EC-COUNCIL 412-79V8 Online Practice Questions and Exam Preparation

EC-COUNCIL 412-79V8 Online Questions & Answers

• Question 121:

  One needs to run "Scan Server Configuration" tool to allow a remote connection to Nessus from the remote Nessus clients. This tool allows the port and bound interface of the Nessus daemon to be configured. By default, the Nessus daemon listens to connections on which one of the following?

  A. Localhost (127.0.0.1) and port 1241
  B. Localhost (127.0.0.1) and port 1240
  C. Localhost (127.0.0.1) and port 1246
  D. Localhost (127.0.0.0) and port 1243
  A. Localhost (127.0.0.1) and port 1241

• Question 122:

  What are the 6 core concepts in IT security?

  

  A. Server management, website domains, firewalls, IDS, IPS, and auditing
  B. Authentication, authorization, confidentiality, integrity, availability, and non-repudiation
  C. Passwords, logins, access controls, restricted domains, configurations, and tunnels
  D. Biometrics, cloud security, social engineering, DoS attack, viruses, and Trojans
  B. Authentication, authorization, confidentiality, integrity, availability, and non-repudiation

• Question 123:

  Many security and compliance projects begin with a simple idea: assess the organization's risk, vulnerabilities, and breaches. Implementing an IT security risk assessment is critical to the overall security posture of any organization. An effective security risk assessment can prevent breaches and reduce the impact of realized breaches.

  

  What is the formula to calculate risk?

  A. Risk = Budget x Time
  B. Risk = Goodwill x Reputation
  C. Risk = Loss x Exposure factor
  D. Risk = Threats x Attacks
  C. Risk = Loss x Exposure factor

• Question 124:

  A Blind SQL injection is a type of SQL Injection attack that asks the database true or false questions and determines the answer based on the application response. This attack is often used when the web application is configured to show generic error messages, but has not mitigated the code that is vulnerable to SQL injection.

  

  It is performed when an error message is not received from application while trying to exploit SQL vulnerabilities. The developer's specific message is displayed instead of an error message. So it is quite difficult to find SQL vulnerability in such cases. A pen tester is trying to extract the database name by using a blind SQL injection. He tests the database using the below query and finally finds the database name. http://juggyboy.com/page.aspx?id=1; IF (LEN(DB_NAME())=4) WAITFOR DELAY '00:00:10'-- http://juggyboy.com/page.aspx?id=1; IF (ASCII(lower(substring((DB_NAME()),1,1)))=97) WAITFOR DELAY '00:00:10'-http://juggyboy.com/page.aspx?id=1; IF (ASCII(lower(substring((DB_NAME()),2,1)))=98) WAITFOR DELAY '00:00:10'-http://juggyboy.com/page.aspx?id=1; IF (ASCII(lower(substring((DB_NAME()),3,1)))=99) WAITFOR DELAY '00:00:10'-

  http://juggyboy.com/page.aspx?id=1; IF (ASCII(lower(substring((DB_NAME()),4,1)))=100) WAITFOR DELAY '00:00:10'-

  What is the database name?

  A. WXYZ
  B. PQRS
  C. EFGH
  D. ABCD
  D. ABCD

• Question 125:

  The objective of social engineering pen testing is to test the strength of human factors in a security chain within the organization. It is often used to raise the level of security awareness among employees.

  

  The tester should demonstrate extreme care and professionalism during a social engineering pen test as it might involve legal issues such as violation of privacy and may result in an embarrassing situation for the organization. Which of the following methods of attempting social engineering is associated with bribing, handing out gifts, and becoming involved in a personal relationship to befriend someone inside the company?

  A. Accomplice social engineering technique
  B. Identity theft
  C. Dumpster diving
  D. Phishing social engineering technique
  A. Accomplice social engineering technique

• Question 126:

  Choose the correct option to define the Prefix Length.

  

  A. Prefix Length = Subnet + Host portions
  B. Prefix Length = Network + Host portions
  C. Prefix Length = Network + Subnet portions
  D. Prefix Length = Network + Subnet + Host portions
  D. Prefix Length = Network + Subnet + Host portions

• Question 127:

  A framework is a fundamental structure used to support and resolve complex issues. The framework that delivers an efficient set of technologies in order to develop applications which are more secure in using Internet and Intranet is:

  A. Microsoft Internet Security Framework
  B. Information System Security Assessment Framework (ISSAF)
  C. Bell Labs Network Security Framework
  D. The IBM Security Framework
  A. Microsoft Internet Security Framework

• Question 128:

  Which one of the following tools of trade is a commercial shellcode and payload generator written in Python by Dave Aitel?

  A. Microsoft Baseline Security Analyzer (MBSA)
  B. CORE Impact
  C. Canvas
  D. Network Security Analysis Tool (NSAT)
  C. Canvas

• Question 129:

  Security auditors determine the use of WAPs on their networks with Nessus vulnerability scanner which identifies the commonly used WAPs. One of the plug-ins that the Nessus Vulnerability Scanner uses is ID #11026 and is named "Access Point Detection". This plug-in uses four techniques to identify the presence of a WAP. Which one of the following techniques is mostly used for uploading new firmware images while upgrading the WAP device?

  A. NMAP TCP/IP fingerprinting
  B. HTTP fingerprinting
  C. FTP fingerprinting
  D. SNMP fingerprinting
  C. FTP fingerprinting

• Question 130:

  This is a group of people hired to give details of the vulnerabilities present in the system found after a penetration test. They are elite and extremely competent penetration testers and intrusion analysts. This team prepares a report on the vulnerabilities in the system, attack methods, and how to defend against them.

  

  What is this team called?

  A. Blue team
  B. Tiger team
  C. Gorilla team
  D. Lion team
  B. Tiger team