EC-COUNCIL EC-COUNCIL Certifications 412-79V8 Questions & Answers

• Question 161:

  What is the maximum value of a "tinyint" field in most database systems?

  A. 222

  B. 224 or more

  C. 240 or less

  D. 225 or more

  Correct Answer: D

• Question 162:

  Which of the following policies states that the relevant application owner must authorize requests for additional access to specific business applications in writing to the IT Department/resource?

  A. Special-Access Policy

  B. User Identification and Password Policy

  C. Personal Computer Acceptable Use Policy

  D. User-Account Policy

  Correct Answer: B

• Question 163:

  Which of the following are the default ports used by NetBIOS service?

  A. 135, 136, 139, 445

  B. 134, 135, 136, 137

  C. 137, 138, 139, 140

  D. 133, 134, 139, 142

  Correct Answer: A

• Question 164:

  In a TCP packet filtering firewall, traffic is filtered based on specified session rules, such as when a session is initiated by a recognized computer.

  

  Identify the level up to which the unknown traffic is allowed into the network stack.

  A. Level 5 Application

  B. Level 2 Data Link

  C. Level 4 TCP

  D. Level 3 Internet Protocol (IP)

  Correct Answer: D

• Question 165:

  Phishing is typically carried out by email spoofing or instant messaging and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to deceive users, and exploits the poor usability of current web security technologies. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures.

  

  What characteristics do phishing messages often have that may make them identifiable?

  A. Invalid email signatures or contact information B. Suspiciously good grammar and capitalization

  C. They trigger warning pop-ups

  D. Suspicious attachments

  Correct Answer: D

• Question 166:

  Which of the following is the objective of Gramm-Leach-Bliley Act?

  A. To ease the transfer of financial information between institutions and banks

  B. To protect the confidentiality, integrity, and availability of data

  C. To set a new or enhanced standards for all U.S. public company boards, management and public accounting firms

  D. To certify the accuracy of the reported financial statement

  Correct Answer: B

• Question 167:

  Which of the following contents of a pen testing project plan addresses the strengths, weaknesses, opportunities, and threats involved in the project?

  A. Project Goal

  B. Success Factors

  C. Objectives

  D. Assumptions

  Correct Answer: B

• Question 168:

  A penetration test will show you the vulnerabilities in the target system and the risks associated with it. An educated valuation of the risk will be performed so that the vulnerabilities can be reported as High/ Medium/Low risk issues.

  

  What are the two types of `white-box' penetration testing?

  A. Announced testing and blind testing

  B. Blind testing and double blind testing

  C. Blind testing and unannounced testing

  D. Announced testing and unannounced testing

  Correct Answer: B

• Question 169:

  Which of the following is not the SQL injection attack character?

  A. $

  B. PRINT

  C. #

  D. @@variable

  Correct Answer: B

• Question 170:

  A wireless intrusion detection system (WIDS) monitors the radio spectrum for the presence of unauthorized, rogue access points and the use of wireless attack tools. The system monitors the radio spectrum used by wireless LANs, and immediately alerts a systems administrator whenever a rogue access point is detected. Conventionally it is achieved by comparing the MAC address of the participating wireless devices.

  Which of the following attacks can be detected with the help of wireless intrusion detection system (WIDS)?

  

  A. Social engineering

  B. SQL injection

  C. Parameter tampering

  D. Man-in-the-middle attack

  Correct Answer: D