412-79V8 Exam Details

  • Exam Code
    :412-79V8
  • Exam Name
    :EC-Council Certified Security Analyst (ECSA)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :200 Q&As
  • Last Updated
    :Jul 08, 2026

EC-COUNCIL 412-79V8 Online Questions & Answers

  • Question 21:

    The SnortMain () function begins by associating a set of handlers for the signals, Snort receives. It does this using the signal () function. Which one of the following functions is used as a programspecific signal and the handler for this calls the DropStats() function to output the current Snort statistics?

    A. SIGUSR1
    B. SIGTERM
    C. SIGINT
    D. SIGHUP

  • Question 22:

    Identify the correct formula for Return on Investment (ROI).

    A. ROI = ((Expected Returns Cost of Investment) / Cost of Investment) * 100
    B. ROI = (Expected Returns + Cost of Investment) / Cost of Investment
    C. ROI = (Expected Returns - Cost of Investment) / Cost of Investment
    D. ROI = ((Expected Returns + Cost of Investment) / Cost of Investment) * 100

  • Question 23:

    Wireshark is a network analyzer. It reads packets from the network, decodes them, and presents them in an easy-to-understand format. Which one of the following is the command-line version of Wireshark, which can be used to capture the live packets from the wire or to read the saved capture files?

    A. Tcpdump
    B. Capinfos
    C. Tshark
    D. Idl2wrs

  • Question 24:

    One of the steps in information gathering is to run searches on a company using complex keywords in Google.

    Which search keywords would you use in the Google search engine to find all the PowerPoint presentations containing information about a target company, ROCHESTON?

    A. ROCHESTON fileformat:+ppt
    B. ROCHESTON ppt:filestring
    C. ROCHESTON filetype:ppt
    D. ROCHESTON +ppt:filesearch

  • Question 25:

    Which vulnerability assessment phase describes the scope of the assessment, identifies and ranks the critical assets, and creates proper information protection procedures such as effective planning, scheduling, coordination, and logistics?

    A. Threat-Assessment Phase
    B. Pre-Assessment Phase
    C. Assessment Phase
    D. Post-Assessment Phase

  • Question 26:

    Identify the attack represented in the diagram below:

    A. Input Validation
    B. Session Hijacking
    C. SQL Injection
    D. Denial-of-Service

  • Question 27:

    A security policy is a document or set of documents that describes, at a high level, the security controls that will be implemented by the company. Which one of the following policies forbids everything and restricts usage of company computers, whether it is system usage or network usage?

    A. Paranoid Policy
    B. Prudent Policy
    C. Promiscuous Policy
    D. Information-Protection Policy

  • Question 28:

    Internet Control Message Protocol (ICMP) messages occur in many situations, such as whenever a datagram cannot reach the destination or the gateway does not have the buffering capacity to forward a datagram. Each ICMP message contains three fields: type, code, and checksum. Different types of Internet Control Message Protocols (ICMPs) are identified by a TYPE field. If the destination is not reachable, which one of the following are generated?

    A. Type 8 ICMP codes
    B. Type 12 ICMP codes
    C. Type 3 ICMP codes
    D. Type 7 ICMP codes

  • Question 29:

    John, the penetration testing manager in a pen testing firm, needs to prepare a pen testing pricing report for a client. Which of the following factors does he need to consider while preparing the pen testing pricing report?

    A. Number of employees in the client organization
    B. Complete structure of the organization
    C. Number of client computers to be tested and resources required to perform a pen test
    D. Number of servers available in the client organization

  • Question 30:

    An automated electronic mail message from a mail system which indicates that the user does not exist on that server is called as?

    A. SMTP Queue Bouncing
    B. SMTP Message Bouncing
    C. SMTP Server Bouncing
    D. SMTP Mail Bouncing

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 412-79V8 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.