EC-Council Certified Security Analyst (ECSA) (412-79) Free Practice Test

Question 1

Which one of the following is a supporting tool for 802.11 (wireless) packet injections, it spoofs 802.11 packets to verify whether the access point is valid or not?

A. Airpwn

B. Airsnort

C. Aircrack

D. WEPCrack

Correct Answer: A

Question 2

Many security and compliance projects begin with a simple idea: assess the organization's risk, vulnerabilities, and breaches. Implementing an IT security risk assessment is critical to the overall security posture of any organization.
An effective security risk assessment can prevent breaches and reduce the impact of realized breaches.

What is the formula to calculate risk?

A. Risk = Loss x Exposure factor

B. Risk = Threats x Attacks

C. Risk = Budget x Time

D. Risk = Goodwill x Reputation

Correct Answer: A

Question 3

Which of the following equipment could a pen tester use to perform shoulder surfing?

A. Microphone

B. Painted ultraviolet material

C. All the above

D. Binoculars

Correct Answer: D

Question 4

Identify the transition mechanism to deploy IPv6 on the IPv4 network from the following diagram.

A. Dual Stacks

B. Tunneling

C. Encapsulation

D. Translation

Correct Answer: B

Question 5

Snort, an open source network-based intrusion detection sensor, is the most widely installed NIDS in the world. It can be configured to run in the four modes. Which one of the following modes reads the packets off the network and displays them in a continuous stream on the console (screen)?

A. Inline Mode

B. Packet Sniffer Mode

C. Network Intrusion Detection System Mode

D. Packet Logger Mode

Correct Answer: B

Question 6

Which of the following is not a characteristic of a firewall?

A. Manages public access to private networked resources

B. Filters only inbound traffic but not outbound traffic

C. Examines all traffic routed between the two networks to see if it meets certain criteria

D. Routes packets between the networks

Correct Answer: B

Question 7

External penetration testing is a traditional approach to penetration testing and is more focused on the servers, infrastructure and the underlying software comprising the target. It involves a comprehensive analysis of publicly available information about the target, such as Web servers, Mail servers, Firewalls, and Routers.

Which of the following types of penetration testing is performed with no prior knowledge of the site?

A. Blue box testing

B. White box testing

C. Grey box testing

D. Black box testing

Correct Answer: D

Question 8

Which one of the following Snort logger mode commands is associated to run a binary log file through Snort in sniffer mode to dump the packets to the screen?

A. ./snort -dvr packet.log icmp

B. ./snort -l ./log -b

C. ./snort -dev -l ./log

D. ./snort -dv -r packet.log

Correct Answer: D

Question 9

DNS information records provide important data about:

A. Phone and Fax Numbers

B. Location and Type of Servers

C. New Customer

D. Agents Providing Service to Company Staff

Correct Answer: B

Welcome to TestSimulate

EC-COUNCIL EC-Council Certified Security Analyst (ECSA) (412-79) Free Practice Test