1. Home
  2. EC-COUNCIL
  3. 412-79V8

EC-COUNCIL 412-79V8 Online Practice Questions and Exam Preparation

412-79V8 Exam Details

  • Exam Code
    :412-79V8
  • Exam Name
    :EC-Council Certified Security Analyst (ECSA)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :200 Q&As
  • Last Updated
    :May 28, 2026

EC-COUNCIL 412-79V8 Online Questions & Answers

  • Question 131:

    What is the difference between penetration testing and vulnerability testing?

    A. Penetration testing goes one step further than vulnerability testing; while vulnerability tests check for known vulnerabilities, penetration testing adopts the concept of `in-depth ethical hacking'
    B. Penetration testing is based on purely online vulnerability analysis while vulnerability testing engages ethical hackers to find vulnerabilities
    C. Vulnerability testing is more expensive than penetration testing
    D. Penetration testing is conducted purely for meeting compliance standards while vulnerability testing is focused on online scans

  • Question 132:

    The term social engineering is used to describe the various tricks used to fool people (employees, business partners, or customers) into voluntarily giving away information that would not normally be known to the general public.

    What is the criminal practice of social engineering where an attacker uses the telephone system in an attempt to scam the user into surrendering private information?

    A. Phishing
    B. Spoofing
    C. Tapping
    D. Vishing

  • Question 133:

    SQL injection attack consists of insertion or "injection" of either a partial or complete SQL query via the data input or transmitted from the client (browser) to the web application. A successful SQL injection attack can:

    i)Read sensitive data from the database iii)Modify database data (insert/update/delete) iii)Execute administration operations on the database (such as shutdown the DBMS) iV)Recover the content of a given file existing on the DBMS file system or write files into the file system v)Issue commands to the operating system

    Pen tester needs to perform various tests to detect SQL injection vulnerability. He has to make a list of all input fields whose values could be used in crafting a SQL query, including the hidden fields of POST requests and then test them

    separately, trying to interfere with the query and to generate an error.

    In which of the following tests is the source code of the application tested in a non-runtime environment to detect the SQL injection vulnerabilities?

    A. Automated Testing
    B. Function Testing
    C. Dynamic Testing
    D. Static Testing

  • Question 134:

    Port numbers are used to keep track of different conversations crossing the network at the same time. Both TCP and UDP use port (socket) numbers to pass information to the upper layers. Port numbers have the assigned ranges. The port numbers above 1024 are considered as which one of the following? (Select all that apply)

    A. Well-known port numbers
    B. Dynamically assigned port numbers
    C. Unregistered port numbers
    D. Statically assigned port numbers

  • Question 135:

    Network scanning is used to identify the available network resources. Which one of the following is also known as a half-open scan, because a full TCP connection is never completed and it is used to determine which ports are open and listening on a target device?

    A. SYN Scan
    B. TCP Connect Scan
    C. XMAS Scan
    D. Null Scan

  • Question 136:

    Which one of the following is false about Wireshark? (Select all that apply)

    A. Wireshark offers some options to analyze the WEP-decrypted data
    B. It does not support decrypting the TKIP or CCMP packets
    C. In order for Wireshark to decrypt the contents of the WEP-encrypted packets, it must be given the appropriate WEP key for the network
    D. Packet Sniffer Mode

  • Question 137:

    John, a penetration tester from a pen test firm, was asked to collect information about the host file in a Windows system directory. Which of the following is the location of the host file in Window system directory?

    A. C:\Windows\System32\Boot
    B. C:\WINNT\system32\drivers\etc
    C. C:\WINDOWS\system32\cmd.exe
    D. C:\Windows\System32\restore

  • Question 138:

    Which of the following policies helps secure data and protects the privacy of organizational information?

    A. Special-Access Policy
    B. Document retention Policy
    C. Cryptography Policy
    D. Personal Security Policy

  • Question 139:

    Which one of the following acts makes reputational risk of poor security a reality because it requires public disclosure of any security breach that involves personal information if it is unencrypted or if it is reasonably believed that the information has been acquired by an unauthorized person?

    A. California SB 1386
    B. Sarbanes-Oxley 2002
    C. Gramm-Leach-Bliley Act (GLBA)
    D. USA Patriot Act 2001

  • Question 140:

    Which one of the following components of standard Solaris Syslog is a UNIX command that is used to add single-line entries to the system log?

    A. "Logger"
    B. "/etc/syslog.conf"
    C. "Syslogd"
    D. "Syslogd.conf"

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 412-79V8 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.