EC-Council 412-79v9 Free Practice Questions

NEW QUESTION 1
The term social engineering is used to describe the various tricks used to fool people (employees, business partners, or customers) into voluntarily giving away information that would not normally be known to the general public.

What is the criminal practice of social engineering where an attacker uses the telephone system in an attempt to scam the user into surrendering private information?

• A. Phishing
• B. Spoofing
• C. Tapping
• D. Vishing

Answer: D

NEW QUESTION 2
An automated electronic mail message from a mail system which indicates that the user does not exist on that server is called as?

• A. SMTP Queue Bouncing
• B. SMTP Message Bouncing
• C. SMTP Server Bouncing
• D. SMTP Mail Bouncing

Answer: D

Explanation:
Reference: http://en.wikipedia.org/wiki/Bounce_message

NEW QUESTION 3
How many bits is Source Port Number in TCP Header packet?

• A. 48
• B. 32
• C. 64
• D. 16

Answer: D

NEW QUESTION 4
Which one of the following tools of trade is an automated, comprehensive penetration testing product for assessing the specific information security threats to an organization?

• A. Sunbelt Network Security Inspector (SNSI)
• B. CORE Impact
• C. Canvas
• D. Microsoft Baseline Security Analyzer (MBSA)

Answer: C

NEW QUESTION 5
A Demilitarized Zone (DMZ) is a computer host or small network inserted as a “neutral zone” between a company’s private network and the outside public network. Usage of a protocol within a DMZ environment is highly variable based on the specific needs of an organization. Privilege escalation, system is compromised when the code runs under root credentials, and DoS attacks are the basic weakness of which one of the following Protocol?

• A. Lightweight Directory Access Protocol (LDAP)
• B. Simple Network Management Protocol (SNMP)
• C. Telnet
• D. Secure Shell (SSH)

Answer: D

NEW QUESTION 6
Information gathering is performed to:
i) Collect basic information about the target company and its network
ii) Determine the operating system used, platforms running, web server versions, etc.
iii) Find vulnerabilities and exploits

Which of the following pen testing tests yields information about a company’s technology infrastructure?

• A. Searching for web page posting patterns
• B. Analyzing the link popularity of the company’s website
• C. Searching for trade association directories
• D. Searching for a company’s job postings

Answer: D

NEW QUESTION 7
Identify the person who will lead the penetration-testing project and be the client point of contact.

• A. Database Penetration Tester
• B. Policy Penetration Tester
• C. Chief Penetration Tester
• D. Application Penetration Tester

Answer: C

Explanation:
Reference: http://www.scribd.com/doc/133635286/LPTv4-Module-15-Pre-Penetration-Testing-Checklist-NoRestriction (page 15)

NEW QUESTION 8
Identify the attack represented in the diagram below:

• A. Input Validation
• B. Session Hijacking
• C. SQL Injection
• D. Denial-of-Service

Answer: B

Explanation:
Reference: http://en.wikipedia.org/wiki/Session_hijacking

NEW QUESTION 9
Metasploit framework in an open source platform for vulnerability research, development, and penetration testing. Which one of the following metasploit options is used to exploit multiple systems at once?

• A. NinjaDontKill
• B. NinjaHost
• C. RandomNops
• D. EnablePython

Answer: A

NEW QUESTION 10
Internet Control Message Protocol (ICMP) messages occur in many situations, such as whenever a datagram cannot reach the destination or the gateway does not have the buffering capacity to forward a datagram. Each ICMP message contains three fields: type, code, and checksum. Different types of Internet Control Message Protocols (ICMPs) are identified by a type and code field.

Which of the following ICMP messages will be generated if the destination port is not
reachable?

• A. ICMP Type 11 code 1
• B. ICMP Type 5 code 3
• C. ICMP Type 3 code 2
• D. ICMP Type 3 code 3

Answer: D

NEW QUESTION 11
Identify the transition mechanism to deploy IPv6 on the IPv4 network from the following diagram.

• A. Translation
• B. Tunneling
• C. Dual Stacks
• D. Encapsulation

Answer: B

NEW QUESTION 12
Which of the following policy forbids everything with strict restrictions on all usage of the company systems and network?

• A. Information-Protection Policy
• B. Paranoid Policy
• C. Promiscuous Policy
• D. Prudent Policy

Answer: B

NEW QUESTION 13
In which of the following IDS evasion techniques does IDS reject the packets that an end system accepts?

• A. IPS evasion technique
• B. IDS evasion technique
• C. UDP evasion technique
• D. TTL evasion technique

Answer: D

Explanation:
Reference: http://is.muni.cz/th/172999/fi_m/MT_Bukac.pdf (page 24)

NEW QUESTION 14
Which of the following is NOT generally included in a quote for penetration testing services?

• A. Type of testing carried out
• B. Type of testers involved
• C. Budget required
• D. Expected timescale required to finish the project

Answer: B

NEW QUESTION 15
Identify the injection attack represented in the diagram below:

• A. XPath Injection Attack
• B. XML Request Attack
• C. XML Injection Attack
• D. Frame Injection Attack

Answer: C

Explanation:
Reference: http://projects.webappsec.org/w/page/13247004/XML%20Injection

NEW QUESTION 16
In which of the following firewalls are the incoming or outgoing packets blocked from accessing services for which there is no proxy?

• A. Circuit level firewalls
• B. Packet filters firewalls
• C. Stateful multilayer inspection firewalls
• D. Application level firewalls

Answer: D

Explanation:
Reference: http://www.vicomsoft.com/learning-center/firewalls/

NEW QUESTION 17
When you are running a vulnerability scan on a network and the IDS cuts off your
connection, what type of IDS is being used?

• A. Passive IDS
• B. Active IDS
• C. Progressive IDS
• D. NIPS

Answer: B

NEW QUESTION 18
Which one of the following log analysis tools is used for analyzing the server’s log files?

• A. Performance Analysis of Logs tool
• B. Network Sniffer Interface Test tool
• C. Ka Log Analyzer tool
• D. Event Log Tracker tool

Answer: C

NEW QUESTION 19
To locate the firewall, SYN packet is crafted using Hping or any other packet crafter and sent to the firewall. If ICMP unreachable type 13 message (which is an admin prohibited packet) with a source IP address of the access control device is received, then it means which of the following type of firewall is in place?

• A. Circuit level gateway
• B. Stateful multilayer inspection firewall
• C. Packet filter
• D. Application level gateway

Answer: C

NEW QUESTION 20
Attackers create secret accounts and gain illegal access to resources using backdoor while bypassing the authentication procedures. Creating a backdoor is a where an attacker obtains remote access to a computer on a network.

Which of the following techniques do attackers use to create backdoors to covertly gather
critical information about a target machine?

• A. Internal network mapping to map the internal network of the target machine
• B. Port scanning to determine what ports are open or in use on the target machine
• C. Sniffing to monitor all the incoming and outgoing network traffic
• D. Social engineering and spear phishing attacks to install malicious programs on the target machine

Answer: D

NEW QUESTION 21
You have compromised a lower-level administrator account on an Active Directory network of a small company in Dallas, Texas. You discover Domain Controllers through enumeration. You connect to one of the Domain Controllers on port 389 using Idp.exe. What are you trying to accomplish here?

• A. Poison the DNS records with false records
• B. Enumerate MX and A records from DNS
• C. Establish a remote connection to the Domain Controller
• D. Enumerate domain user accounts and built-in groups

Answer: D

NEW QUESTION 22
The first and foremost step for a penetration test is information gathering. The main objective of this test is to gather information about the target system which can be used in a malicious manner to gain access to the target systems.

Which of the following information gathering terminologies refers to gathering information through social engineering on-site visits, face-to-face interviews, and direct questionnaires?

• A. Active Information Gathering
• B. Pseudonymous Information Gathering
• C. Anonymous Information Gathering
• D. Open Source or Passive Information Gathering

Answer: A

NEW QUESTION 23
A WHERE clause in SQL specifies that a SQL Data Manipulation Language (DML) statement should only affect rows that meet specified criteria. The criteria are expressed in the form of predicates. WHERE clauses are not mandatory clauses of SQL DML statements, but can be used to limit the number of rows affected by a SQL DML statement or returned by a query.

A pen tester is trying to gain access to a database by inserting exploited query statements with a WHERE clause. The pen tester wants to retrieve all the entries from the database using the WHERE clause from a particular table (e.g. StudentTable).
What query does he need to write to retrieve the information?

• A. EXTRACT* FROM StudentTable WHERE roll_number = 1 order by 1000
• B. DUMP * FROM StudentTable WHERE roll_number = 1 AND 1=1—
• C. SELECT * FROM StudentTable WHERE roll_number = '' or '1' = '1‘
• D. RETRIVE * FROM StudentTable WHERE roll_number = 1'#

Answer: C

NEW QUESTION 24
Amazon Consulting Corporation provides penetration testing and managed security services to companies. Legality and regulatory compliance is one of the important components in conducting a successful security audit.
Before starting a test, one of the agreements both the parties need to sign relates to limitations, constraints, liabilities, code of conduct, and indemnification considerations between the parties.

Which agreement requires a signature from both the parties (the penetration tester and the company)?

• A. Non-disclosure agreement
• B. Client fees agreement
• C. Rules of engagement agreement
• D. Confidentiality agreement

Answer: C

NEW QUESTION 25
Which of the following statements is true about the LM hash?

• A. Disabled in Windows Vista and 7 OSs
• B. Separated into two 8-character strings
• C. Letters are converted to the lowercase
• D. Padded with NULL to 16 characters

Answer: A

Explanation:
Reference: http://www.onlinehashcrack.com/how_to_crack_windows_passwords.php (first paragraph of the page)

NEW QUESTION 26
Variables are used to define parameters for detection, specifically those of your local network and/or specific servers or ports for inclusion or exclusion in rules. These are simple substitution variables set with the var keyword. Which one of the following operator is used to define meta-variables?

• A. “$”
• B. “#”
• C. “*”
• D. “?”

Answer: A

NEW QUESTION 27
In the TCP/IP model, the transport layer is responsible for reliability and flow control from source to the destination. TCP provides the mechanism for flow control by allowing the sending and receiving hosts to communicate. A flow control mechanism avoids the problem with a transmitting host overflowing the buffers in the receiving host.

Which of the following flow control mechanism guarantees reliable delivery of data?

• A. Sliding Windows
• B. Windowing
• C. Positive Acknowledgment with Retransmission (PAR)
• D. Synchronization

Answer: C

Explanation:
Reference: http://condor.depaul.edu/jkristof/technotes/tcp.html (1.1.3 Reliability)

NEW QUESTION 28
In Linux, /etc/shadow file stores the real password in encrypted format for user’s account with added properties associated with the user’s password.

In the example of a /etc/shadow file below, what does the bold letter string indicate?
Vivek: $1$fnffc$GteyHdicpGOfffXX40w#5:13064:0:99999:7

• A. Number of days the user is warned before the expiration date
• B. Minimum number of days required between password changes
• C. Maximum number of days the password is valid
• D. Last password changed

Answer: B

Explanation:
Reference: http://www.cyberciti.biz/faq/understanding-etcshadow-file/ (bullet # 4)

NEW QUESTION 29
Packet filtering firewalls are usually a part of a router. In a packet filtering firewall, each packet is compared to a set of criteria before it is forwarded.
Depending on the packet and the criteria, the firewall can: i)Drop the packet
ii) Forward it or send a message to the originator

At which level of the OSI model do the packet filtering firewalls work?

• A. Application layer
• B. Physical layer
• C. Transport layer
• D. Network layer

Answer: D

Explanation:
Reference: http://books.google.com.pk/books?id=KPjLAyA7HgoC&pg=PA208&lpg=PA208&dq=At+whi ch+level+of+the+OSI+model+do+the+packet+filtering+firewalls+work&source=bl&ots=zRrbcmY3pj&sig=I3vuS3VA7r- 3VF8lC6xq_c_r31M&hl=en&sa=X&ei=wMcfVMetI8HPaNSRgPgD&ved=0CC8Q6AEwAg#v
=onepage&q=At%20which%20level%20of%20the%20OSI%20model%20do%20the%20pa cket%20filtering%20firewalls%20work&f=false (packet filters)

NEW QUESTION 30
......