1. Home
  2. EC-COUNCIL
  3. 412-79V8

EC-Council Certified Security Analyst (ECSA)

Exam Details

  • Exam Code
    :412-79V8
  • Exam Name
    :EC-Council Certified Security Analyst (ECSA)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :200 Q&As
  • Last Updated
    :Mar 23, 2025

EC-COUNCIL EC-COUNCIL Certifications 412-79V8 Questions & Answers

  • Question 61:

    What are the scanning techniques that are used to bypass firewall rules and logging mechanisms and disguise themselves as usual network traffic?

    A. Connect Scanning Techniques

    B. SYN Scanning Techniques

    C. Stealth Scanning Techniques

    D. Port Scanning Techniques

  • Question 62:

    A firewall's decision to forward or reject traffic in network filtering is dependent upon which of the following?

    A. Destination address

    B. Port numbers

    C. Source address

    D. Protocol used

  • Question 63:

    Windows stores user passwords in the Security Accounts Manager database (SAM), or in the Active Directory database in domains. Passwords are never stored in clear text; passwords are hashed and the results are stored in the SAM. NTLM and LM authentication protocols are used to securely store a user's password in the SAM database using different hashing methods.

    The SAM file in Windows Server 2008 is located in which of the following locations?

    A. c:\windows\system32\config\SAM

    B. c:\windows\system32\drivers\SAM

    C. c:\windows\system32\Setup\SAM

    D. c:\windows\system32\Boot\SAM

  • Question 64:

    The first phase of the penetration testing plan is to develop the scope of the project in consultation with the client. Pen testing test components depend on the client's operating environment, threat perception, security and compliance requirements, ROE, and budget. Various components need to be considered for testing while developing the scope of the project.

    Which of the following is NOT a pen testing component to be tested?

    A. System Software Security

    B. Intrusion Detection

    C. Outside Accomplices

    D. Inside Accomplices

  • Question 65:

    DNS information records provide important data about:

    A. Phone and Fax Numbers

    B. Location and Type of Servers

    C. Agents Providing Service to Company Staff

    D. New Customer

  • Question 66:

    Which of the following attacks does a hacker perform in order to obtain UDDI information such as businessEntity, businesService, bindingTemplate, and tModel?

    A. Web Services Footprinting Attack

    B. Service Level Configuration Attacks

    C. URL Tampering Attacks

    D. Inside Attacks

  • Question 67:

    In which of the following IDS evasion techniques does IDS reject the packets that an end system accepts?

    A. IPS evasion technique

    B. IDS evasion technique

    C. UDP evasion technique

    D. TTL evasion technique

  • Question 68:

    James is testing the ability of his routers to withstand DoS attacks. James sends ICMP ECHO requests to the broadcast address of his network. What type of DoS attack is James testing against his network?

    A. Smurf

    B. Trinoo

    C. Fraggle

    D. SYN flood

  • Question 69:

    Today, most organizations would agree that their most valuable IT assets reside within applications and databases. Most would probably also agree that these are areas that have the weakest levels of security, thus making them the prime target for malicious activity from system administrators, DBAs, contractors, consultants, partners, and customers.

    Which of the following flaws refers to an application using poorly written encryption code to securely encrypt and store sensitive data in the database and allows an attacker to steal or modify weakly protected data such as credit card numbers, SSNs, and other authentication credentials?

    A. SSI injection attack

    B. Insecure cryptographic storage attack

    C. Hidden field manipulation attack

    D. Man-in-the-Middle attack

  • Question 70:

    The first and foremost step for a penetration test is information gathering. The main objective of this test is to gather information about the target system which can be used in a malicious manner to gain access to the target systems.

    Which of the following information gathering terminologies refers to gathering information through social engineering on-site visits, face-to-face interviews, and direct questionnaires?

    A. Active Information Gathering

    B. Pseudonymous Information Gathering

    C. Anonymous Information Gathering

    D. Open Source or Passive Information Gathering

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 412-79V8 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.