EC-Council Certified Security Analyst (ECSA) v9 412-79V9 Dumps in PDF

Free EC-Council 412-79V9 Real Questions (page: 12)

Identify the person who will lead the penetration-testing project and be the client point of contact.

  1. Database Penetration Tester
  2. Policy Penetration Tester
  3. Chief Penetration Tester
  4. Application Penetration Tester

Answer(s): C


Reference:

http://www.scribd.com/doc/133635286/LPTv4-Module-15-Pre-Penetration- Testing-Checklist-NoRestriction (page 15)



Logs are the record of the system and network activities. Syslog protocol is used for delivering log information across an IP network. Syslog messages can be sent via which one of the following?

  1. UDP and TCP
  2. TCP and SMTP
  3. SMTP
  4. UDP and SMTP

Answer(s): A



The IP protocol was designed for use on a wide variety of transmission links. Although the maximum length of an IP datagram is 64K, most transmission links enforce a smaller maximum packet length limit, called a MTU.
The value of the MTU depends on the type of the transmission link. The design of IP accommodates MTU differences by allowing routers to fragment IP datagrams as necessary. The receiving station is responsible for reassembling the fragments back into the original full size IP datagram.
IP fragmentation involves breaking a datagram into a number of pieces that can be reassembled later. The IP source, destination, identification, total length, and fragment offset fields in the IP header, are used for IP fragmentation and reassembly.



The fragment offset is 13 bits and indicates where a fragment belongs in the original IP datagram. This value is a:

  1. Multiple of four bytes
  2. Multiple of two bytes
  3. Multiple of eight bytes
  4. Multiple of six bytes

Answer(s): C


Reference:

http://www.freesoft.org/CIE/Course/Section3/7.htm (fragment offset: 13 bits)



Which one of the following tools of trade is an automated, comprehensive penetration testing product for assessing the specific information security threats to an organization?

  1. Sunbelt Network Security Inspector (SNSI).
  2. CORE Impact
  3. Canvas
  4. Microsoft Baseline Security Analyzer (MBSA)

Answer(s): C



Which of the following is the objective of Gramm-Leach-Bliley Act?

  1. To ease the transfer of financial information between institutions and banks
  2. To protect the confidentiality, integrity, and availability of data
  3. To set a new or enhanced standards for all U.S. public company boards, management and public accounting firms
  4. To certify the accuracy of the reported financial statement

Answer(s): A


Reference:

http://www.itap.purdue.edu/security/policies/glb_safeguards_rule_training_general.pdf



Port numbers are used to keep track of different conversations crossing the network at the same time. Both TCP and UDP use port (socket) numbers to pass information to the upper layers. Port numbers have the assigned ranges. The port numbers above 1024 are considered as which one of the following? (Select all that apply)

  1. Well-known port numbers
  2. Dynamically assigned port numbers
  3. Unregistered port numbers
  4. Statically assigned port numbers

Answer(s): B



The Internet is a giant database where people store some of their most private information on the cloud, trusting that the service provider can keep it all safe. Trojans, Viruses, DoS attacks, website defacement, lost computers, accidental publishing, and more have all been sources of major leaks over the last 15 years.



What is the biggest source of data leaks in organizations today?

  1. Weak passwords and lack of identity management
  2. Insufficient IT security budget
  3. Rogue employees and insider attacks
  4. Vulnerabilities, risks, and threats facing Web sites

Answer(s): C



Identify the injection attack represented in the diagram below:

  1. XPath Injection Attack
  2. XML Request Attack
  3. XML Injection Attack
  4. Frame Injection Attack

Answer(s): C


Reference:

http://projects.webappsec.org/w/page/13247004/XML%20Injection



Share your comments for EC-Council 412-79V9 exam with other users:

S
sushant
6/28/2023 4:52:00 AM

good questions

A
A\MAM
6/27/2023 5:17:00 PM

q-6 ans-b correct. https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-cli-quick-start/use-the-cli/commit-configuration-changes

U
unanimous
12/15/2023 6:38:00 AM

very nice very nice

A
akminocha
9/28/2023 10:36:00 AM

please help us with 1z0-1107-2 dumps

J
Jefi
9/4/2023 8:15:00 AM

please upload the practice questions

T
Thembelani
5/30/2023 2:45:00 AM

need this dumps

A
Abduraimov
4/19/2023 12:43:00 AM

preparing for this exam is overwhelming. you cannot pass without the help of these exam dumps.

P
Puneeth
10/5/2023 2:06:00 AM

new to this site but i feel it is good

A
Ashok Kumar
1/2/2024 6:53:00 AM

the correct answer to q8 is b. explanation since the mule app has a dependency, it is necessary to include project modules and dependencies to make sure the app will run successfully on the runtime on any other machine. source code of the component that the mule app is dependent of does not need to be included in the exported jar file, because the source code is not being used while executing an app. compiled code is being used instead.

M
Merry
7/30/2023 6:57:00 AM

good questions

V
VoiceofMidnight
12/17/2023 4:07:00 PM

Delayed the exam until December 29th.

U
Umar Ali
8/29/2023 2:59:00 PM

A and D are True

V
vel
8/28/2023 9:17:09 AM

good one with explanation

G
Gurdeep
1/18/2024 4:00:15 PM

This is one of the most useful study guides I have ever used.

AI Tutor 👋 I’m here to help!