EC-Council 412-79v10 Questions 2021

NEW QUESTION 1
Internet Control Message Protocol (ICMP) messages occur in many situations, such as whenever a datagram cannot reach the destination or the gateway does not have the buffering capacity to forward a datagram.
Each ICMP message contains three fields: type, code, and checksum. Different types of Internet Control Message Protocols (ICMPs) are identified by a TYPE field.
If the destination is not reachable, which one of the following are generated?

• A. Type 8 ICMP codes
• B. Type 12 ICMP codes
• C. Type 3 ICMP codes
• D. Type 7 ICMP codes

Answer: C

NEW QUESTION 2
Which one of the following architectures has the drawback of internally considering the hosted services individually?

• A. Weak Screened Subnet Architecture
• B. "Inside Versus Outside" Architecture
• C. "Three-Homed Firewall" DMZ Architecture
• D. Strong Screened-Subnet Architecture

Answer: C

NEW QUESTION 3
ARP spoofing is a technique whereby an attacker sends fake ("spoofed") Address Resolution Protocol (ARP) messages onto a Local Area Network. Generally, the aim is to associate the attacker's MAC address with the IP address of another host (such as the default gateway), causing any traffic meant for that IP address to be sent to the attacker instead.
ARP spoofing attack is used as an opening for other attacks.

What type of attack would you launch after successfully deploying ARP spoofing?

• A. Parameter Filtering
• B. Social Engineering
• C. Input Validation
• D. Session Hijacking

Answer: D

NEW QUESTION 4
You are the security analyst working for a private company out of France. Your current assignment is to obtain credit card information from a Swiss bank owned by that company. After initial reconnaissance, you discover that the bank security defenses are very strong and would take too long to penetrate. You decide to get the information by monitoring the traffic between the bank and one of its subsidiaries in London.
After monitoring some of the traffic, you see a lot of FTP packets traveling back and forth. You want to sniff the traffic and extract usernames and passwords. What tool could you use to get this information?

• A. RaidSniff
• B. Snort
• C. Ettercap
• D. Airsnort

Answer: C

NEW QUESTION 5
An attacker injects malicious query strings in user input fields to bypass web service authentication mechanisms and to access back-end databases. Which of the following attacks is this?

• A. Frame Injection Attack
• B. LDAP Injection Attack
• C. XPath Injection Attack
• D. SOAP Injection Attack

Answer: D

NEW QUESTION 6
Which of the following defines the details of services to be provided for the client’s organization and the list of services required for performing the test in the organization?

• A. Draft
• B. Report
• C. Requirement list
• D. Quotation

Answer: D

NEW QUESTION 7
Which of the following documents helps in creating a confidential relationship between the pen tester and client to protect critical and confidential information or trade secrets?

• A. Penetration Testing Agreement
• B. Rules of Behavior Agreement
• C. Liability Insurance
• D. Non-Disclosure Agreement

Answer: D

NEW QUESTION 8
Julia is a senior security analyst for Berber Consulting group. She is currently working on a contract for a small accounting firm in Florida. They have given her permission to perform social engineering attacks on the company to see if their in-house training did any good. Julia calls the main number for the accounting firm and talks to the receptionist. Julia says that she is an IT technician from the company's main office in Iowa.
She states that she needs the receptionist's network username and password to troubleshoot a problem they are having. Julia says that Bill Hammond, the CEO of the company, requested this information. After hearing the name of the CEO, the receptionist gave Julia all the information she asked for.
What principal of social engineering did Julia use?

• A. Reciprocation
• B. Friendship/Liking
• C. Social Validation
• D. Scarcity

Answer: A

NEW QUESTION 9
Vulnerability assessment is an examination of the ability of a system or application, including current security procedures and controls, to withstand assault. It recognizes, measures, and classifies security vulnerabilities in a computer system, network, and communication channels.
A vulnerability assessment is used to identify weaknesses that could be exploited and predict the effectiveness of additional security measures in protecting information resources from attack.

Which of the following vulnerability assessment technique is used to test the web server infrastructure for any misconfiguration and outdated content?

• A. Passive Assessment
• B. Host-based Assessment
• C. External Assessment
• D. Application Assessment

Answer: D

NEW QUESTION 10
In Linux, /etc/shadow file stores the real password in encrypted format for user’s account with added properties associated with the user’s password.

In the example of a /etc/shadow file below, what does the bold letter string indicate?
Vivek: $1$fnffc$GteyHdicpGOfffXX40w#5:13064:0:99999:7

• A. Number of days the user is warned before the expiration date
• B. Minimum number of days required between password changes
• C. Maximum number of days the password is valid
• D. Last password changed

Answer: B

NEW QUESTION 11
Identify the type of firewall represented in the diagram below:

• A. Stateful multilayer inspection firewall
• B. Application level gateway
• C. Packet filter
• D. Circuit level gateway

Answer: A

NEW QUESTION 12
When setting up a wireless network with multiple access points, why is it important to set each access point on a different channel?

• A. Avoid cross talk
• B. Avoid over-saturation of wireless signals
• C. So that the access points will work on different frequencies
• D. Multiple access points can be set up on the same channel without any issues

Answer: A

NEW QUESTION 13
Logs are the record of the system and network activities. Syslog protocol is used for delivering log information across an IP network. Syslog messages can be sent via which one of the following?

• A. UDP and TCP
• B. TCP and SMTP
• C. SMTP
• D. UDP and SMTP

Answer: A

NEW QUESTION 14
John, the penetration testing manager in a pen testing firm, needs to prepare a pen testing pricing report for a client. Which of the following factors does he need to consider while preparing the pen testing pricing report?

• A. Number of employees in the client organization
• B. Complete structure of the organization
• C. Number of client computers to be tested and resources required to perform a pen test
• D. Number of servers available in the client organization

Answer: C

NEW QUESTION 15
What are the 6 core concepts in IT security?

• A. Server management, website domains, firewalls, IDS, IPS, and auditing
• B. Authentication, authorization, confidentiality, integrity, availability, and non-repudiation
• C. Passwords, logins, access controls, restricted domains, configurations, and tunnels
• D. Biometrics, cloud security, social engineering, DoS attack, viruses, and Trojans

Answer: B

NEW QUESTION 16
You just passed your ECSA exam and are about to start your first consulting job running security audits for a financial institution in Los Angeles. The IT manager of the company you will be working for tries to see if you remember your ECSA class. He asks about the methodology you will be using to test the company's network.
How would you answer?

• A. IBM Methodology
• B. LPT Methodology
• C. Google Methodology
• D. Microsoft Methodology

Answer: B

NEW QUESTION 17
Which one of the following tools of trade is an automated, comprehensive penetration testing product for assessing the specific information security threats to an organization?

• A. Sunbelt Network Security Inspector (SNSI)
• B. CORE Impact
• C. Canvas
• D. Microsoft Baseline Security Analyzer (MBSA)

Answer: C

NEW QUESTION 18
Which one of the following scans starts, but does not complete the TCP handshake sequence for each port selected, and it works well for direct scanning and often works well through firewalls?

• A. SYN Scan
• B. Connect() scan
• C. XMAS Scan
• D. Null Scan

Answer: A

NEW QUESTION 19
Which of the following contents of a pen testing project plan addresses the strengths, weaknesses, opportunities, and threats involved in the project?

• A. Project Goal
• B. Success Factors
• C. Objectives
• D. Assumptions

Answer: D

NEW QUESTION 20
In the TCP/IP model, the transport layer is responsible for reliability and flow control from source to the destination. TCP provides the mechanism for flow control by allowing the sending and receiving hosts to communicate.
A flow control mechanism avoids the problem with a transmitting host overflowing the buffers in the receiving host.

• A. Sliding Windows
• B. Windowing
• C. Positive Acknowledgment with Retransmission (PAR)
• D. Synchronization

Answer: C

NEW QUESTION 21
What will the following URL produce in an unpatched IIS Web Server?

• A. Execute a buffer flow in the C: drive of the web server
• B. Insert a Trojan horse into the C: drive of the web server
• C. Directory listing of the C:windowssystem32 folder on the web server
• D. Directory listing of C: drive on the web server

Answer: D

NEW QUESTION 22
You have compromised a lower-level administrator account on an Active Directory network of a small company in Dallas, Texas. You discover Domain Controllers through enumeration. You connect to one of the Domain Controllers on port 389 using Idp.exe.
What are you trying to accomplish here?

• A. Poison the DNS records with false records
• B. Enumerate MX and A records from DNS
• C. Establish a remote connection to the Domain Controller
• D. Enumerate domain user accounts and built-in groups

Answer: D

NEW QUESTION 23
An external intrusion test and analysis identify security weaknesses and strengths of the client's systems and networks as they appear from outside the client's security perimeter, usually from the Internet.
The goal of an external intrusion test and analysis is to demonstrate the existence of known vulnerabilities that could be exploited by an external attacker.

During external penetration testing, which of the following scanning techniques allow you to determine a port’s state without making a full connection to the host?

• A. XMAS Scan
• B. SYN scan
• C. FIN Scan
• D. NULL Scan

Answer: B

NEW QUESTION 24
Vulnerability assessment is an examination of the ability of a system or application, including the current security procedures and controls, to withstand assault.

What does a vulnerability assessment identify?

• A. Disgruntled employees
• B. Weaknesses that could be exploited
• C. Physical security breaches
• D. Organizational structure

Answer: B

NEW QUESTION 25
One needs to run “Scan Server Configuration” tool to allow a remote connection to Nessus from the remote Nessus clients. This tool allows the port and bound interface of the Nessus daemon to be configured.
By default, the Nessus daemon listens to connections on which one of the following?

• A. Localhost (127.0.0.1) and port 1241
• B. Localhost (127.0.0.1) and port 1240
• C. Localhost (127.0.0.1) and port 1246
• D. Localhost (127.0.0.0) and port 1243

Answer: A

NEW QUESTION 26
One of the steps in information gathering is to run searches on a company using complex keywords in Google.

Which search keywords would you use in the Google search engine to find all the PowerPoint presentations containing information about a target company, ROCHESTON?

• A. ROCHESTON fileformat:+ppt
• B. ROCHESTON ppt:filestring
• C. ROCHESTON filetype:ppt
• D. ROCHESTON +ppt:filesearch

Answer: C

NEW QUESTION 27
......