EC-COUNCIL EC-COUNCIL Certifications 412-79V10 Questions & Answers

• Question 141:

  Which one of the following is a useful formatting token that takes an int * as an argument, and writes the number of bytes already written, to that location?

  A. "%n"

  B. "%s"

  C. "%p"

  D. "%w"

  Correct Answer: A

• Question 142:

  Which of the following methods is used to perform server discovery?

  A. Banner Grabbing

  B. Whois Lookup

  C. SQL Injection

  D. Session Hijacking

  Correct Answer: B

  Reference: http://luizfirmino.blogspot.com/2011/09/server-discovery.html

• Question 143:

  Identify the type of authentication mechanism represented below:

  

  A. NTLMv1

  B. NTLMv2

  C. LAN Manager Hash

  D. Kerberos

  Correct Answer: D

  The client authenticates itself to the Authentication Server (AS) which forwards the username to a key distribution center (KDC). The KDC issues a ticket granting ticket (TGT), which is time stamped, encrypts it using the user's password and returns the encrypted result to the user's workstation. This is done infrequently, typically at user logon; the TGT expires at some point, though may be transparently renewed by the user's session manager while they are logged in.

  When the client needs to communicate with another node ("principal" in Kerberos parlance) the client sends the TGT to the ticket granting service (TGS), which usually shares the same host as the KDC. After verifying the TGT is valid and the user is permitted to access the requested service, the TGS issues a ticket and session keys, which are returned to the client. The client then sends the ticket to the service server (SS) along with its service request.

  Reference: http://en.wikipedia.org/wiki/Kerberos_(protocol)

• Question 144:

  Identify the data security measure which defines a principle or state that ensures that an action or transaction cannot be denied.

  A. Availability

  B. Integrity

  C. Authorization

  D. Non-Repudiation

  Correct Answer: D

  Reference: http://en.wikipedia.org/wiki/Information_security (non-repudiation)

• Question 145:

  Which of the following pen testing reports provides detailed information about all the tasks performed during penetration testing?

  

  A. Client-Side Test Report

  B. Activity Report

  C. Host Report

  D. Vulnerability Report

  Correct Answer: A

• Question 146:

  Mason is footprinting an organization to gather competitive intelligence. He visits the company's website for contact information and telephone numbers but does not find any. He knows the entire staff directory was listed on their website 12 months. How can he find the directory?

  A. Visit Google's search engine and view the cached copy

  B. Crawl and download the entire website using the Surfoffline tool and save them to his computer

  C. Visit the company's partners' and customers' website for this information

  D. Use WayBackMachine in Archive.org web site to retrieve the Internet archive

  Correct Answer: D

• Question 147:

  Identify the port numbers used by POP3 and POP3S protocols.

  A. 113 and 981

  B. 111 and 982

  C. 110 and 995

  D. 109 and 973

  Correct Answer: C

  Reference: https://publib.boulder.ibm.com/infocenter/wsmashin/v1r1/index.jsp?topic=/com.ibm.websph ere.sMash.doc/using/zero.mail/MailStoreConfiguration.html

• Question 148:

  External penetration testing is a traditional approach to penetration testing and is more focused on the servers, infrastructure and the underlying software comprising the target. It involves a comprehensive analysis of publicly available information about the target, such as Web servers, Mail servers, Firewalls, and Routers.

  

  Which of the following types of penetration testing is performed with no prior knowledge of the site?

  A. Blue box testing

  B. White box testing

  C. Grey box testing

  D. Black box testing

  Correct Answer: D

  Reference: http://books.google.com.pk/books?id=5m6ta2fgTswCandpg=SA5-PA4andlpg=SA5PA4anddq=penetration+testing+is+performed+with+no+prior+knowledge+of+the+siteandsourc e=blandots=8GkmyUBH2Uandsig=wdBIboWxrhk5QjlQXs3yWOcuk2Qandhl=enandsa=Xandei=SgfVI2LLc3qaOa5gIgOandved=0CCkQ6AEwAQ#v=onepageandq=penetration%20testing%20i s% 20performed%20with%20no%20prior%20knowledge%20of%20the%20siteandf=false

• Question 149:

  Nessus can test a server or a network for DoS vulnerabilities. Which one of the following script tries to kill a service?

  A. ACT_DENIAL

  B. ACT_FLOOD

  C. ACT_KILL_HOST

  D. ACT_ATTACK

  Correct Answer: A

• Question 150:

  During external penetration testing, which of the following techniques uses tools like Nmap to predict the sequence numbers generated by the targeted server and use this information to perform session hijacking techniques?

  A. TCP Sequence Number Prediction

  B. IPID State Number Prediction

  C. TCP State Number Prediction

  D. IPID Sequence Number Prediction

  Correct Answer: A

  Reference: http://www.scribd.com/doc/133636402/LPTv4-Module-18-External-Penetration- Testing-NoRestriction (p.43)