412-79V10 Exam Details

  • Exam Code
    :412-79V10
  • Exam Name
    :EC-Council Certified Security Analyst (ECSA) V10
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :201 Q&As
  • Last Updated
    :Jul 03, 2026

EC-COUNCIL 412-79V10 Online Questions & Answers

  • Question 31:

    Identify the person who will lead the penetration-testing project and be the client point of contact.

    A. Database Penetration Tester
    B. Policy Penetration Tester
    C. Chief Penetration Tester
    D. Application Penetration Tester

  • Question 32:

    Which of the following password hashing algorithms is used in the NTLMv2 authentication mechanism?

    A. AES
    B. DES (ECB mode)
    C. MD5
    D. RC5

  • Question 33:

    Traceroute is a computer network diagnostic tool for displaying the route (path) and measuring transit delays of packets across an Internet Protocol (IP) network. It sends a sequence of three Internet Control Message Protocol (ICMP) echo request packets addressed to a destination host.

    The time-to-live (TTL) value, also known as hop limit, is used in determining the intermediate routers being traversed towards the destination.

    During routing, each router reduces packets' TTL value by

    A. 3
    B. 1
    C. 4
    D. 2

  • Question 34:

    To locate the firewall, SYN packet is crafted using Hping or any other packet crafter and sent to the firewall. If ICMP unreachable type 13 message (which is an admin prohibited packet) with a source IP address of the access control device is received, then it means which of the following type of firewall is in place?

    A. Circuit level gateway
    B. Stateful multilayer inspection firewall
    C. Packet filter
    D. Application level gateway

  • Question 35:

    War Driving is the act of moving around a specific area, mapping the population of wireless access points for statistical purposes. These statistics are then used to raise awareness of the security problems associated with these types of networks. Which one of the following is a Linux based program that exploits the weak IV (Initialization Vector) problem documented with static WEP?

    A. Airsnort
    B. Aircrack
    C. WEPCrack
    D. Airpwn

  • Question 36:

    Which of the following are the default ports used by NetBIOS service?

    A. 135, 136, 139, 445
    B. 134, 135, 136, 137
    C. 137, 138, 139, 140
    D. 133, 134, 139, 142

  • Question 37:

    The amount of data stored in organizational databases has increased rapidly in recent years due to the rapid advancement of information technologies. A high percentage of these data is sensitive, private and critical to the organizations, their clients and partners.

    Therefore, databases are usually installed behind internal firewalls, protected with intrusion detection mechanisms and accessed only by applications. To access a database, users have to connect to one of these applications and submit queries through them to the database. The threat to databases arises when these applications do not behave properly and construct these queries without sanitizing user inputs first.

    Identify the injection attack represented in the diagram below:

    A. Frame Injection Attack
    B. LDAP Injection Attack
    C. XPath Injection Attack
    D. SOAP Injection Attack

  • Question 38:

    You have compromised a lower-level administrator account on an Active Directory network of a small company in Dallas, Texas. You discover Domain Controllers through enumeration. You connect to one of the Domain Controllers on port

    389 using Idp.exe.

    What are you trying to accomplish here?

    A. Poison the DNS records with false records
    B. Enumerate MX and A records from DNS
    C. Establish a remote connection to the Domain Controller
    D. Enumerate domain user accounts and built-in groups

  • Question 39:

    Firewall and DMZ architectures are characterized according to its design. Which one of the following architectures is used when routers have better high-bandwidth data stream handling capacity?

    A. Weak Screened Subnet Architecture
    B. "Inside Versus Outside" Architecture
    C. "Three-Homed Firewall" DMZ Architecture
    D. Strong Screened-Subnet Architecture

  • Question 40:

    Identify the correct formula for Return on Investment (ROI).

    A. ROI = ((Expected Returns ?Cost of Investment) / Cost of Investment) * 100
    B. ROI = (Expected Returns + Cost of Investment) / Cost of Investment
    C. ROI = (Expected Returns Cost of Investment) / Cost of Investment
    D. ROI = ((Expected Returns + Cost of Investment) / Cost of Investment) * 100

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 412-79V10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.