Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

ECCouncil 412-79v10 - EC-Council Certified Security Analyst (ECSA) V10

ECCouncil 412-79v10 Premium Access     Download Demo    
Page: 4 / 6
Total 201 questions

Logs are the record of the system and network activities. Syslog protocol is used for delivering log information across an IP network. Syslog messages can be sent via which one of the following?

A.

UDP and TCP

B.

TCP and SMTP

C.

SMTP

D.

UDP and SMTP

You are carrying out the last round of testing for your new website before it goes live. The website has many dynamic pages and connects to a SQL backend that accesses your product inventory in a database. You come across a web security site that recommends inputting the following code into a search field on web pages to check for vulnerabilities:

When you type this and click on search, you receive a pop-up window that says:

"This is a test."

What is the result of this test?

A.

Your website is vulnerable to web bugs

B.

Your website is vulnerable to XSS

C.

Your website is not vulnerable

D.

Your website is vulnerable to SQL injection

Which of the following are the default ports used by NetBIOS service?

A.

135, 136, 139, 445

B.

134, 135, 136, 137

C.

137, 138, 139, 140

D.

133, 134, 139, 142

A firewall’s decision to forward or reject traffic in network filtering is dependent upon which of the following?

A.

Destination address

B.

Port numbers

C.

Source address

D.

Protocol used

Which of the following methods is used to perform server discovery?

A.

Banner Grabbing

B.

Who is Lookup

C.

SQL Injection

D.

Session Hijacking

In Linux, what is the smallest possible shellcode?

A.

800 bytes

B.

8 bytes

C.

80 bytes

D.

24 bytes

By default, the TFTP server listens on UDP port 69. Which of the following utility reports the port status of target TCP and UDP ports on a local or a remote computer and is used to troubleshoot TCP/IP connectivity issues?

A.

PortQry

B.

Netstat

C.

Telnet

D.

Tracert

Security auditors determine the use of WAPs on their networks with Nessus vulnerability scanner which identifies the commonly used WAPs.

One of the plug-ins that the Nessus Vulnerability Scanner uses is ID #11026 and is named “Access Point Detection”. This plug-in uses four techniques to identify the presence of a WAP.

Which one of the following techniques is mostly used for uploading new firmware images while upgrading the WAP device?

A.

NMAP TCP/IP fingerprinting

B.

HTTP fingerprinting

C.

FTP fingerprinting

D.

SNMP fingerprinting

Terri works for a security consulting firm that is currently performing a penetration test on First National Bank in Tokyo. Terri's duties include bypassing firewalls and switches to gain access to the network. Terri sends an IP packet to one of the company's switches with ACK bit and the source address of her machine set.

What is Terri trying to accomplish by sending this IP packet?

A.

Poison the switch's MAC address table by flooding it with ACK bits

B.

Enable tunneling feature on the switch

C.

Trick the switch into thinking it already has a session with Terri's computer

D.

Crash the switch with a DoS attack since switches cannot send ACK bits

In the TCP/IP model, the transport layer is responsible for reliability and flow control from source to the destination. TCP provides the mechanism for flow control by allowing the sending and receiving hosts to communicate.

A flow control mechanism avoids the problem with a transmitting host overflowing the buffers in the receiving host.

A.

Sliding Windows

B.

Windowing

C.

Positive Acknowledgment with Retransmission (PAR)

D.

Synchronization