最新的EC-COUNCIL EC-Council Certified Security Analyst (ECSA) - 412-79v8免費考試真題
Which of the following attacks does a hacker perform in order to obtain UDDI information such as businessEntity, businesService, bindingTemplate, and tModel?
正確答案: B
說明:(僅 Fast2test 成員可見)
Which of the following password hashing algorithms is used in the NTLMv2 authentication mechanism?
正確答案: B
The term social engineering is used to describe the various tricks used to fool people (employees, business partners, or customers) into voluntarily giving away information that would not normally be known to the general public.

What is the criminal practice of social engineering where an attacker uses the telephone system in an attempt to scam the user into surrendering private information?

What is the criminal practice of social engineering where an attacker uses the telephone system in an attempt to scam the user into surrendering private information?
正確答案: C
A firewall's decision to forward or reject traffic in network filtering is dependent upon which of the following?
正確答案: D
說明:(僅 Fast2test 成員可見)
A security policy is a document or set of documents that describes, at a high level, the security controls that will be implemented by the company. Which one of the following policies forbids everything and restricts usage of company computers, whether it is system usage or network usage?
正確答案: B
Which of the following defines the details of services to be provided for the client's organization and the list of services required for performing the test in the organization?
正確答案: D
Which of the following attacks is an offline attack?
正確答案: A
說明:(僅 Fast2test 成員可見)
One needs to run "Scan Server Configuration" tool to allow a remote connection to Nessus from the remote Nessus clients. This tool allows the port and bound interface of the Nessus daemon to be configured. By default, the Nessus daemon listens to connections on which one of the following?
正確答案: B
In the TCP/IP model, the transport layer is responsible for reliability and flow control from source to the destination. TCP provides the mechanism for flow control by allowing the sending and receiving hosts to communicate. A flow control mechanism avoids the problem with a transmitting host overflowing the buffers in the receiving host.

Which of the following flow control mechanism guarantees reliable delivery of data?

Which of the following flow control mechanism guarantees reliable delivery of data?
正確答案: D
說明:(僅 Fast2test 成員可見)
A wireless intrusion detection system (WIDS) monitors the radio spectrum for the presence of unauthorized, rogue access points and the use of wireless attack tools. The system monitors the radio spectrum used by wireless LANs, and immediately alerts a systems administrator whenever a rogue access point is detected.
Conventionally it is achieved by comparing the MAC address of the participating wireless devices.
Which of the following attacks can be detected with the help of wireless intrusion detection system (WIDS)?

Conventionally it is achieved by comparing the MAC address of the participating wireless devices.
Which of the following attacks can be detected with the help of wireless intrusion detection system (WIDS)?

正確答案: C
說明:(僅 Fast2test 成員可見)
Wireless communication allows networks to extend to places that might otherwise go untouched by the wired networks. When most people say 'Wireless' these days, they are referring to one of the 802.11 standards. There are three main 802.11 standards: B, A, and G.
Which one of the following 802.11 types uses DSSS Modulation, splitting the 2.4ghz band into channels?
Which one of the following 802.11 types uses DSSS Modulation, splitting the 2.4ghz band into channels?
正確答案: C
Firewall and DMZ architectures are characterized according to its design. Which one of the following architectures is used when routers have better high-bandwidth data stream handling capacity?
正確答案: B
In the process of hacking a web application, attackers manipulate the HTTP requests to subvert the application authorization schemes by modifying input fields that relate to the user ID, username, access group, cost, file names, file identifiers, etc. They first access the web application using a low privileged account and then escalate privileges to access protected resources. What attack has been carried out?
正確答案: B
說明:(僅 Fast2test 成員可見)
Port numbers are used to keep track of different conversations crossing the network at the same time. Both TCP and UDP use port (socket) numbers to pass information to the upper layers. Port numbers have the assigned ranges.

Port numbers above 1024 are considered which one of the following?

Port numbers above 1024 are considered which one of the following?
正確答案: C
說明:(僅 Fast2test 成員可見)
External penetration testing is a traditional approach to penetration testing and is more focused on the servers, infrastructure and the underlying software comprising the target. It involves a comprehensive analysis of publicly available information about the target, such as Web servers, Mail servers, Firewalls, and Routers.

Which of the following types of penetration testing is performed with no prior knowledge of the site?

Which of the following types of penetration testing is performed with no prior knowledge of the site?
正確答案: D
說明:(僅 Fast2test 成員可見)