412-79V8 Exam Details

  • Exam Code
    :412-79V8
  • Exam Name
    :EC-Council Certified Security Analyst (ECSA)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :200 Q&As
  • Last Updated
    :Jul 08, 2026

EC-COUNCIL 412-79V8 Online Questions & Answers

  • Question 61:

    Which type of security policy applies to the below configuration? i)Provides maximum security while allowing known, but necessary, dangers ii)All services are blocked; nothing is allowed iii)Safe and necessary services are enabled individually iv)Non-essential services and procedures that cannot be made safe are NOT allowed v)Everything is logged

    A. Paranoid Policy
    B. Prudent Policy
    C. Permissive Policy
    D. Promiscuous Policy

  • Question 62:

    NTP protocol is used to synchronize the system clocks of computers with a remote time server or time source over a network. Which one of the following ports is used by NTP as its transport layer?

    A. TCP port 152
    B. UDP port 177
    C. UDP port 123
    D. TCP port 113

  • Question 63:

    The Web parameter tampering attack is based on the manipulation of parameters exchanged between client and server in order to modify application data, such as user credentials and permissions, price and quantity of products, etc. Usually, this information is stored in cookies, hidden form fields, or URL Query Strings, and is used to increase application functionality and control. This attack takes advantage of the fact that many programmers rely on hidden or fixed fields

    (such as a hidden tag in a form or a parameter in a URL) as the only security measure for certain operations. Attackers can easily modify these parameters to bypass the security mechanisms that rely on them.

    What is the best way to protect web applications from parameter tampering attacks?

    A. Validating some parameters of the web application
    B. Minimizing the allowable length of parameters
    C. Using an easily guessable hashing algorithm
    D. Applying effective input field filtering parameters

  • Question 64:

    Which of the following pen testing reports provides detailed information about all the tasks performed during penetration testing?

    A. Client-Side Test Report
    B. Activity Report
    C. Host Report
    D. Vulnerability Report

  • Question 65:

    A wireless intrusion detection system (WIDS) monitors the radio spectrum for the presence of unauthorized, rogue access points and the use of wireless attack tools. The system monitors the radio spectrum used by wireless LANs, and

    immediately alerts a systems administrator whenever a rogue access point is detected.

    Conventionally it is achieved by comparing the MAC address of the participating wireless devices.

    Which of the following attacks can be detected with the help of wireless intrusion detection system (WIDS)?

    A. Social engineering
    B. SQL injection
    C. Parameter tampering
    D. Man-in-the-middle attack

  • Question 66:

    Why is a legal agreement important to have before launching a penetration test?

    A. Guarantees your consultant fees
    B. Allows you to perform a penetration test without the knowledge and consent of the organization's upper management
    C. It establishes the legality of the penetration test by documenting the scope of the project and the consent of the company.
    D. It is important to ensure that the target organization has implemented mandatory security policies

  • Question 67:

    Which one of the following Snort logger mode commands is associated to run a binary log file through Snort in sniffer mode to dump the packets to the screen?

    A. ./snort -dvr packet.log icmp
    B. ./snort -dev -l ./log
    C. ./snort -dv -r packet.log
    D. ./snort -l ./log b

  • Question 68:

    A penetration test will show you the vulnerabilities in the target system and the risks associated with it. An educated valuation of the risk will be performed so that the vulnerabilities can be reported as High/ Medium/Low risk issues.

    What are the two types of `white-box' penetration testing?

    A. Announced testing and blind testing
    B. Blind testing and double blind testing
    C. Blind testing and unannounced testing
    D. Announced testing and unannounced testing

  • Question 69:

    The Internet is a giant database where people store some of their most private information on the cloud, trusting that the service provider can keep it all safe. Trojans, Viruses, DoS attacks, website defacement, lost computers, accidental publishing, and more have all been sources of major leaks over the last 15 years.

    What is the biggest source of data leaks in organizations today?

    A. Weak passwords and lack of identity management
    B. Insufficient IT security budget
    C. Rogue employees and insider attacks
    D. Vulnerabilities, risks, and threats facing Web sites

  • Question 70:

    Rule of Engagement (ROE) is the formal permission to conduct a pen-test. It provides top-level guidance for conducting the penetration testing. Various factors are considered while preparing the scope of ROE which clearly explain the limits associated with the security test.

    Which of the following factors is NOT considered while preparing the scope of the Rules of Engagment (ROE)?

    A. A list of employees in the client organization
    B. A list of acceptable testing techniques
    C. Specific IP addresses/ranges to be tested
    D. Points of contact for the penetration testing team

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 412-79V8 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.