Latest EC-COUNCIL 412-79 Actual Free Exam Questions & Community Discussion, Page 7

Question #91

Snort, an open source network-based intrusion detection sensor, is the most widely installed NIDS in the world. It can be configured to run in the four modes. Which one of the following modes reads the packets off the network and displays them in a continuous stream on the console (screen)?

A. Network Intrusion Detection System Mode

B. Packet Sniffer Mode

C. Inline Mode

D. Packet Logger Mode

Discussion 0

Correct Answer: B Vote an answer

Question #92

Which of the following external pen testing tests reveals information on price, usernames and passwords, sessions, URL characters, special instructors, encryption used, and web page behaviors?

A. Examine Hidden Fields

B. Examine Server Side Includes (SSI)

C. Check for Directory Consistency and Page Naming Syntax of the Web Pages

D. Examine E-commerce and Payment Gateways Handled by the Web Server

Discussion 0

Correct Answer: A Vote an answer

Question #93

Metasploit framework in an open source platform for vulnerability research, development, and penetration testing. Which one of the following metasploit options is used to exploit multiple systems at once?

A. NinjaHost

B. RandomNops

C. EnablePython

D. NinjaDontKill

Discussion 0

Correct Answer: D Vote an answer

Question #94

TCP/IP provides a broad range of communication protocols for the various applications on the network. The TCP/IP model has four layers with major protocols included within each layer. Which one of the following protocols is used to collect information from all the network devices?

A. Internet Control Message Protocol (ICMP)

B. Transmission Control Protocol (TCP)

C. Network File system (NFS)

D. Simple Network Management Protocol (SNMP)

Discussion 0

Correct Answer: D Vote an answer

Question #95

In a TCP packet filtering firewall, traffic is filtered based on specified session rules, such as when a session is initiated by a recognized computer.

Identify the level up to which the unknown traffic is allowed into the network stack.

A. Level 5 - Application

B. Level 3 - Internet Protocol (IP)

C. Level 4 - TCP

D. Level 2 - Data Link

Discussion 0

Correct Answer: B Vote an answer

Question #96

The Internet is a giant database where people store some of their most private information on the cloud, trusting that the service provider can keep it all safe. Trojans, Viruses, DoS attacks, website defacement, lost computers, accidental publishing, and more have all been sources of major leaks over the last 15 years.

What is the biggest source of data leaks in organizations today?

A. Insufficient IT security budget

B. Vulnerabilities, risks, and threats facing Web sites

C. Rogue employees and insider attacks

D. Weak passwords and lack of identity management

Discussion 0

Correct Answer: C Vote an answer

Question #97

Port numbers are used to keep track of different conversations crossing the network at the same time. Both TCP and UDP use port (socket) numbers to pass information to the upper layers. Port numbers have the assigned ranges.

Port numbers above 1024 are considered which one of the following?

A. Unregistered port numbers

B. Well-known port numbers

C. Dynamically assigned port numbers

D. Statically assigned port numbers

Discussion 0

Correct Answer: C Vote an answer

Question #98

Transmission Control Protocol (TCP) is a connection-oriented four layer protocol. It is responsible for breaking messages into segments, re-assembling them at the destination station, and re-sending. Which one of the following protocols does not use the TCP?

A. HTTP (Hypertext Transfer Protocol)

B. Reverse Address Resolution Protocol (RARP)

C. Telnet

D. SMTP (Simple Mail Transfer Protocol)

Discussion 0

Correct Answer: B Vote an answer

Question #99

This is a group of people hired to give details of the vulnerabilities present in the system found after a penetration test. They are elite and extremely competent penetration testers and intrusion analysts. This team prepares a report on the vulnerabilities in the system, attack methods, and how to defend against them.

What is this team called?

A. Blue team

B. Tiger team

C. Lion team

D. Gorilla team

Discussion 0

Correct Answer: B Vote an answer

Question #100

Which of the following statement holds true for TCP Operation?

A. Flow control shows the trend of a transmitting host overflowing the buffers in the receiving host

B. Sequence numbers are used to track the number of packets lost in transmission

C. Data transfer begins even before the connection is established

D. Port numbers are used to know which application the receiving host should pass the data to

Discussion 0

Correct Answer: C Vote an answer

Question #101

Black-box testing is a method of software testing that examines the functionality of an application (e.g. what the software does) without peering into its internal structures or workings. Black-box testing is used to detect issues in SQL statements and to detect SQL injection vulnerabilities.

Most commonly, SQL injection vulnerabilities are a result of coding vulnerabilities during the Implementation/Development phase and will likely require code changes.
Pen testers need to perform this testing during the development phase to find and fix the SQL injection vulnerability.
What can a pen tester do to detect input sanitization issues?

A. Send single quotes as the input data to catch instances where the user input is not sanitized

B. Use a right square bracket (the "]" character) as the input data to catch instances where the user input is used as part of a SQL identifier without any input sanitization

C. Send long strings of junk data, just as you would send strings to detect buffer overruns

D. Send double quotes as the input data to catch instances where the user input is not sanitized

Discussion 0

Correct Answer: B Vote an answer

Question #102

Which of the following policy forbids everything with strict restrictions on all usage of the company systems and network?

A. Paranoid Policy

B. Prudent Policy

C. Information-Protection Policy

D. Promiscuous Policy

Discussion 0

Correct Answer: A Vote an answer

Question #103

SQL injection attacks are becoming significantly more popular amongst hackers and there has been an estimated 69 percent increase of this attack type.
This exploit is used to great effect by the hacking community since it is the primary way to steal sensitive data from web applications. It takes advantage of non-validated input vulnerabilities to pass SQL commands through a web application for execution by a back-end database.
The below diagram shows how attackers launched SQL injection attacks on web applications.

Which of the following can the attacker use to launch an SQL injection attack?

A. Blah' and 2=2 --

B. Blah' or 1=1 --

C. Blah' and 1=1 --

D. Blah' "2=2 -"

Discussion 0

Correct Answer: B Vote an answer

Question #104

Which one of the following is a useful formatting token that takes an int * as an argument, and writes the number of bytes already written, to that location?

A. "%s"

B. "%p"

C. "%n"

D. "%w"

Discussion 0

Correct Answer: C Vote an answer

Question #105

Information gathering is performed to:
i) Collect basic information about the target company and its network
ii) Determine the operating system used, platforms running, web server versions, etc.
iii) Find vulnerabilities and exploits

Which of the following pen testing tests yields information about a company's technology infrastructure?

A. Searching for trade association directories

B. Analyzing the link popularity of the company's website

C. Searching for a company's job postings

D. Searching for web page posting patterns

Discussion 0

Correct Answer: C Vote an answer

EC-COUNCIL 412-79 Actual Free Exam Questions & Community Discussion

Download Free EC-COUNCIL 412-79 Demo