1. Home
  2. EC-COUNCIL
  3. 412-79V8

EC-COUNCIL 412-79V8 Online Practice Questions and Exam Preparation

412-79V8 Exam Details

  • Exam Code
    :412-79V8
  • Exam Name
    :EC-Council Certified Security Analyst (ECSA)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :200 Q&As
  • Last Updated
    :May 28, 2026

EC-COUNCIL 412-79V8 Online Questions & Answers

  • Question 71:

    Assessing a network from a hacker's point of view to discover the exploits and vulnerabilities that are accessible to the outside world is which sort of vulnerability assessment?

    A. Network Assessments
    B. Application Assessments
    C. Wireless Network Assessments
    D. External Assessment

  • Question 72:

    From where can clues about the underlying application environment can be collected?

    A. From the extension of the file
    B. From executable file
    C. From file types and directories
    D. From source code

  • Question 73:

    Passwords protect computer resources and files from unauthorized access by malicious users. Using passwords is the most capable and effective way to protect information and to increase the security level of a company. Password cracking is the process of recovering passwords from data that have been stored in or transmitted by a computer system to gain unauthorized access to a system.

    Which of the following password cracking attacks tries every combination of characters until the password is broken?

    A. Brute-force attack
    B. Rule-based attack
    C. Hybrid attack
    D. Dictionary attack

  • Question 74:

    Which of the following has an offset field that specifies the length of the header and data?

    A. IP Header
    B. UDP Header
    C. ICMP Header
    D. TCP Header

  • Question 75:

    During external penetration testing, which of the following techniques uses tools like Nmap to predict the sequence numbers generated by the targeted server and use this information to perform session hijacking techniques?

    A. TCP Sequence Number Prediction
    B. IPID State Number Prediction
    C. TCP State Number Prediction
    D. IPID Sequence Number Prediction

  • Question 76:

    What are the scanning techniques that are used to bypass firewall rules and logging mechanisms and disguise themselves as usual network traffic?

    A. Connect Scanning Techniques
    B. SYN Scanning Techniques
    C. Stealth Scanning Techniques
    D. Port Scanning Techniques

  • Question 77:

    You are conducting a penetration test against a company and you would like to know a personal email address of John, a crucial employee. What is the fastest, cheapest way to find out John's email address.

    A. Call his wife and ask for his personal email account
    B. Call a receptionist and ask for John Stevens' personal email account
    C. Search in Google for his personal email ID
    D. Send an email to John stating that you cannot send him an important spreadsheet attachment file to his business email account and ask him if he has any other email accounts

  • Question 78:

    A WHERE clause in SQL specifies that a SQL Data Manipulation Language (DML) statement should only affect rows that meet specified criteria. The criteria are expressed in the form of predicates. WHERE clauses are not mandatory clauses of SQL DML statements, but can be used to limit the number of rows affected by a SQL DML statement or returned by a query.

    A pen tester is trying to gain access to a database by inserting exploited query statements with a WHERE clause. The pen tester wants to retrieve all the entries from the database using the WHERE clause from a particular table (e.g. StudentTable). What query does he need to write to retrieve the information?

    A. EXTRACT* FROM StudentTable WHERE roll_number = 1 order by 1000
    B. DUMP * FROM StudentTable WHERE roll_number = 1 AND 1=1-
    C. SELECT * FROM StudentTable WHERE roll_number = '' or '1' = '1`
    D. RETRIVE * FROM StudentTable WHERE roll_number = 1'#

  • Question 79:

    Which of the following policies states that the relevant application owner must authorize requests for additional access to specific business applications in writing to the IT Department/resource?

    A. Special-Access Policy
    B. User Identification and Password Policy
    C. Personal Computer Acceptable Use Policy
    D. User-Account Policy

  • Question 80:

    Which of the following information gathering techniques collects information from an organization's web- based calendar and email services?

    A. Anonymous Information Gathering
    B. Private Information Gathering
    C. Passive Information Gathering
    D. Active Information Gathering

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 412-79V8 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.