EC-Council 412-79v10 Free Practice Questions

NEW QUESTION 1
Which of the following documents helps in creating a confidential relationship between the pen tester and client to protect critical and confidential information or trade secrets?

• A. Penetration Testing Agreement
• B. Rules of Behavior Agreement
• C. Liability Insurance
• D. Non-Disclosure Agreement

Answer: D

NEW QUESTION 2
Rule of Engagement (ROE) is the formal permission to conduct a pen-test. It provides top-level guidance for conducting the penetration testing. Various factors are considered while preparing the scope of ROE which clearly explain the limits associated with the security test.

Which of the following factors is NOT considered while preparing the scope of the Rules of Engagment (ROE)?

• A. A list of employees in the client organization
• B. A list of acceptable testing techniques
• C. Specific IP addresses/ranges to be tested
• D. Points of contact for the penetration testing team

Answer: A

NEW QUESTION 3
How many bits is Source Port Number in TCP Header packet?

• A. 48
• B. 32
• C. 64
• D. 16

Answer: D

NEW QUESTION 4
An "idle" system is also referred to as what?

• A. Zombie
• B. PC not being used
• C. Bot
• D. PC not connected to the Internet

Answer: A

NEW QUESTION 5
Which of the following is the range for assigned ports managed by the Internet Assigned Numbers Authority (IANA)?

• A. 3001-3100
• B. 5000-5099
• C. 6666-6674
• D. 0 – 1023

Answer: D

NEW QUESTION 6
You work as an IT security auditor hired by a law firm in Boston. You have been assigned the responsibility to audit the client for security risks. When assessing the risk to the clients network, what step should you take first?

• A. Analyzing, categorizing and prioritizing resources
• B. Evaluating the existing perimeter and internal security
• C. Checking for a written security policy
• D. Analyzing the use of existing management and control architecture

Answer: C

NEW QUESTION 7
Which of the following are the default ports used by NetBIOS service?

• A. 135, 136, 139, 445
• B. 134, 135, 136, 137
• C. 137, 138, 139, 140
• D. 133, 134, 139, 142

Answer: A

NEW QUESTION 8
Choose the correct option to define the Prefix Length.

• A. Prefix Length = Subnet + Host portions
• B. Prefix Length = Network + Host portions
• C. Prefix Length = Network + Subnet portions
• D. Prefix Length = Network + Subnet + Host portions

Answer: C

NEW QUESTION 9
What does ICMP Type 3/Code 13 mean?

• A. Host Unreachable
• B. Port Unreachable
• C. Protocol Unreachable
• D. Administratively Blocked

Answer: D

NEW QUESTION 10
Which of the following is not a characteristic of a firewall?

• A. Manages public access to private networked resources
• B. Routes packets between the networks
• C. Examines all traffic routed between the two networks to see if it meets certain criteria
• D. Filters only inbound traffic but not outbound traffic

Answer: D

NEW QUESTION 11
Jessica works as systems administrator for a large electronics firm. She wants to scan her network quickly to detect live hosts by using ICMP ECHO Requests. What type of scan is Jessica going to perform?

• A. Smurf scan
• B. Tracert
• C. Ping trace
• D. ICMP ping sweep

Answer: D

NEW QUESTION 12
During the process of fingerprinting a web application environment, what do you need to do in order to analyze HTTP and HTTPS request headers and the HTML source code?

• A. Examine Source of the Available Pages
• B. Perform Web Spidering
• C. Perform Banner Grabbing
• D. Check the HTTP and HTML Processing by the Browser

Answer: D

NEW QUESTION 13
John, the penetration testing manager in a pen testing firm, needs to prepare a pen testing pricing report for a client. Which of the following factors does he need to consider while preparing the pen testing pricing report?

• A. Number of employees in the client organization
• B. Complete structure of the organization
• C. Number of client computers to be tested and resources required to perform a pen test
• D. Number of servers available in the client organization

Answer: C

NEW QUESTION 14
Which of the following statements is true about the LM hash?

• A. Disabled in Windows Vista and 7 OSs
• B. Separated into two 8-character strings
• C. Letters are converted to the lowercase
• D. Padded with NULL to 16 characters

Answer: A

NEW QUESTION 15
Which of the following policies states that the relevant application owner must authorize requests for additional access to specific business applications in writing to the IT Department/resource?

• A. Special-Access Policy
• B. User Identification and Password Policy
• C. Personal Computer Acceptable Use Policy
• D. User-Account Policy

Answer: B

NEW QUESTION 16
The Web parameter tampering attack is based on the manipulation of parameters exchanged between client and server in order to modify application data, such as user credentials and permissions, price and quantity of products, etc.
Usually, this information is stored in cookies, hidden form fields, or URL Query Strings, and is used to increase application functionality and control. This attack takes advantage of the fact that many programmers rely on hidden or fixed fields (such as a hidden tag in a form or a parameter in a URL) as the only security measure for certain operations.
Attackers can easily modify these parameters to bypass the security mechanisms that rely on them.

What is the best way to protect web applications from parameter tampering attacks?

• A. Validating some parameters of the web application
• B. Minimizing the allowable length of parameters
• C. Using an easily guessable hashing algorithm
• D. Applying effective input field filtering parameters

Answer: D