412-79V8 Exam Details

  • Exam Code
    :412-79V8
  • Exam Name
    :EC-Council Certified Security Analyst (ECSA)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :200 Q&As
  • Last Updated
    :Jul 08, 2026

EC-COUNCIL 412-79V8 Online Questions & Answers

  • Question 181:

    DMZ is a network designed to give the public access to the specific internal resources and you might want to do the same thing for guests visiting organizations without compromising the integrity of the internal resources. In general, attacks on the wireless networks fall into four basic categories. Identify the attacks that fall under Passive attacks category.(Select all that apply)

    A. Wardriving
    B. Spoofing
    C. Sniffing
    D. Network Hijacking

  • Question 182:

    Which Wireshark filter displays all the packets where the IP address of the source host is 10.0.0.7?

    A. ip.dst==10.0.0.7
    B. ip.port==10.0.0.7
    C. ip.src==10.0.0.7
    D. ip.dstport==10.0.0.7

  • Question 183:

    Which of the following is the range for assigned ports managed by the Internet Assigned Numbers Authority (IANA)?

    A. 3001-3100
    B. 5000-5099
    C. 6666-6674
    D. 0 1023

  • Question 184:

    Which of the following defines the details of services to be provided for the client's organization and the list of services required for performing the test in the organization?

    A. Draft
    B. Report
    C. Requirement list
    D. Quotation

  • Question 185:

    Which one of the following scans starts, but does not complete the TCP handshake sequence for each port selected, and it works well for direct scanning and often works well through firewalls?

    A. SYN Scan
    B. Connect() scan
    C. XMAS Scan
    D. Null Scan

  • Question 186:

    Vulnerability assessment is an examination of the ability of a system or application, including the current security procedures and controls, to withstand assault.

    What does a vulnerability assessment identify?

    A. Disgruntled employees
    B. Weaknesses that could be exploited
    C. Physical security breaches
    D. Organizational structure

  • Question 187:

    During the process of fingerprinting a web application environment, what do you need to do in order to analyze HTTP and HTTPS request headers and the HTML source code?

    A. Examine Source of the Available Pages
    B. Perform Web Spidering
    C. Perform Banner Grabbing
    D. Check the HTTP and HTML Processing by the Browser

  • Question 188:

    Which of the following is an ARP cache poisoning technique aimed at network switches?

    A. Replay Attack
    B. Mac Flooding
    C. Man-in-the Middle Attack
    D. DNS Poisoning

  • Question 189:

    Transmission control protocol accepts data from a data stream, divides it into chunks, and adds a TCP header creating a TCP segment.

    The TCP header is the first 24 bytes of a TCP segment that contains the parameters and state of an end- to-end TCP socket. It is used to track the state of communication between two TCP endpoints. For a connection to be established or

    initialized, the two hosts must synchronize. The synchronization requires each side to send its own initial sequence number and to receive a confirmation of exchange in an acknowledgment (ACK) from the other side The below diagram

    shows the TCP Header format:

    How many bits is a acknowledgement number?

    A. 16 bits
    B. 32 bits
    C. 8 bits
    D. 24 bits

  • Question 190:

    Wireless communication allows networks to extend to places that might otherwise go untouched by the wired networks. When most people say `Wireless' these days, they are referring to one of the 802.11 standards. There are three main

    802.11 standards: B, A, and G. Which one of the following 802.11 types uses DSSS Modulation, splitting the 2.4ghz band into channels?

    A. 802.11b
    B. 802.11g
    C. 802.11-Legacy
    D. 802.11n

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 412-79V8 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.