1. Home
  2. EC-COUNCIL
  3. 412-79V8

EC-COUNCIL 412-79V8 Online Practice Questions and Exam Preparation

412-79V8 Exam Details

  • Exam Code
    :412-79V8
  • Exam Name
    :EC-Council Certified Security Analyst (ECSA)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :200 Q&As
  • Last Updated
    :May 28, 2026

EC-COUNCIL 412-79V8 Online Questions & Answers

  • Question 91:

    Which of the following are the default ports used by NetBIOS service?

    A. 135, 136, 139, 445
    B. 134, 135, 136, 137
    C. 137, 138, 139, 140
    D. 133, 134, 139, 142

  • Question 92:

    Amazon, an IT based company, conducts a survey on the usage of the Internet. They found that company employees spend most of the time at work surfing the web for their personal use and for inappropriate web site viewing. Management decide to block all such web sites using URL filtering software.

    How can employees continue to see the blocked websites?

    A. Using session hijacking
    B. Using proxy servers
    C. Using authentication
    D. Using encryption

  • Question 93:

    You have compromised a lower-level administrator account on an Active Directory network of a small company in Dallas, Texas. You discover Domain Controllers through enumeration. You connect to one of the Domain Controllers on port 389 using Idp.exe. What are you trying to accomplish here?

    A. Poison the DNS records with false records
    B. Enumerate MX and A records from DNS
    C. Establish a remote connection to the Domain Controller
    D. Enumerate domain user accounts and built-in groups

  • Question 94:

    A Demilitarized Zone (DMZ) is a computer host or small network inserted as a "neutral zone" between a company's private network and the outside public network. Usage of a protocol within a DMZ environment is highly variable based on the specific needs of an organization. Privilege escalation, system is compromised when the code runs under root credentials, and DoS attacks are the basic weakness of which one of the following Protocol?

    A. Lightweight Directory Access Protocol (LDAP)
    B. Simple Network Management Protocol (SNMP)
    C. Telnet
    D. Secure Shell (SSH)

  • Question 95:

    A man enters a PIN number at an ATM machine, being unaware that the person next to him was watching. Which of the following social engineering techniques refers to this type of information theft?

    A. Shoulder surfing
    B. Phishing
    C. Insider Accomplice
    D. Vishing

  • Question 96:

    Which of the following is NOT related to the Internal Security Assessment penetration testing strategy?

    A. Testing to provide a more complete view of site security
    B. Testing focused on the servers, infrastructure, and the underlying software, including the target
    C. Testing including tiers and DMZs within the environment, the corporate network, or partner company connections
    D. Testing performed from a number of network access points representing each logical and physical segment

  • Question 97:

    Hackers today have an ever-increasing list of weaknesses in the web application structure at their disposal, which they can exploit to accomplish a wide variety of malicious tasks.

    New flaws in web application security measures are constantly being researched, both by hackers and by security professionals. Most of these flaws affect all dynamic web applications whilst others are dependent on specific application

    technologies. In both cases, one may observe how the evolution and refinement of web technologies also brings about new exploits which compromise sensitive databases, provide access to theoretically secure networks, and pose a threat

    to the daily operation of online businesses.

    What is the biggest threat to Web 2.0 technologies?

    A. SQL Injection Attacks
    B. Service Level Configuration Attacks
    C. Inside Attacks
    D. URL Tampering Attacks

  • Question 98:

    In the example of a /etc/passwd file below, what does the bold letter string indicate? nomad:HrLNrZ3VS3TF2:501:100: Simple Nomad:/home/nomad:/bin/bash

    A. Maximum number of days the password is valid
    B. Group number
    C. GECOS information
    D. User number

  • Question 99:

    When you are running a vulnerability scan on a network and the IDS cuts off your connection, what type of IDS is being used?

    A. Passive IDS
    B. Active IDS
    C. Progressive IDS
    D. NIPS

  • Question 100:

    Which of the following is an application alert returned by a web application that helps an attacker guess a valid username?

    A. Invalid username or password
    B. Account username was not found
    C. Incorrect password
    D. Username or password incorrect

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 412-79V8 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.