412-79V10 Exam Details

  • Exam Code
    :412-79V10
  • Exam Name
    :EC-Council Certified Security Analyst (ECSA) V10
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :201 Q&As
  • Last Updated
    :Jul 03, 2026

EC-COUNCIL 412-79V10 Online Questions & Answers

  • Question 51:

    Passwords protect computer resources and files from unauthorized access by malicious users. Using passwords is the most capable and effective way to protect information and to increase the security level of a company. Password cracking is the process of recovering passwords from data that have been stored in or transmitted by a computer system to gain unauthorized access to a system.

    Which of the following password cracking attacks tries every combination of characters until the password is broken?

    A. Brute-force attack
    B. Rule-based attack
    C. Hybrid attack
    D. Dictionary attack

  • Question 52:

    The objective of social engineering pen testing is to test the strength of human factors in a security chain within the organization. It is often used to raise the level of security awareness among employees.

    The tester should demonstrate extreme care and professionalism during a social engineering pen test as it might involve legal issues such as violation of privacy and may result in an embarrassing situation for the organization. Which of the following methods of attempting social engineering is associated with bribing, handing out gifts, and becoming involved in a personal relationship to befriend someone inside the company?

    A. Accomplice social engineering technique
    B. Identity theft
    C. Dumpster diving
    D. Phishing social engineering technique

  • Question 53:

    Which of the following is an ARP cache poisoning technique aimed at network switches?

    A. Replay Attack
    B. Mac Flooding
    C. Man-in-the Middle Attack
    D. DNS Poisoning

  • Question 54:

    Which of the following contents of a pen testing project plan addresses the strengths, weaknesses, opportunities, and threats involved in the project?

    A. Project Goal
    B. Success Factors
    C. Objectives
    D. Assumptions

  • Question 55:

    Which of the following is NOT generally included in a quote for penetration testing services?

    A. Type of testing carried out
    B. Type of testers involved
    C. Budget required
    D. Expected timescale required to finish the project

  • Question 56:

    Port numbers are used to keep track of different conversations crossing the network at the same time. Both TCP and UDP use port (socket) numbers to pass information to the upper layers. Port numbers have the assigned ranges.

    Port numbers above 1024 are considered which one of the following?

    A. Dynamically assigned port numbers
    B. Statically assigned port numbers
    C. Well-known port numbers
    D. Unregistered port numbers

  • Question 57:

    Identify the policy that defines the standards for the organizational network connectivity and security standards for computers that are connected in the organizational network.

    A. Information-Protection Policy
    B. Special-Access Policy
    C. Remote-Access Policy
    D. Acceptable-Use Policy

  • Question 58:

    Which of the following methods is used to perform server discovery?

    A. Banner Grabbing
    B. Whois Lookup
    C. SQL Injection
    D. Session Hijacking

  • Question 59:

    Internet Control Message Protocol (ICMP) messages occur in many situations, such as whenever a datagram cannot reach the destination or the gateway does not have the buffering capacity to forward a datagram. Each ICMP message contains three fields: type, code, and checksum. Different types of Internet Control Message Protocols (ICMPs) are identified by a TYPE field. If the destination is not reachable, which one of the following are generated?

    A. Type 8 ICMP codes
    B. Type 12 ICMP codes
    C. Type 3 ICMP codes
    D. Type 7 ICMP codes

  • Question 60:

    Which one of the following tools of trade is an automated, comprehensive penetration testing product for assessing the specific information security threats to an organization?

    A. Sunbelt Network Security Inspector (SNSI)
    B. CORE Impact
    C. Canvas
    D. Microsoft Baseline Security Analyzer (MBSA)

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 412-79V10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.