412-79V10 Exam Details

  • Exam Code
    :412-79V10
  • Exam Name
    :EC-Council Certified Security Analyst (ECSA) V10
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :201 Q&As
  • Last Updated
    :Jul 03, 2026

EC-COUNCIL 412-79V10 Online Questions & Answers

  • Question 91:

    When you are running a vulnerability scan on a network and the IDS cuts off your connection, what type of IDS is being used?

    A. Passive IDS
    B. Active IDS
    C. Progressive IDS
    D. NIPS

  • Question 92:

    Due to illegal inputs, various types of TCP stacks respond in a different manner. Some IDSs do not take into account the TCP protocol's urgency feature, which could allow testers to evade the IDS.

    Penetration tester needs to try different combinations of TCP flags (e.g. none, SYN/FIN, SYN/RST, SYN/FIN/ACK, SYN/RST/ACK, and All Flags) to test the IDS. Which of the following TCP flag combinations combines the problem of initiation, midstream, and termination flags with the PSH and URG?

    A. SYN/RST/ACK
    B. SYN/FIN/ACK
    C. SYN/FIN
    D. All Flags

  • Question 93:

    The Web parameter tampering attack is based on the manipulation of parameters exchanged between client and server in order to modify application data, such as user credentials and permissions, price and quantity of products, etc. Usually, this information is stored in cookies, hidden form fields, or URL Query Strings, and is used to increase application functionality and control.

    This attack takes advantage of the fact that many programmers rely on hidden or fixed fields (such as a hidden tag in a form or a parameter in a URL) as the only security measure for certain operations. Attackers can easily modify these parameters to bypass the security mechanisms that rely on them.

    What is the best way to protect web applications from parameter tampering attacks?

    A. Validating some parameters of the web application
    B. Minimizing the allowable length of parameters
    C. Using an easily guessable hashing algorithm
    D. Applying effective input field filtering parameters

  • Question 94:

    You are conducting a penetration test against a company and you would like to know a personal email address of John, a crucial employee. What is the fastest, cheapest way to find out John's email address.

    A. Call his wife and ask for his personal email account
    B. Call a receptionist and ask for John Stevens' personal email account
    C. Search in Google for his personal email ID
    D. Send an email to John stating that you cannot send him an important spreadsheet attachment file to his business email account and ask him if he has any other email accounts

  • Question 95:

    In the TCP/IP model, the transport layer is responsible for reliability and flow control from source to the destination. TCP provides the mechanism for flow control by allowing the sending and receiving hosts to communicate. A flow control mechanism avoids the problem with a transmitting host overflowing the buffers in the receiving host.

    Which of the following flow control mechanism guarantees reliable delivery of data?

    A. Sliding Windows
    B. Windowing
    C. Positive Acknowledgment with Retransmission (PAR)
    D. Synchronization

  • Question 96:

    Which of the following attacks does a hacker perform in order to obtain UDDI information such as businessEntity, businesService, bindingTemplate, and tModel?

    A. Web Services Footprinting Attack
    B. Service Level Configuration Attacks
    C. URL Tampering Attacks
    D. Inside Attacks

  • Question 97:

    Transmission Control Protocol (TCP) is a connection-oriented four layer protocol. It is responsible for breaking messages into segments, re-assembling them at the destination station, and re-sending. Which one of the following protocols does not use the TCP?

    A. Reverse Address Resolution Protocol (RARP)
    B. HTTP (Hypertext Transfer Protocol)
    C. SMTP (Simple Mail Transfer Protocol)
    D. Telnet

  • Question 98:

    In which of the following IDS evasion techniques does IDS reject the packets that an end system accepts?

    A. IPS evasion technique
    B. IDS evasion technique
    C. UDP evasion technique
    D. TTL evasion technique

  • Question 99:

    Vulnerability assessment is an examination of the ability of a system or application, including the current security procedures and controls, to withstand assault.

    What does a vulnerability assessment identify?

    A. Disgruntled employees
    B. Weaknesses that could be exploited
    C. Physical security breaches
    D. Organizational structure

  • Question 100:

    In Linux, /etc/shadow file stores the real password in encrypted format for user's account with added properties associated with the user's password.

    In the example of a /etc/shadow file below, what does the bold letter string indicate? Vivek: $1$fnffc$GteyHdicpGOfffXX40w#5:13064:0:99999:7

    A. Number of days the user is warned before the expiration date
    B. Minimum number of days required between password changes
    C. Maximum number of days the password is valid
    D. Last password changed

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 412-79V10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.