Latest Certified Success Dumps Download

CISCO, MICROSOFT, COMPTIA, HP, IBM, ORACLE, VMWARE
412-79 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Testinsides ECCouncil 412-79 Dumps with VCE and PDF 21-30

September 22, 2017

EnsurePass
2017 Sep ECCouncil Official New Released 412-79
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/412-79.html

EC-Council Certified Security Analyst (ECSA)

Question No: 21 – (Topic 1)

Jim performed a vulnerability analysis on his network and found no potential problems. He runs another utility that executes exploits against his system to verify the results of the vulnerability test. The second utility executes five known exploits against his network in which the vulnerability analysis said were not exploitable. What kind of results did Jim receive from his vulnerability analysis?

  1. True negatives

  2. False negatives

  3. False positives

  4. True positives

Answer: B

Question No: 22 – (Topic 1)

You work as a penetration tester for Hammond Security Consultants. You are currently working on a contract for the state government of California. Your next step is to initiate a DoS attack on their network. Why would you want to initiate a DoS attack on a system you are testing?

  1. Use attack as a launching point to penetrate deeper into the network

  2. Demonstrate that no system can be protected against DoS attacks

  3. List weak points on their network

  4. Show outdated equipment so it can be replaced

Answer: C

Question No: 23 – (Topic 1)

To test your website for vulnerabilities, you type in a quotation mark (? for the username field. After you click Ok, you receive the following error message window:

Ensurepass 2017 PDF and VCE

What can you infer from this error window? Exhibit:

  1. SQL injection is not possible

  2. SQL injection is possible

  3. The user for line 3306 in the SQL database has a weak password

  4. The quotation mark (? is a valid username

Answer: B

Question No: 24 – (Topic 1)

You work as an IT security auditor hired by a law firm in Boston to test whether you can gain access to sensitive information about the company clients. You have rummaged through their trash and found very little information. You do not want to set off any alarms on their network, so you plan on performing passive footprinting against their Web servers. What tool should you use?

  1. Nmap

  2. Netcraft

  3. Ping sweep

  4. Dig

Answer: B

Question No: 25 – (Topic 1)

After passing her CEH exam, Carol wants to ensure that her network is completely secure. She implements a DMZ, statefull firewall, NAT, IPSEC, and a packet filtering firewall. Since all security measures were taken, none of the hosts on her network can reach the Internet. Why is that?

  1. IPSEC does not work with packet filtering firewalls

  2. NAT does not work with IPSEC

  3. NAT does not work with statefull firewalls

  4. Statefull firewalls do not work with packet filtering firewalls

Answer: B

Question No: 26 – (Topic 1)

Harold is a web designer who has completed a website for ghttech.net. As part of the maintenance agreement he signed with the client, Harold is performing research online and seeing how much exposure the site has received so far. Harold navigates to google.com and types in the following search.

link:www.ghttech.net

What will this search produce?

  1. All sites that link to ghttech.net

  2. Sites that contain the code: link:www.ghttech.net

  3. All sites that ghttech.net links to

  4. All search engines that link to .net domains

Answer: A

Question No: 27 – (Topic 1)

On Linux/Unix based Web servers, what privilege should the daemon service be run under?

  1. Guest

  2. You cannot determine what privilege runs the daemon service

  3. Root

  4. Something other than root

Answer: D

Question No: 28 – (Topic 1)

Jason has set up a honeypot environment by creating a DMZ that has no physical or logical access to his production network. In this honeypot, he has placed a server running Windows Active Directory. He has also placed a Web server in the DMZ that services a number of web pages that offer visitors a chance to download sensitive information by clicking on a button. A week later, Jason finds in his network logs how an intruder accessed the honeypot and downloaded sensitive information. Jason uses the logs to try and prosecute the intruder for stealing sensitive corporate information. Why will this not be viable?

  1. Intruding into a honeypot is not illegal

  2. Entrapment

  3. Intruding into a DMZ is not illegal

  4. Enticement

Answer: B

Question No: 29 – (Topic 1)

Jessica works as systems administrator for a large electronics firm. She wants to scan her network quickly to detect live hosts by using ICMP ECHO Requests. What type of scan is Jessica going to perform?

  1. Smurf scan

  2. Tracert

  3. Ping trace

  4. ICMP ping sweep

Answer: D

Question No: 30 – (Topic 1)

Harold wants to set up a firewall on his network but is not sure which one would be the most appropriate. He knows he needs to allow FTP traffic to one of the servers on his network, but he wants to only allow FTP-PUT. Which firewall would be most appropriate for Harold? needs?

  1. Application-level proxy firewall

  2. Data link layer firewall

  3. Packet filtering firewall

  4. Circuit-level proxy firewall

Answer: A

100% Free Download!
Download Free Demo:412-79 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass 412-79 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE