412-79V8 Exam Details

  • Exam Code
    :412-79V8
  • Exam Name
    :EC-Council Certified Security Analyst (ECSA)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :200 Q&As
  • Last Updated
    :Jul 08, 2026

EC-COUNCIL 412-79V8 Online Questions & Answers

  • Question 1:

    In Linux, /etc/shadow file stores the real password in encrypted format for user's account with added properties associated with the user's password.

    In the example of a /etc/shadow file below, what does the bold letter string indicate? Vivek: $1$fnffc$GteyHdicpGOfffXX40w#5:13064:0:99999:7

    A. Number of days the user is warned before the expiration date
    B. Minimum number of days required between password changes
    C. Maximum number of days the password is valid
    D. Last password changed

  • Question 2:

    Identify the person who will lead the penetration-testing project and be the client point of contact.

    A. Database Penetration Tester
    B. Policy Penetration Tester
    C. Chief Penetration Tester
    D. Application Penetration Tester

  • Question 3:

    Which of the following protocols cannot be used to filter VoIP traffic?

    A. Media Gateway Control Protocol (MGCP)
    B. Real-time Transport Control Protocol (RTCP)
    C. Session Description Protocol (SDP)
    D. Real-Time Publish Subscribe (RTPS)

  • Question 4:

    A penetration test consists of three phases: pre-attack phase, attack phase, and post-attack phase.

    Active reconnaissance which includes activities such as network mapping, web profiling, and perimeter mapping is a part which phase(s)?

    A. Post-attack phase
    B. Pre-attack phase and attack phase
    C. Attack phase
    D. Pre-attack phase

  • Question 5:

    The first and foremost step for a penetration test is information gathering. The main objective of this test is to gather information about the target system which can be used in a malicious manner to gain access to the target systems.

    Which of the following information gathering terminologies refers to gathering information through social engineering on-site visits, face-to-face interviews, and direct questionnaires?

    A. Active Information Gathering
    B. Pseudonymous Information Gathering
    C. Anonymous Information Gathering
    D. Open Source or Passive Information Gathering

  • Question 6:

    Traffic on which port is unusual for both the TCP and UDP ports?

    A. Port 81
    B. Port 443
    C. Port 0
    D. Port21

  • Question 7:

    Vulnerability assessment is an examination of the ability of a system or application, including current security procedures and controls, to withstand assault. It recognizes, measures, and classifies security vulnerabilities in a computer system, network, and communication channels. A vulnerability assessment is used to identify weaknesses that could be exploited and predict the effectiveness of additional security measures in protecting information resources from attack.

    Which of the following vulnerability assessment technique is used to test the web server infrastructure for any misconfiguration and outdated content?

    A. Passive Assessment
    B. Host-based Assessment
    C. External Assessment
    D. Application Assessment

  • Question 8:

    Application security assessment is one of the activity that a pen tester performs in the attack phase. It is designed to identify and assess threats to the organization through bespoke, proprietary applications or systems. It checks the application so that a malicious user cannot access, modify, or destroy data or services within the system.

    Identify the type of application security assessment which analyzes the application-based code to confirm that it does not contain any sensitive information that an attacker might use to exploit an application.

    A. Web Penetration Testing
    B. Functionality Testing
    C. Authorization Testing
    D. Source Code Review

  • Question 9:

    Which of the following attacks does a hacker perform in order to obtain UDDI information such as businessEntity, businesService, bindingTemplate, and tModel?

    A. Web Services Footprinting Attack
    B. Service Level Configuration Attacks
    C. URL Tampering Attacks
    D. Inside Attacks

  • Question 10:

    Which one of the following is a command line tool used for capturing data from the live network and copying those packets to a file?

    A. Wireshark: Capinfos
    B. Wireshark: Tcpdump
    C. Wireshark: Text2pcap
    D. Wireshark: Dumpcap

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 412-79V8 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.