EC-COUNCIL 412-79V8 Online Practice Questions and Exam Preparation

EC-COUNCIL 412-79V8 Online Questions & Answers

• Question 101:

  If a web application sends HTTP cookies as its method for transmitting session tokens, it may be vulnerable which of the following attacks?

  A. Parameter tampering Attack
  B. Sql injection attack
  C. Session Hijacking
  D. Cross-site request attack
  D. Cross-site request attack

• Question 102:

  An attacker injects malicious query strings in user input fields to bypass web service authentication mechanisms and to access back-end databases. Which of the following attacks is this?

  A. Frame Injection Attack
  B. LDAP Injection Attack
  C. XPath Injection Attack
  D. SOAP Injection Attack
  D. SOAP Injection Attack

• Question 103:

  Which of the following will not handle routing protocols properly?

  A. "Internet-router-firewall-net architecture"
  B. "Internet-firewall-router-net architecture"
  C. "Internet-firewall -net architecture"
  D. "Internet-firewall/router(edge device)-net architecture"
  B. "Internet-firewall-router-net architecture"

• Question 104:

  Which of the following statements is true about Multi-Layer Intrusion Detection Systems (mIDSs)?

  A. Decreases consumed employee time and increases system uptime
  B. Increases detection and reaction time
  C. Increases response time
  D. Both a and c
  A. Decreases consumed employee time and increases system uptime

• Question 105:

  Which of the following methods is used to perform server discovery?

  A. Banner Grabbing
  B. Whois Lookup
  C. SQL Injection
  D. Session Hijacking
  B. Whois Lookup

• Question 106:

  Due to illegal inputs, various types of TCP stacks respond in a different manner. Some IDSs do not take into account the TCP protocol's urgency feature, which could allow testers to evade the IDS.

  

  Penetration tester needs to try different combinations of TCP flags (e.g. none, SYN/FIN, SYN/RST, SYN/ FIN/ACK, SYN/RST/ACK, and All Flags) to test the IDS. Which of the following TCP flag combinations combines the problem of initiation, midstream, and termination flags with the PSH and URG?

  A. SYN/RST/ACK
  B. SYN/FIN/ACK
  C. SYN/FIN
  D. All Flags
  D. All Flags

• Question 107:

  What information can be collected by dumpster diving?

  A. Sensitive documents
  B. Email messages
  C. Customer contact information
  D. All the above
  A. Sensitive documents

• Question 108:

  External penetration testing is a traditional approach to penetration testing and is more focused on the servers, infrastructure and the underlying software comprising the target. It involves a comprehensive analysis of publicly available information about the target, such as Web servers, Mail servers, Firewalls, and Routers.

  

  Which of the following types of penetration testing is performed with no prior knowledge of the site?

  A. Blue box testing
  B. White box testing
  C. Grey box testing
  D. Black box testing
  D. Black box testing

• Question 109:

  Identify the type of firewall represented in the diagram below:

  

  A. Stateful multilayer inspection firewall
  B. Application level gateway
  C. Packet filter
  D. Circuit level gateway
  B. Application level gateway

• Question 110:

  ARP spoofing is a technique whereby an attacker sends fake ("spoofed") Address Resolution Protocol (ARP) messages onto a Local Area Network. Generally, the aim is to associate the attacker's MAC address with the IP address of another host (such as the default gateway), causing any traffic meant for that IP address to be sent to the attacker instead. ARP spoofing attack is used as an opening for other attacks.

  

  What type of attack would you launch after successfully deploying ARP spoofing?

  A. Parameter Filtering
  B. Social Engineering
  C. Input Validation
  D. Session Hijacking
  D. Session Hijacking