.

    What are you trying to accomplish here?

    A. Poison the DNS records with false records

    B. Enumerate MX and A records from DNS

    C. Establish a remote connection to the Domain Controller

    D. Enumerate domain user accounts and built-in groups

  • Question 138:

    A penetration test consists of three phases: pre-attack phase, attack phase, and post- attack phase.

    Active reconnaissance which includes activities such as network mapping, web profiling, and perimeter mapping is a part which phase(s)?

    A. Post-attack phase

    B. Pre-attack phase and attack phase

    C. Attack phase

    D. Pre-attack phase

  • Question 139:

    Which one of the following log analysis tools is used for analyzing the server's log files?

    A. Performance Analysis of Logs tool

    B. Network Sniffer Interface Test tool

    C. Ka Log Analyzer tool

    D. Event Log Tracker tool

  • Question 140:

    Windows stores user passwords in the Security Accounts Manager database (SAM), or in the Active Directory database in domains. Passwords are never stored in clear text; passwords are hashed and the results are stored in the SAM.

    NTLM and LM authentication protocols are used to securely store a user's password in the SAM database using different hashing methods.

    The SAM file in Windows Server 2008 is located in which of the following locations?

    A. c:\windows\system32\config\SAM

    B. c:\windows\system32\drivers\SAM

    C. c:\windows\system32\Setup\SAM

    D. c:\windows\system32\Boot\SAM

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 412-79V10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.