1. Home
  2. EC-COUNCIL
  3. 412-79

EC-COUNCIL 412-79 Online Practice Questions and Exam Preparation

412-79 Exam Details

  • Exam Code
    :412-79
  • Exam Name
    :EC-Council Certified Security Analyst (ECSA)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :232 Q&As
  • Last Updated
    :May 29, 2026

EC-COUNCIL 412-79 Online Questions & Answers

  • Question 71:

    You should make at least how many bit-stream copies of a suspect drive?

    A. 1
    B. 2
    C. 3
    D. 4

  • Question 72:

    Why are Linux/Unix based computers better to use than Windows computers for idle scanning?

    A. Windows computers are constantly talking
    B. Linux/Unix computers are constantly talking
    C. Linux/Unix computers are easier to compromise
    D. Windows computers will not respond to idle scans

  • Question 73:

    You are working for a local police department that services a population of 1,000,000 people and you have been given the task of building a computer forensics laB. How many law-enforcement computer investigators should you request to staff the lab?

    A. 8
    B. 1
    C. 4
    D. 2

  • Question 74:

    You are running through a series of tests on your network to check for any security vulnerabilities. After normal working hours, you initiate a DoS attack against your external firewall. The firewall quickly freezes up and becomes unusable. You then initiate an FTP connection from an external IP into your internal network. The connection is successful even though you have FTP blocked at the external firewall. What has happened?

    A. The firewall failed-open
    B. The firewall failed-bypass
    C. The firewall failed-closed
    D. The firewall ACL has been purged

  • Question 75:

    Frank is working on a vulnerability assessment for a company on the West coast. The company hired Frank to assess its network security through scanning, pen tests, and vulnerability assessments. After discovering numerous known vulnerabilities detected by a temporary IDS he set up, he notices a number of items that show up as unknown but questionable in the logs. He looks up the behavior on the Internet, but cannot find anything related. What organization should Frank submit the log to find out if it is a new vulnerability or not?

    A. CVE
    B. IANA
    C. RIPE
    D. APIPA

  • Question 76:

    Jim performed a vulnerability analysis on his network and found no potential problems. He runs another utility that executes exploits against his system to verify the results of the vulnerability test. The second utility executes five known exploits against his network in which the vulnerability analysis said were not exploitable. What kind of results did Jim receive from his vulnerability analysis?

    A. False negatives
    B. True positives
    C. True negatives
    D. False positives

  • Question 77:

    As a security analyst you setup a false survey website that will require users to create a username and a strong password. You send the link to all the employees of the company. What information will you be able to gather?

    A. The employees network usernames and passwords
    B. The MAC address of the employees?computers
    C. The IP address of the employees computers
    D. Bank account numbers and the corresponding routing numbers

  • Question 78:

    Which of the following should a computer forensics lab used for investigations have?

    A. isolation
    B. restricted access
    C. open access
    D. an entry log

  • Question 79:

    Jason is the security administrator of ACMA metal Corporation. One day he notices the company s Oracle database server has been compromised and the customer information along with financial data has been stolen. The financial loss will be in millions of dollars if the database gets into the hands of the competitors. Jason wants to report this crime to the law enforcement agencies immediately. Which organization coordinates computer crimes investigations throughout the United States?

    A. Internet Fraud Complaint Center
    B. Local or national office of the U.S. Secret Service
    C. National Infrastructure Protection Center
    D. CERT Coordination Center

  • Question 80:

    What will the following URL produce in an unpatched IIS Web Server?

    A. Execute a buffer flow in the C: drive of the web server
    B. Insert a Trojan horse into the C: drive of the web server
    C. Directory listing of the C:\windows\system32 folder on the web server
    D. Directory listing of C: drive on the web server

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 412-79 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.