412-79V10 Exam Details

  • Exam Code
    :412-79V10
  • Exam Name
    :EC-Council Certified Security Analyst (ECSA) V10
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :201 Q&As
  • Last Updated
    :Jul 03, 2026

EC-COUNCIL 412-79V10 Online Questions & Answers

  • Question 21:

    DMZ is a network designed to give the public access to the specific internal resources and you might want to do the same thing for guests visiting organizations without compromising the integrity of the internal resources. In general, attacks on the wireless networks fall into four basic categories. Identify the attacks that fall under Passive attacks category.(Select all that apply)

    A. Wardriving
    B. Spoofing
    C. Sniffing
    D. Network Hijacking

  • Question 22:

    In the process of hacking a web application, attackers manipulate the HTTP requests to subvert the application authorization schemes by modifying input fields that relate to the user ID, username, access group, cost, file names, file identifiers, etc. They first access the web application using a low privileged account and then escalate privileges to access protected resources. What attack has been carried out?

    A. XPath Injection Attack
    B. Authorization Attack
    C. Authentication Attack
    D. Frame Injection Attack

  • Question 23:

    Which one of the following Snort logger mode commands is associated to run a binary log file through Snort in sniffer mode to dump the packets to the screen?

    A. ./snort -dvr packet.log icmp
    B. ./snort -dev -l ./log
    C. ./snort -dv -r packet.log
    D. ./snort -l ./log -b

  • Question 24:

    Output modules allow Snort to be much more flexible in the formatting and presentation of output to its users. Snort has 9 output plug-ins that push out data in different formats. Which one of the following output plug-ins allows alert data to be written in a format easily importable to a database?

    A. unified
    B. csv
    C. alert_unixsock
    D. alert_fast

  • Question 25:

    Which of the following is NOT related to the Internal Security Assessment penetration testing strategy?

    A. Testing to provide a more complete view of site security
    B. Testing focused on the servers, infrastructure, and the underlying software, including the target
    C. Testing including tiers and DMZs within the environment, the corporate network, or partner company connections
    D. Testing performed from a number of network access points representing each logical and physical segment

  • Question 26:

    A Blind SQL injection is a type of SQL Injection attack that asks the database true or false questions and determines the answer based on the application response. This attack is often used when the web application is configured to show generic error messages, but has not mitigated the code that is vulnerable to SQL injection.

    It is performed when an error message is not received from application while trying to exploit SQL vulnerabilities. The developer's specific message is displayed instead of an error message. So it is quite difficult to find SQL vulnerability in such cases. A pen tester is trying to extract the database name by using a blind SQL injection. He tests the database using the below query and finally finds the database name. http://juggyboy.com/page.aspx?id=1; IF (LEN(DB_NAME())=4) WAITFOR DELAY '00:00:10'-http://juggyboy.com/page.aspx?id=1; IF (ASCII(lower(substring((DB_NAME()),1,1)))=97) WAITFOR DELAY '00:00:10'-http://juggyboy.com/page.aspx?id=1; IF (ASCII(lower(substring((DB_NAME()),2,1)))=98) WAITFOR DELAY '00:00:10'-http://juggyboy.com/page.aspx?id=1; IF (ASCII(lower(substring((DB_NAME()),3,1)))=99) WAITFOR DELAY '00:00:10'-http://juggyboy.com/page.aspx?id=1; IF (ASCII(lower(substring((DB_NAME()),4,1)))=100) WAITFOR DELAY '00:00:10'-What is the database name?

    A. WXYZ
    B. PQRS
    C. EFGH
    D. ABCD

  • Question 27:

    A WHERE clause in SQL specifies that a SQL Data Manipulation Language (DML) statement should only affect rows that meet specified criteria. The criteria are expressed in the form of predicates. WHERE clauses are not mandatory clauses of SQL DML statements, but can be used to limit the number of rows affected by a SQL DML statement or returned by a query.

    A pen tester is trying to gain access to a database by inserting exploited query statements with a WHERE clause. The pen tester wants to retrieve all the entries from the database using the WHERE clause from a particular table (e.g. StudentTable).

    What query does he need to write to retrieve the information?

    A. EXTRACT* FROM StudentTable WHERE roll_number = 1 order by 1000
    B. DUMP * FROM StudentTable WHERE roll_number = 1 AND 1=1-
    C. SELECT * FROM StudentTable WHERE roll_number = '' or '1' = '1`
    D. RETRIVE * FROM StudentTable WHERE roll_number = 1'#

  • Question 28:

    Identify the transition mechanism to deploy IPv6 on the IPv4 network from the following diagram.

    A. Translation
    B. Tunneling
    C. Dual Stacks
    D. Encapsulation

  • Question 29:

    A framework is a fundamental structure used to support and resolve complex issues. The framework that delivers an efficient set of technologies in order to develop applications which are more secure in using Internet and Intranet is:

    A. Microsoft Internet Security Framework
    B. Information System Security Assessment Framework (ISSAF)
    C. Bell Labs Network Security Framework
    D. The IBM Security Framework

  • Question 30:

    In a TCP packet filtering firewall, traffic is filtered based on specified session rules, such as when a session is initiated by a recognized computer.

    Identify the level up to which the unknown traffic is allowed into the network stack.

    A. Level 5 ?Application
    B. Level 2 ?Data Link
    C. Level 4 ?TCP
    D. Level 3 ?Internet Protocol (IP)

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 412-79V10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.