최신 412-79v8 무료덤프 - EC-COUNCIL EC-Council Certified Security Analyst (ECSA)

문제1

Network scanning is used to identify the available network resources. Which one of the following is also known as a half-open scan, because a full TCP connection is never completed and it is used to determine which ports are open and listening on a target device?

A. Null Scan

B. XMAS Scan

C. SYN Scan

D. TCP Connect Scan

정답: C

문제2

Which of the following documents helps in creating a confidential relationship between the pen tester and client to protect critical and confidential information or trade secrets?

A. Rules of Behavior Agreement

B. Penetration Testing Agreement

C. Non-Disclosure Agreement

D. Liability Insurance

정답: C

문제3

Which of the following is not the SQL injection attack character?

A. $

B. @@variable

C. #

D. PRINT

정답: A

문제4

Which one of the following acts related to the information security in the US fix the responsibility of management for establishing and maintaining an adequate internal control structure and procedures for financial reporting?

A. California SB 1386

B. USA Patriot Act 2001

C. Gramm-Leach-Bliley Act (GLBA)

D. Sarbanes-Oxley 2002

정답: D

문제5

A security policy is a document or set of documents that describes, at a high level, the security controls that will be implemented by the company. Which one of the following policies forbids everything and restricts usage of company computers, whether it is system usage or network usage?

A. Promiscuous Policy

B. Paranoid Policy

C. Information-Protection Policy

D. Prudent Policy

정답: B

문제6

External penetration testing is a traditional approach to penetration testing and is more focused on the servers, infrastructure and the underlying software comprising the target. It involves a comprehensive analysis of publicly available information about the target, such as Web servers, Mail servers, Firewalls, and Routers.

Which of the following types of penetration testing is performed with no prior knowledge of the site?

A. Grey box testing

B. Blue box testing

C. White box testing

D. Black box testing

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제7

Traceroute is a computer network diagnostic tool for displaying the route (path) and measuring transit delays of packets across an Internet Protocol (IP) network. It sends a sequence of three Internet Control Message Protocol (ICMP) echo request packets addressed to a destination host.
The time-to-live (TTL) value, also known as hop limit, is used in determining the intermediate routers being traversed towards the destination.

During routing, each router reduces packets' TTL value by

A. 4

B. Reference:http://www.packetu.com/2009/10/09/traceroute-through-the-asa/
QUESTIONNO: 90
Which of the following attributes has a LM and NTLMv1 value as 64bit + 64bit + 64bit and NTLMv2 value as 128 bits?
A. Hash Key Length
B. C/R Value Length
C. C/R Key Length
D. Hash Value Length

C. 1

D. 3

E. 2

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제8

Which of the following attacks is an offline attack?

A. Password Guessing

B. Hash Injection Attack

C. Pre-Computed Hashes

D. Dumpster Diving

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제9

By default, the TFTP server listens on UDP port 69. Which of the following utility reports the port status of target TCP and UDP ports on a local or a remote computer and is used to troubleshoot TCP/IP connectivity issues?

A. PortQry

B. Telnet

C. Tracert

D. Netstat

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제10

Which of the following acts is a proprietary information security standard for organizations that handle cardholder information for the major debit, credit, prepaid, e-purse, ATM, and POS cards and applies to all entities involved in payment card processing?

A. Data Protection Act 1998

B. Human Rights Act 1998

C. PCI DSS

D. PIPEDA

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

최신 412-79v8 무료덤프 - EC-COUNCIL EC-Council Certified Security Analyst (ECSA)

우리와 연락하기

유용한 링크

최신 업데이트