Weekend Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmaspas7

Easiest Solution 2 Pass Your Certification Exams

412-79v10 ECCouncil EC-Council Certified Security Analyst (ECSA) V10 Free Practice Exam Questions (2025 Updated)

Prepare effectively for your ECCouncil 412-79v10 EC-Council Certified Security Analyst (ECSA) V10 certification with our extensive collection of free, high-quality practice questions. Each question is designed to mirror the actual exam format and objectives, complete with comprehensive answers and detailed explanations. Our materials are regularly updated for 2025, ensuring you have the most current resources to build confidence and succeed on your first attempt.

ECCouncil 412-79v10 Premium Access     Download Demo    
Page: 3 / 3
Total 201 questions

Which of the following statement holds true for TCP Operation?

A.

Port numbers are used to know which application the receiving host should pass the data to

B.

Sequence numbers are used to track the number of packets lost in transmission

C.

Flow control shows the trend of a transmitting host overflowing the buffers in the receiving host

D.

Data transfer begins even before the connection is established

Which of the following has an offset field that specifies the length of the header and data?

A.

IP Header

B.

UDP Header

C.

ICMP Header

D.

TCP Header

Which of the following defines the details of services to be provided for the client’s organization and the list of services required for performing the test in the organization?

A.

Draft

B.

Report

C.

Requirement list

D.

Quotation

The first phase of the penetration testing plan is to develop the scope of the project in consultation with the client. Pen testing test components depend on the client’s operating environment, threat perception, security and compliance requirements, ROE, and budget.

Various components need to be considered for testing while developing the scope of the project.

Which of the following is NOT a pen testing component to be tested?

A.

System Software Security

B.

Intrusion Detection

C.

Outside Accomplices

D.

Inside Accomplices

Information gathering is performed to:

i) Collect basic information about the target company and its network

ii) Determine the operating system used, platforms running, web server versions, etc.

iii) Find vulnerabilities and exploits

Which of the following pen testing tests yields information about a company’s technology infrastructure?

A.

Searching for web page posting patterns

B.

Analyzing the link popularity of the company’s website

C.

Searching for trade association directories

D.

Searching for a company’s job postings

An antenna is a device that is designed to transmit and receive the electromagnetic waves that are generally called radio waves. Which one of the following types of antenna is developed from waveguide technology?

A.

Leaky Wave Antennas

B.

Aperture Antennas

C.

Reflector Antenna

D.

Directional Antenna

The SnortMain () function begins by associating a set of handlers for the signals, Snort receives. It does this using the signal () function. Which one of the following functions is used as a programspecific signal and the handler for this calls the DropStats() function to output the current Snort statistics?

A.

SIGUSR1

B.

SIGTERM

C.

SIGINT

D.

SIGHUP

What does ICMP Type 3/Code 13 mean?

A.

Host Unreachable

B.

Port Unreachable

C.

Protocol Unreachable

D.

Administratively Blocked

Traffic on which port is unusual for both the TCP and UDP ports?

A.

Port 81

B.

Port 443

C.

Port 0

D.

Port 21

Identify the person who will lead the penetration-testing project and be the client point of contact.

A.

Database Penetration Tester

B.

Policy Penetration Tester

C.

Chief Penetration Tester

D.

Application Penetration Tester

Jessica works as systems administrator for a large electronics firm. She wants to scan her network quickly to detect live hosts by using ICMP ECHO Requests. What type of scan is Jessica going to perform?

A.

Smurf scan

B.

Tracert

C.

Ping trace

D.

ICMP ping sweep

You are a security analyst performing a penetration tests for a company in the Midwest. After some initial reconnaissance, you discover the IP addresses of some Cisco routers used by the company. You type in the following URL that includes the IP address of one of the routers:

http://172.168.4.131/level/99/exec/show/config

After typing in this URL, you are presented with the entire configuration file for that router. What have you discovered?

A.

URL Obfuscation Arbitrary Administrative Access Vulnerability

B.

Cisco IOS Arbitrary Administrative Access Online Vulnerability

C.

HTTP Configuration Arbitrary Administrative Access Vulnerability

D.

HTML Configuration Arbitrary Administrative Access Vulnerability

Besides the policy implications of chat rooms, Internet Relay Chat (IRC) is frequented by attackers and used as a command and control mechanism. IRC normally uses which one of the following TCP ports?

A.

6566 TCP port

B.

6771 TCP port

C.

6667 TCP port

D.

6257 TCP port

Which of the following policies helps secure data and protects the privacy of organizational information?

A.

Special-Access Policy

B.

Document retention Policy

C.

Cryptography Policy

D.

Personal Security Policy

Why is a legal agreement important to have before launching a penetration test?

A.

Guarantees your consultant fees

B.

Allows you to perform a penetration test without the knowledge and consent of the organization's upper management

C.

It establishes the legality of the penetration test by documenting the scope of the project and the consent of the company.

D.

It is important to ensure that the target organization has implemented mandatory security policies

When setting up a wireless network with multiple access points, why is it important to set each access point on a different channel?

A.

Avoid cross talk

B.

Avoid over-saturation of wireless signals

C.

So that the access points will work on different frequencies

D.

Multiple access points can be set up on the same channel without any issues

Simon is a former employee of Trinitron XML Inc. He feels he was wrongly terminated and wants to hack into his former company's network. Since Simon remembers some of the server names, he attempts to run the AXFR and IXFR commands using DIG.

What is Simon trying to accomplish here?

A.

Enumerate all the users in the domain

B.

Perform DNS poisoning

C.

Send DOS commands to crash the DNS servers

D.

Perform a zone transfer

You work as an IT security auditor hired by a law firm in Boston to test whether you can gain access to sensitive information about the company clients. You have rummaged through their trash and found very little information.

You do not want to set off any alarms on their network, so you plan on performing passive foot printing against their Web servers. What tool should you use?

A.

Nmap

B.

Netcraft

C.

Ping sweep

D.

Dig

Snort, an open source network-based intrusion detection sensor, is the most widely installed NIDS in the world. It can be configured to run in the four modes. Which one of the following modes reads the packets off the network and displays them in a continuous stream on the console (screen)?

A.

Packet Sniffer Mode

B.

Packet Logger Mode

C.

Network Intrusion Detection System Mode

D.

Inline Mode

Which of the following protocols cannot be used to filter VoIP traffic?

A.

Media Gateway Control Protocol (MGCP)

B.

Real-time Transport Control Protocol (RTCP)

C.

Session Description Protocol (SDP)

D.

Real-Time Publish Subscribe (RTPS)

ECCouncil 412-79v10 Premium Access     Download Demo    
Page: 3 / 3
Total 201 questions
Copyright © 2014-2025 Solution2Pass. All Rights Reserved