EC-Council Certified Security Analyst (ECSA) v9 412-79V9 Dumps in PDF

Free EC-Council 412-79V9 Real Questions (page: 8)

Identify the person who will lead the penetration-testing project and be the client point of contact.

  1. Database Penetration Tester
  2. Policy Penetration Tester
  3. Chief Penetration Tester
  4. Application Penetration Tester

Answer(s): C


Reference:

http://www.scribd.com/doc/133635286/LPTv4-Module-15-Pre-Penetration- Testing-Checklist-NoRestriction (page 15)



Logs are the record of the system and network activities. Syslog protocol is used for delivering log information across an IP network. Syslog messages can be sent via which one of the following?

  1. UDP and TCP
  2. TCP and SMTP
  3. SMTP
  4. UDP and SMTP

Answer(s): A



The IP protocol was designed for use on a wide variety of transmission links. Although the maximum length of an IP datagram is 64K, most transmission links enforce a smaller maximum packet length limit, called a MTU.
The value of the MTU depends on the type of the transmission link. The design of IP accommodates MTU differences by allowing routers to fragment IP datagrams as necessary. The receiving station is responsible for reassembling the fragments back into the original full size IP datagram.
IP fragmentation involves breaking a datagram into a number of pieces that can be reassembled later. The IP source, destination, identification, total length, and fragment offset fields in the IP header, are used for IP fragmentation and reassembly.



The fragment offset is 13 bits and indicates where a fragment belongs in the original IP datagram. This value is a:

  1. Multiple of four bytes
  2. Multiple of two bytes
  3. Multiple of eight bytes
  4. Multiple of six bytes

Answer(s): C


Reference:

http://www.freesoft.org/CIE/Course/Section3/7.htm (fragment offset: 13 bits)



Which one of the following tools of trade is an automated, comprehensive penetration testing product for assessing the specific information security threats to an organization?

  1. Sunbelt Network Security Inspector (SNSI).
  2. CORE Impact
  3. Canvas
  4. Microsoft Baseline Security Analyzer (MBSA)

Answer(s): C



Which of the following is the objective of Gramm-Leach-Bliley Act?

  1. To ease the transfer of financial information between institutions and banks
  2. To protect the confidentiality, integrity, and availability of data
  3. To set a new or enhanced standards for all U.S. public company boards, management and public accounting firms
  4. To certify the accuracy of the reported financial statement

Answer(s): A


Reference:

http://www.itap.purdue.edu/security/policies/glb_safeguards_rule_training_general.pdf



Port numbers are used to keep track of different conversations crossing the network at the same time. Both TCP and UDP use port (socket) numbers to pass information to the upper layers. Port numbers have the assigned ranges. The port numbers above 1024 are considered as which one of the following? (Select all that apply)

  1. Well-known port numbers
  2. Dynamically assigned port numbers
  3. Unregistered port numbers
  4. Statically assigned port numbers

Answer(s): B



The Internet is a giant database where people store some of their most private information on the cloud, trusting that the service provider can keep it all safe. Trojans, Viruses, DoS attacks, website defacement, lost computers, accidental publishing, and more have all been sources of major leaks over the last 15 years.



What is the biggest source of data leaks in organizations today?

  1. Weak passwords and lack of identity management
  2. Insufficient IT security budget
  3. Rogue employees and insider attacks
  4. Vulnerabilities, risks, and threats facing Web sites

Answer(s): C



Identify the injection attack represented in the diagram below:

  1. XPath Injection Attack
  2. XML Request Attack
  3. XML Injection Attack
  4. Frame Injection Attack

Answer(s): C


Reference:

http://projects.webappsec.org/w/page/13247004/XML%20Injection



Share your comments for EC-Council 412-79V9 exam with other users:

D
Deepak
12/27/2023 2:37:00 AM

good questions

D
dba
9/23/2023 3:10:00 AM

can we please have the latest exam questions?

P
Prasad
9/29/2023 7:27:00 AM

please help with jn0-649 latest dumps

G
GTI9982
7/31/2023 10:15:00 PM

please i need this dump. thanks

E
Elton Riva
12/12/2023 8:20:00 PM

i have to take the aws certified developer - associate dva-c02 in the next few weeks and i wanted to know if the questions on your website are the same as the official exam.

B
Berihun Desalegn Wonde
7/13/2023 11:00:00 AM

all questions are more important

G
gr
7/2/2023 7:03:00 AM

ques 4 answer should be c ie automatically recover from failure

R
RS
7/27/2023 7:17:00 AM

very very useful page

B
Blessious Phiri
8/12/2023 11:47:00 AM

the exams are giving me an eye opener

A
AD
10/22/2023 9:08:00 AM

3rd so far, need to cover more

M
Matt
11/18/2023 2:32:00 AM

aligns with the pecd notes

S
Sri
10/15/2023 4:38:00 PM

question 4: b securityadmin is the correct answer. https://docs.snowflake.com/en/user-guide/security-access-control-overview#access-control-framework

H
H.T.M. D
6/25/2023 2:55:00 PM

kindly please share dumps

S
Satish
11/6/2023 4:27:00 AM

it is very useful, thank you

C
Chinna
7/30/2023 8:37:00 AM

need safe rte dumps

1
1234
6/30/2023 3:40:00 AM

can you upload the cis - cpg dumps

D
Did
1/12/2024 3:01:00 AM

q6 = 1. download odt application 2. create a configuration file (xml) 3. setup.exe /download to download the installation files 4. setup.exe /configure to deploy the application

J
John
10/12/2023 12:30:00 PM

great material

D
Dinesh
8/1/2023 2:26:00 PM

could you please upload sap c_arsor_2302 questions? it will be very much helpful.

L
LBert
6/19/2023 10:23:00 AM

vraag 20c: rsa veilig voor symmtrische cryptografie? antwoord c is toch fout. rsa is voor asymmetrische cryptogafie??

G
g
12/22/2023 1:51:00 PM

so far good

M
Milos
8/4/2023 9:33:00 AM

question 31 has obviously wrong answers. tls and ssl are used to encrypt data at transit, not at rest.

D
Diksha
9/25/2023 2:32:00 AM

pls provide dump for 1z0-1080-23 planning exams

H
H
7/17/2023 4:28:00 AM

could you please upload the exam?

A
Anonymous
9/14/2023 4:47:00 AM

please upload this

N
Naveena
1/13/2024 9:55:00 AM

good material

W
WildWilly
1/19/2024 10:43:00 AM

lets see if this is good stuff...

L
Lavanya
11/2/2023 1:53:00 AM

useful information

M
Moussa
12/12/2023 5:52:00 AM

intéressant

M
Madan
6/22/2023 9:22:00 AM

thank you for making the interactive questions

V
Vavz
11/2/2023 6:51:00 AM

questions are accurate

S
Su
11/23/2023 4:34:00 AM

i need questions/dumps for this exam.

L
LuvSN
7/16/2023 11:19:00 AM

i need this exam, when will it be uploaded

M
Mihai
7/19/2023 12:03:00 PM

i need the dumps !

AI Tutor 👋 I’m here to help!