Prüfung Exam zertifizierung 412-79v8 Testfragen PDF

Prüfung Exam zertifizierung 412-79v8 Testfragen PDF EC-Council Certified Security Analyst (ECSA) v8


Which one of the following tools of trade is an automated, comprehensive penetration testing product for assessing the specific information security threats to an organization?

A. Sunbelt Network Security Inspector (SNSI)
B. CORE Impact
C. Canvas
D. Microsoft Baseline Security Analyzer (MBSA)

Answer: C


Attackers create secret accounts and gain illegal access to resources using backdoor while bypassing the authentication procedures. Creating a backdoor is a where an attacker obtains remote access to a computer on a network.

Which of the following techniques do attackers use to create backdoors to covertly gather critical information about a target machine?

A. Internal network mapping to map the internal network of the target machine
B. Port scanning to determine what ports are open or in use on the target machine
C. Sniffing to monitor all the incoming and outgoing network traffic
D. Social engineering and spear phishing attacks to install malicious programs on the target machine

Answer: D

412-79v8 Prüfungsfragen, 412-79v8 Examensfragen EC-Council Certified Security Analyst (ECSA) v8 (ICND2 v3.0)


Which of the following reports provides a summary of the complete pen testing process, its outcomes, and recommendations?

A. Vulnerability Report
B. Executive Report
C. Client-side test Report
D. Host Report

Answer: B


Which of the following statements is true about the LM hash?

A. Disabled in Windows Vista and 7 OSs
B. Separated into two 8-character strings
C. Letters are converted to the lowercase
D. Padded with NULL to 16 characters

Answer: A

Prüfungsvorbereitung Studienmaterial 412-79v8 deutsch EC-Council Certified Security Analyst (ECSA) v8


A man enters a PIN number at an ATM machine, being unaware that the person next to him was watching. Which of the following social engineering techniques refers to this type of information theft?

A. Shoulder surfing
B. Phishing
C. Insider Accomplice
D. Vishing

Answer: A

Prüfungsvorbereitung Exam Dumps 312-50v8 Prüfungsfragen

Prüfungsvorbereitung Exam Dumps 312-50v8 Prüfungsfragen Certified Ethical Hacker v8 (ICND2 v3.0)

Which of the following countermeasure can specifically protect against both the MAC Flood and MAC Spoofing attacks?
A. Configure Port Security on the switch
B. Configure Port Recon on the switch
C. Configure Switch Mapping
D. Configure Multiple Recognition on the switch

Answer: A

Jimmy, an attacker, knows that he can take advantage of poorly designed input validation routines to create or alter SQL commands to gain access to private data or execute commands in the database. What technique does Jimmy use to compromise a database?
A. Jimmy can submit user input that executes an operating system command to compromise a target system
B. Jimmy can gain control of system to flood the target system with requests, preventing legitimate users from gaining access
C. Jimmy can utilize an incorrect configuration that leads to access with higher-than expected privilege of the database
D. Jimmy can utilize this particular database threat that is an SQL injection technique to penetrate a target system

Answer: D

This IDS defeating technique works by splitting a datagram (or packet) into multiple fragments and the IDS will not spot the true nature of the fully assembled datagram. The datagram is not reassembled until it reaches its final destination. It would be a processor-intensive task for IDS to reassemble all fragments itself, and on a busy system the packet will slip through the IDS onto the network. What is this technique called?
A. IP Routing or Packet Dropping
B. IDS Spoofing or Session Assembly
C. IP Fragmentation or Session Splicing
D. IP Splicing or Packet Reassembly

Answer: C

Prüfungsvorbereitung Studienmaterial 312-50v8 deutsch Certified Ethical Hacker v8

If a competitor wants to cause damage to your organization, steal critical secrets, or put you out of business, they just have to find a job opening, prepare someone to pass the interview, have that person hired, and they will be in the organization.

How would you prevent such type of attacks?
A. It is impossible to block these attacks
B. Hire the people through third-party job agencies who will vet them for you
C. Conduct thorough background checks before you engage them
D. Investigate their social networking profiles

Answer: C

This type of Port Scanning technique splits TCP header into several packets so that the packet filters are not able to detect what the packets intends to do.
A. UDP Scanning
B. IP Fragment Scanning
C. Inverse TCP flag scanning
D. ACK flag scanning

Answer: B

IT-Prüfungen 312-50v8 Certified Ethical Hacker v8

Joel and her team have been going through tons of garbage, recycled paper, and other rubbish in order to find some information about the target they are attempting to penetrate. How would you call this type of activity?
A. Dumpster Diving
B. Scanning
C. CI Gathering
D. Garbage Scooping

Answer: A

Exam study guide 312-50 Prüfungsfragen vce pdf

Exam study guide 312-50 Prüfungsfragen vce pdf Ethical Hacker Certified (ICND2 v3.0)

What is the essential difference between an ‘Ethical Hacker’ and a ‘Cracker’?
A. The ethical hacker does not use the same techniques or skills as a cracker.
B. The ethical hacker does it strictly for financial motives unlike a cracker.
C. The ethical hacker has authorization from the owner of the target.
D. The ethical hacker is just a cracker who is getting paid.

Answer: C

The ethical hacker uses the same techniques and skills as a cracker and the motive is to find the security breaches before a cracker does. There is nothing that says that a cracker does not get paid for the work he does, a ethical hacker has the owners authorization and will get paid even if he does not succeed to penetrate the target.

What does the term “Ethical Hacking” mean?
A. Someone who is hacking for ethical reasons.
B. Someone who is using his/her skills for ethical reasons.
C. Someone who is using his/her skills for defensive purposes.
D. Someone who is using his/her skills for offensive purposes.

Answer: C
Ethical hacking is only about defending your self or your employer against malicious
persons by using the same techniques and skills.

Prüfungsvorbereitung Studienmaterial 312-50 deutsch Ethical Hacker Certified

Who is an Ethical Hacker?
A. A person who hacks for ethical reasons
B. A person who hacks for an ethical cause
C. A person who hacks for defensive purposes
D. A person who hacks for offensive purposes

Answer: C

The Ethical hacker is a security professional who applies his hacking skills for
defensive purposes.

What is “Hacktivism”?
A. Hacking for a cause
B. Hacking ruthlessly
C. An association which groups activists
D. None of the above

Answer: A

The term was coined by author/critic Jason Logan King Sack in an article about
media artist Shu Lea Cheang. Acts of hacktivism are carried out in the belief that proper use of code will have leveraged effects similar to regular activism or civil disobedience.

IT-Prüfungen 312-50 Ethical Hacker Certified

Where should a security tester be looking for information that could be used by an attacker against an organization? (Select all that apply)
A. CHAT rooms
B. WHOIS database
C. News groups
D. Web sites
E. Search engines
F. Organization’s own web site

Answer: A,B,C,D,E,F

exam IT-Prüfungen 312-49v8 Testfragen study materials exam IT-Prüfungen 312-49v8 Testfragen study materials Computer Hacking Forensic Investigator Exam

What is the First Step required in preparing a computer for forensics investigation?

A. Do not turn the computer off or on, run any programs, or attempt to access data on a computer
B. Secure any relevant media
C. Suspend automated document destruction and recycling policies that may pertain to any relevant media or users at Issue
D. Identify the type of data you are seeking, the Information you are looking for, and the urgency level of the examination

Answer: A

Network forensics can be defined as the sniffing, recording, acquisition and analysis of the
network traffic and event logs in order to investigate a network security incident.

A. True
B. False

Answer: A

Which of the following commands shows you the names of all open shared files on a server and number of file locks on each file?

A. Net sessions
B. Net file
C. Netconfig
D. Net share

Answer: B

312-49v8 Prüfungsfragen, 312-49v8 Examensfragen Computer Hacking Forensic Investigator Exam (ICND2 v3.0)

The Recycle Bin exists as a metaphor for throwing files away, but it also allows user to retrieve and restore files. Once the file is moved to the recycle bin, a record is added to the log file that exists in the Recycle Bin.
Which of the following files contains records that correspond to each deleted file in the Recycle Bin?

A. INFO2 file
B. INFO1 file
C. LOGINFO2 file
D. LOGINFO1 file

Answer: A

Email archiving is a systematic approach to save and protect the data contained in emails so that it can be accessed fast at a later date. There are two main archive types, namely Local Archive and Server Storage Archive. Which of the following statements is correct while dealing with local archives?

A. It is difficult to deal with the webmail as there is no offline archive in most cases. So consult your counsel on the case as to the best way to approach and gain access to the required data on servers
B. Local archives do not have evidentiary value as the email client may alter the message data
C. Local archives should be stored together with the server storage archives in order to be
admissible in a court of law
D. Server storage archives are the server information and settings stored on a local system whereas the local archives are the local email client information stored on the mail server

Answer: A

Prüfungsvorbereitung Studienmaterial 312-49v8 deutsch Computer Hacking Forensic Investigator Exam

Which of the following email headers specifies an address for mailer-generated errors, like “no such user” bounce messages, to go to (instead of the sender’s address)?

A. Errors-To header
B. Content-Transfer-Encoding header
C. Mime-Version header
D. Content-Type header

Answer: A

übungstest Exam 312-49 Fragenkatalog Prüfungsfragen PDF

übungstest Exam 312-49 Fragenkatalog Prüfungsfragen PDF Computer Hacking Forensic Investigator (ICND2 v3.0)

When an investigator contacts by telephone the domain administrator or controller listed by a whois lookup to request all e-mails sent and received for a user account be preserved, what U.S.C. statute authorizes this phone call and obligates the ISP to preserve e-mail records?

A. Title 18, Section 1030
B. Title 18, Section 2703(d)
C. Title 18, Section Chapter 90
D. Title 18, Section 2703(f)

Answer: D

Item 2If you come across a sheepdip machine at your client site, what would you infer?

A. Asheepdip coordinates several honeypots
B. Asheepdip computer is another name for a honeypot
C. Asheepdip computer is used only for virus-checking.
D. Asheepdip computer defers a denial of service attack

Answer: C

In a computer forensics investigation, what describes the route that evidence takes from the time you find it until the case is closed or goes to court?

A. rules of evidence
B. law of probability
C. chain of custody
D. policy of separation

Answer: C

Prüfungsvorbereitung Studienmaterial 312-49 deutsch Computer Hacking Forensic Investigator

How many characters long is the fixed-length MD5 algorithm checksum of a critical system file?
A. 128
B. 64
C. 32
D. 16
Answer: C

To calculate the number of bytes on a disk, the formula is: CHS**

A. number of circles x number of halves x number of sides x 512 bytes per sector
number of cylinders x number of halves x number of shims x 512 bytes per sector
number of cells x number of heads x number of sides x 512 bytes per sector
number of cylinders x number of halves x number of shims x 512 bytes per sector

Answer: A

IT-Prüfungen 312-49 Computer Hacking Forensic Investigator

You are using DriveSpy, a forensic tool and want to copy 150 sectors where the starting sector is 1709 on the primary hard drive. Which of the following formats correctly specifies these sectors?

A. 0:1000, 150
B. 0:1709, 150
C. 1:1709, 150
D. 0:1709-1858

Answer: B