1. Home
  2. EC-COUNCIL
  3. 412-79V8

EC-Council Certified Security Analyst (ECSA)

Exam Details

  • Exam Code
    :412-79V8
  • Exam Name
    :EC-Council Certified Security Analyst (ECSA)
  • Certification
    :ECCouncil Certification
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :200 Q&As
  • Last Updated
    :May 09, 2024

EC-COUNCIL ECCouncil Certification 412-79V8 Questions & Answers

  • Question 181:

    Which of the following statement holds true for TCP Operation?

    A. Port numbers are used to know which application the receiving host should pass the data to

    B. Sequence numbers are used to track the number of packets lost in transmission

    C. Flow control shows the trend of a transmitting host overflowing the buffers in the receiving host

    D. Data transfer begins even before the connection is established

  • Question 182:

    Which of the following will not handle routing protocols properly?

    A. "Internet-router-firewall-net architecture"

    B. "Internet-firewall-router-net architecture"

    C. "Internet-firewall -net architecture"

    D. "Internet-firewall/router(edge device)-net architecture"

  • Question 183:

    Which Wireshark filter displays all the packets where the IP address of the source host is 10.0.0.7?

    A. ip.dst==10.0.0.7

    B. ip.port==10.0.0.7

    C. ip.src==10.0.0.7

    D. ip.dstport==10.0.0.7

  • Question 184:

    Which of the following statements is true about the LM hash?

    A. Disabled in Windows Vista and 7 OSs

    B. Separated into two 8-character strings

    C. Letters are converted to the lowercase

    D. Padded with NULL to 16 characters

  • Question 185:

    From where can clues about the underlying application environment can be collected?

    A. From the extension of the file

    B. From executable file

    C. From file types and directories

    D. From source code

  • Question 186:

    Which of the following information gathering techniques collects information from an organization's web-based calendar and email services?

    A. Anonymous Information Gathering

    B. Private Information Gathering

    C. Passive Information Gathering

    D. Active Information Gathering

  • Question 187:

    Which of the following is not a characteristic of a firewall?

    A. Manages public access to private networked resources

    B. Routes packets between the networks

    C. Examines all traffic routed between the two networks to see if it meets certain criteria

    D. Filters only inbound traffic but not outbound traffic

  • Question 188:

    The IP protocol was designed for use on a wide variety of transmission links. Although the maximum length of an IP datagram is 64K, most transmission links enforce a smaller maximum packet length limit, called a MTU. The value of the MTU depends on the type of the transmission link. The design of IP accommodates MTU differences by allowing routers to fragment IP datagrams as necessary. The receiving station is responsible for reassembling the fragments back into the original full size IP datagram. IP fragmentation involves breaking a datagram into a number of pieces that can be reassembled later. The IP source, destination, identification, total length, and fragment offset fields in the IP header, are used for IP fragmentation and reassembly.

    The fragment offset is 13 bits and indicates where a fragment belongs in the original IP datagram. This value is a:

    A. Multiple of four bytes

    B. Multiple of two bytes

    C. Multiple of eight bytes

    D. Multiple of six bytes

  • Question 189:

    Application security assessment is one of the activity that a pen tester performs in the attack phase. It is designed to identify and assess threats to the organization through bespoke, proprietary applications or systems. It checks the application so that a malicious user cannot access, modify, or destroy data or services within the system.

    Identify the type of application security assessment which analyzes the application-based code to confirm that it does not contain any sensitive information that an attacker might use to exploit an application.

    A. Web Penetration Testing

    B. Functionality Testing

    C. Authorization Testing

    D. Source Code Review

  • Question 190:

    Which of the following is a framework of open standards developed by the Internet Engineering Task Force (IETF) that provides secure transmission of the sensitive data over an unprotected medium, such as the Internet?

    A. DNSSEC

    B. Netsec

    C. IKE

    D. IPsec

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 412-79V8 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.