NZZV ]]] QORRZKYZ IT
▲ Ҳ ԟ ԇ
The safer , easier way to help you pass any IT exams.
Exam : 412-79
Title :
Version : Demo
EC-Council Certified Security Analyst (ECSA)
1 .Your company's network just finished going through a SAS 70 audit. This audit reported that overall, your network is cure, but there are some areas that needs improvement. The major area was SNMP
curity. The audit company recommended turning off SNMP, but that is not an option since you have so many remote nodes to keep track of. What step could you take to help cure SNMP on your network?
A. Change the default community string names
B. Block all internal MAC address from using SNMP
C. Block access to UDP port 171
陶渊明采菊东篱下D. Block access to TCP port 171
Answer: A
2 .At what layer of the OSI model do routers function on?
A. 3
B. 4
C. 5
D. 1
Answer: A
崛起中国3 .An "idle" system is also referred to as what?
A. Zombie
B. PC not being ud
C. Bot
D. PC not connected to the Internet
Answer: A
4 .What operating system would respond to the following command?
象棋车A. Mac OS X
B. Windows XP
心情随笔C. Windows 95
D. FreeBSD
Answer: D
5 .Why are Linux/Unix bad computers better to u than Windows computers for idle scanning?
A. Windows computers will not respond to idle scans
B. Linux/Unix computers are constantly talking
C. Linux/Unix computers are easier to compromi
D. Windows computers are constantly talking
Answer: D
6 .How many bits is Source Port Number in TCP Header packet?
A. 48
B. 32
C. 64
D. 16
Answer: D
7 .Why are Linux/Unix bad computers better to u than Windows computers for idle scanning?
A. Windows computers are constantly talking
B. Linux/Unix computers are constantly talking
C. Linux/Unix computers are easier to compromi
D. Windows computers will not respond to idle scans
Answer: A
8 .Simon is a former employee of Trinitron XML Inc. He feels he was wrongly terminated and wants t
o hack into his former company's network. Since Simon remembers some of the rver names, he attempts to run the axfr and ixfr commands using DIG. What is Simon trying to accomplish here?笑眯眯的近义词
A. Enumerate all the urs in the domain
B. Perform DNS poisoning
C. Send DOS commands to crash the DNS rvers
D. Perform a zone transfer
Answer: D大象耳朵像什么
9 .You are carrying out the last round of testing for your new website before it goes live. The website has many dynamic pages and connects to a SQL backend that access your product inventory in a databa. You come across a web curity site that recommends inputting the following code into a arch field on web pages to check for vulnerabilities:
This is a test
When you type this and click on arch, you receive a pop-up window that says:
"This is a test."
What is the result of this test?
A. Your website is vulnerable to web bugs
B. Your website is vulnerable to CSS
C. Your website is not vulnerable
D. Your website is vulnerable to SQL injection
Answer: B
10 .After attending a CEH curity minar, you make a list of changes you would like to perform on your network to increa its curity. One of the first things you change is to switch the RestrictAnonymous tting from 0 to 1 on your rvers. This, as you were told, would prevent anonymous urs from establishing a null ssion on the rver. Using Urinfo tool mentioned at the minar, you succeed in establishing a null ssion with one of the rvers. Why is that?
A. RestrictAnonymous must be t to "2" for complete curity
B. RestrictAnonymous must be t to "3" for complete curity
C. There is no way to always prevent an anonymous null ssion from establishing
D. RestrictAnonymous must be t to "10" for complete curity
Answer: A
11 .What will the following command accomplish?
A. Test ability of a router to handle over-sized packets
B. Test the ability of a router to handle fragmented packets
C. Test the ability of a WLAN to handle fragmented packets
D. Test the ability of a router to handle under-sized packets
Answer: A
罗永浩语录12 .What are the curity risks of running a "repair" installation for Windows XP?
A. There are no curity risks when running the "repair" installation for Windows XP
B. Pressing Shift+F1gives the ur administrative rights
C. Pressing Ctrl+F10 gives the ur administrative rights
俄罗斯淫妇D. Pressing Shift+F10 gives the ur administrative rights
Answer: D
13 .You are the curity analyst working for a private company out of France. Your current assignment is to obtain credit card information from a Swiss bank owned by that company. After initial reconnaissance, you discover that the bank curity defens are very strong and would take too long to penetrate. You decide to get the information by monitoring the traffic between the bank and one of its subsidiaries in London. After monitoring some of the traffic, you e a lot of FTP packets traveling back and forth. You want to sniff the traffic and extract urnames and passwords. What tool could you u to get this information?
A. RaidSniff
B. Snort
C. Ettercap
D. Airsnort
Answer: C
14 .George is the network administrator of a large Internet company on the west coast. Per corporate policy, none of the employees in the company are allowed to u FTP or SFTP programs without obtaining approval from the IT department. Few managers are using SFTP program on their computers. Before talking to his boss, George wants to have some proof of their activity.
