Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

ECCouncil 412-79v10 - EC-Council Certified Security Analyst (ECSA) V10

ECCouncil 412-79v10 Premium Access     Download Demo    
Page: 3 / 6
Total 201 questions

Which type of vulnerability assessment tool provides security to the IT system by testing for vulnerabilities in the applications and operation system?

A.

Active/Passive Tools

B.

Application-layer Vulnerability Assessment Tools

C.

Location/Data Examined Tools

D.

Scope Assessment Tools

Traffic on which port is unusual for both the TCP and UDP ports?

A.

Port 81

B.

Port 443

C.

Port 0

D.

Port 21

Which of the following defines the details of services to be provided for the client’s organization and the list of services required for performing the test in the organization?

A.

Draft

B.

Report

C.

Requirement list

D.

Quotation

What is a difference between host-based intrusion detection systems (HIDS) and network-based intrusion detection systems (NIDS)?

A.

NIDS are usually a more expensive solution to implement compared to HIDS.

B.

Attempts to install Trojans or backdoors cannot be monitored by a HIDS whereas NIDS can monitor and stop such intrusion events.

C.

NIDS are standalone hardware appliances that include network intrusion detection capabilities whereas HIDS consist of software agents installed on individual computers within the system.

D.

HIDS requires less administration and training compared to NIDS.

In which of the following IDS evasion techniques does IDS reject the packets that an end system accepts?

A.

IPS evasion technique

B.

IDS evasion technique

C.

UDP evasion technique

D.

TTL evasion technique

In the process of hacking a web application, attackers manipulate the HTTP requests to subvert the application authorization schemes by modifying input fields that relate to the user ID, username, access group, cost, file names, file identifiers, etc.

They first access the web application using a low privileged account and then escalate privileges to access protected resources. What attack has been carried out?

A.

XPath Injection Attack

B.

Authorization Attack

C.

Authentication Attack

D.

Frame Injection Attack

Tyler is setting up a wireless network for his business that he runs out of his home. He has followed all the directions from the ISP as well as the wireless router manual. He does not have any encryption set and the SSID is being broadcast.

On his laptop, he can pick up the wireless signal for short periods of time, but then the connection drops and the signal goes away. Eventually the wireless signal shows back up, but drops intermittently.

What could be Tyler issue with his home wireless network?

A.

2.4 Ghz Cordless phones

B.

Satellite television

C.

CB radio

D.

Computers on his wired network

Paulette works for an IT security consulting company that is currently performing an audit for the firm ACE Unlimited. Paulette's duties include logging on to all the company's network equipment to ensure IOS versions are up-to-date and all the other security settings are as stringent as possible.

Paulette presents the following screenshot to her boss so he can inform the clients about necessary changes need to be made. From the screenshot, what changes should the client company make?

Exhibit:

A.

The banner should not state "only authorized IT personnel may proceed"

B.

Remove any identifying numbers, names, or version information

C.

The banner should include the Cisco tech support contact information as well

D.

The banner should have more detail on the version numbers for the network equipment

What are the 6 core concepts in IT security?

A.

Server management, website domains, firewalls, IDS, IPS, and auditing

B.

Authentication, authorization, confidentiality, integrity, availability, and non-repudiation

C.

Passwords, logins, access controls, restricted domains, configurations, and tunnels

D.

Biometrics, cloud security, social engineering, DoS attack, viruses, and Trojans

A chipset is a group of integrated circuits that are designed to work together and are usually marketed as a single product.” It is generally the motherboard chips or the chips used on the expansion card.

Which one of the following is well supported in most wireless applications?

A.

Orinoco chipsets

B.

Prism II chipsets

C.

Atheros Chipset

D.

Cisco chipset