EC-Council Certified Security Analyst (ECSA) v9 412-79V9 Dumps in PDF

Free EC-Council 412-79V9 Real Questions (page: 10)

Identify the person who will lead the penetration-testing project and be the client point of contact.

  1. Database Penetration Tester
  2. Policy Penetration Tester
  3. Chief Penetration Tester
  4. Application Penetration Tester

Answer(s): C


Reference:

http://www.scribd.com/doc/133635286/LPTv4-Module-15-Pre-Penetration- Testing-Checklist-NoRestriction (page 15)



Logs are the record of the system and network activities. Syslog protocol is used for delivering log information across an IP network. Syslog messages can be sent via which one of the following?

  1. UDP and TCP
  2. TCP and SMTP
  3. SMTP
  4. UDP and SMTP

Answer(s): A



The IP protocol was designed for use on a wide variety of transmission links. Although the maximum length of an IP datagram is 64K, most transmission links enforce a smaller maximum packet length limit, called a MTU.
The value of the MTU depends on the type of the transmission link. The design of IP accommodates MTU differences by allowing routers to fragment IP datagrams as necessary. The receiving station is responsible for reassembling the fragments back into the original full size IP datagram.
IP fragmentation involves breaking a datagram into a number of pieces that can be reassembled later. The IP source, destination, identification, total length, and fragment offset fields in the IP header, are used for IP fragmentation and reassembly.



The fragment offset is 13 bits and indicates where a fragment belongs in the original IP datagram. This value is a:

  1. Multiple of four bytes
  2. Multiple of two bytes
  3. Multiple of eight bytes
  4. Multiple of six bytes

Answer(s): C


Reference:

http://www.freesoft.org/CIE/Course/Section3/7.htm (fragment offset: 13 bits)



Which one of the following tools of trade is an automated, comprehensive penetration testing product for assessing the specific information security threats to an organization?

  1. Sunbelt Network Security Inspector (SNSI).
  2. CORE Impact
  3. Canvas
  4. Microsoft Baseline Security Analyzer (MBSA)

Answer(s): C



Which of the following is the objective of Gramm-Leach-Bliley Act?

  1. To ease the transfer of financial information between institutions and banks
  2. To protect the confidentiality, integrity, and availability of data
  3. To set a new or enhanced standards for all U.S. public company boards, management and public accounting firms
  4. To certify the accuracy of the reported financial statement

Answer(s): A


Reference:

http://www.itap.purdue.edu/security/policies/glb_safeguards_rule_training_general.pdf



Port numbers are used to keep track of different conversations crossing the network at the same time. Both TCP and UDP use port (socket) numbers to pass information to the upper layers. Port numbers have the assigned ranges. The port numbers above 1024 are considered as which one of the following? (Select all that apply)

  1. Well-known port numbers
  2. Dynamically assigned port numbers
  3. Unregistered port numbers
  4. Statically assigned port numbers

Answer(s): B



The Internet is a giant database where people store some of their most private information on the cloud, trusting that the service provider can keep it all safe. Trojans, Viruses, DoS attacks, website defacement, lost computers, accidental publishing, and more have all been sources of major leaks over the last 15 years.



What is the biggest source of data leaks in organizations today?

  1. Weak passwords and lack of identity management
  2. Insufficient IT security budget
  3. Rogue employees and insider attacks
  4. Vulnerabilities, risks, and threats facing Web sites

Answer(s): C



Identify the injection attack represented in the diagram below:

  1. XPath Injection Attack
  2. XML Request Attack
  3. XML Injection Attack
  4. Frame Injection Attack

Answer(s): C


Reference:

http://projects.webappsec.org/w/page/13247004/XML%20Injection



Share your comments for EC-Council 412-79V9 exam with other users:

A
Amaresh Vashishtha
8/27/2023 1:33:00 AM

i would be requiring dumps to prepare for certification exam

A
Asad
9/8/2023 1:01:00 AM

very helpful

B
Blessious Phiri
8/13/2023 3:10:00 PM

control file is the heart of rman backup

S
Senthil
9/19/2023 5:47:00 AM

hi could you please upload the ibm c2090-543 dumps

H
Harry
6/27/2023 7:20:00 AM

appriciate if you could upload this again

A
Anonymous
7/10/2023 4:10:00 AM

please upload the dump

R
Raja
6/20/2023 5:30:00 AM

i found some questions answers mismatch with explanation answers. please properly update

D
Doora
11/30/2023 4:20:00 AM

nothing to mention

D
deally
1/19/2024 3:41:00 PM

knowable questions

S
Sonia
7/23/2023 4:03:00 PM

very helpfull

B
binEY
10/6/2023 5:15:00 AM

good questions

N
Neha
9/28/2023 1:58:00 PM

its helpful

D
Desmond
1/5/2023 9:11:00 PM

i just took my oracle exam and let me tell you, this exam dumps was a lifesaver! without them, iam not sure i would have passed. the questions were tricky and the answers were obscure, but the exam dumps had everything i needed. i would recommend to anyone looking to pass their oracle exams with flying colors (and a little bit of cheating) lol.

D
Davidson OZ
9/9/2023 6:37:00 PM

22. if you need to make sure that one computer in your hot-spot network can access the internet without hot-spot authentication, which menu allows you to do this? answer is ip binding and not wall garden. wall garden allows specified websites to be accessed with users authentication to the hotspot

3
381
9/2/2023 4:31:00 PM

is question 1 correct?

L
Laurent
10/6/2023 5:09:00 PM

good content

S
Sniper69
5/9/2022 11:04:00 PM

manged to pass the exam with this exam dumps.

D
Deepak
12/27/2023 2:37:00 AM

good questions

D
dba
9/23/2023 3:10:00 AM

can we please have the latest exam questions?

P
Prasad
9/29/2023 7:27:00 AM

please help with jn0-649 latest dumps

G
GTI9982
7/31/2023 10:15:00 PM

please i need this dump. thanks

E
Elton Riva
12/12/2023 8:20:00 PM

i have to take the aws certified developer - associate dva-c02 in the next few weeks and i wanted to know if the questions on your website are the same as the official exam.

B
Berihun Desalegn Wonde
7/13/2023 11:00:00 AM

all questions are more important

G
gr
7/2/2023 7:03:00 AM

ques 4 answer should be c ie automatically recover from failure

R
RS
7/27/2023 7:17:00 AM

very very useful page

B
Blessious Phiri
8/12/2023 11:47:00 AM

the exams are giving me an eye opener

A
AD
10/22/2023 9:08:00 AM

3rd so far, need to cover more

M
Matt
11/18/2023 2:32:00 AM

aligns with the pecd notes

S
Sri
10/15/2023 4:38:00 PM

question 4: b securityadmin is the correct answer. https://docs.snowflake.com/en/user-guide/security-access-control-overview#access-control-framework

H
H.T.M. D
6/25/2023 2:55:00 PM

kindly please share dumps

S
Satish
11/6/2023 4:27:00 AM

it is very useful, thank you

C
Chinna
7/30/2023 8:37:00 AM

need safe rte dumps

1
1234
6/30/2023 3:40:00 AM

can you upload the cis - cpg dumps

D
Did
1/12/2024 3:01:00 AM

q6 = 1. download odt application 2. create a configuration file (xml) 3. setup.exe /download to download the installation files 4. setup.exe /configure to deploy the application

AI Tutor 👋 I’m here to help!