The Secret Of EC-Council 412-79v9 Free Download

NEW QUESTION 1
A chipset is a group of integrated circuits that are designed to work together and are usually marketed as a single product.” It is generally the motherboard chips or the chips used on the expansion card. Which one of the following is well supported in most wireless applications?

• A. Orinoco chipsets
• B. Prism II chipsets
• C. Atheros Chipset
• D. Cisco chipset

Answer: B

NEW QUESTION 2
A WHERE clause in SQL specifies that a SQL Data Manipulation Language (DML) statement should only affect rows that meet specified criteria. The criteria are expressed in the form of predicates. WHERE clauses are not mandatory clauses of SQL DML statements, but can be used to limit the number of rows affected by a SQL DML statement or returned by a query.

A pen tester is trying to gain access to a database by inserting exploited query statements with a WHERE clause. The pen tester wants to retrieve all the entries from the database using the WHERE clause from a particular table (e.g. StudentTable).
What query does he need to write to retrieve the information?

• A. EXTRACT* FROM StudentTable WHERE roll_number = 1 order by 1000
• B. DUMP * FROM StudentTable WHERE roll_number = 1 AND 1=1—
• C. SELECT * FROM StudentTable WHERE roll_number = '' or '1' = '1‘
• D. RETRIVE * FROM StudentTable WHERE roll_number = 1'#

Answer: C

NEW QUESTION 3
Which type of vulnerability assessment tool provides security to the IT system by testing for vulnerabilities in the applications and operation system?

• A. Active/Passive Tools
• B. Application-layer Vulnerability Assessment Tools
• C. Location/Data Examined Tools
• D. Scope Assessment Tools

Answer: D

Explanation:
Reference: http://books.google.com.pk/books?id=7dwEAAAAQBAJ&pg=SA7- PA11&lpg=SA7- PA11&dq=vulnerability+assessment+tool+provides+security+to+the+IT+system+by+testing
+for+vulnerabilities+in+the+applications+and+operation+system&source=bl&ots=SQCLHR nnjI&sig=HpenOheCU4GBOnkA4EurHCMfND4&hl=en&sa=X&ei=DqYfVJCLHMTnyQODn 4C4Cw&ved=0CDQQ6AEwAw#v=onepage&q=vulnerability%20assessment%20tool%20pr ovides%20security%20to%20the%20IT%20system%20by%20testing%20for%20vulnerabili ties%20in%20the%20applications%20and%20operation%20system&f=false

NEW QUESTION 4
In which of the following IDS evasion techniques does IDS reject the packets that an end system accepts?

• A. IPS evasion technique
• B. IDS evasion technique
• C. UDP evasion technique
• D. TTL evasion technique

Answer: D

Explanation:
Reference: http://is.muni.cz/th/172999/fi_m/MT_Bukac.pdf (page 24)

NEW QUESTION 5
In the process of hacking a web application, attackers manipulate the HTTP requests to subvert the application authorization schemes by modifying input fields that relate to the user ID, username, access group, cost, file names, file identifiers, etc. They first access the web application using a low privileged account and then escalate privileges to access protected resources. What attack has been carried out?

• A. XPath Injection Attack
• B. Authorization Attack
• C. Authentication Attack
• D. Frame Injection Attack

Answer: B

Explanation:
Reference: http://luizfirmino.blogspot.com/2011_09_01_archive.html (see authorization attack)

NEW QUESTION 6
Which of the following information gathering techniques collects information from an organization’s web-based calendar and email services?

• A. Anonymous Information Gathering
• B. Private Information Gathering
• C. Passive Information Gathering
• D. Active Information Gathering

Answer: D

Explanation:
Reference: http://luizfirmino.blogspot.com/2011/09/footprinting-terminologies.html

NEW QUESTION 7
Which of the following has an offset field that specifies the length of the header and data?

• A. IP Header
• B. UDP Header
• C. ICMP Header
• D. TCP Header

Answer: D

NEW QUESTION 8
A framework is a fundamental structure used to support and resolve complex issues. The framework that delivers an efficient set of technologies in order to develop applications which are more secure in using Internet and Intranet is:

• A. Microsoft Internet Security Framework
• B. Information System Security Assessment Framework (ISSAF)
• C. Bell Labs Network Security Framework
• D. The IBM Security Framework

Answer: A

NEW QUESTION 9
Which of the following pen testing reports provides detailed information about all the tasks performed during penetration testing?

• A. Client-Side Test Report
• B. Activity Report
• C. Host Report
• D. Vulnerability Report

Answer: A

NEW QUESTION 10
What is the difference between penetration testing and vulnerability testing?

• A. Penetration testing goes one step further than vulnerability testing; while vulnerability tests check for known vulnerabilities, penetration testing adopts the concept of ‘in-depth ethical hacking’
• B. Penetration testing is based on purely online vulnerability analysis while vulnerability testing engages ethical hackers to find vulnerabilities
• C. Vulnerability testing is more expensive than penetration testing
• D. Penetration testing is conducted purely for meeting compliance standards while vulnerability testing is focused on online scans

Answer: A

NEW QUESTION 11
Which of the following acts is a proprietary information security standard for organizations that handle cardholder information for the major debit, credit, prepaid, e-purse, ATM, and POS cards and applies to all entities involved in payment card processing?

• A. PIPEDA
• B. PCI DSS
• C. Human Rights Act 1998
• D. Data Protection Act 1998

Answer: B

Explanation:
Reference: http://en.wikipedia.org/wiki/Payment_Card_Industry_Data_Security_Standard

NEW QUESTION 12
Which of the following is an application alert returned by a web application that helps an attacker guess a valid username?

• A. Invalid username or password
• B. Account username was not found
• C. Incorrect password
• D. Username or password incorrect

Answer: C

NEW QUESTION 13
Firewall and DMZ architectures are characterized according to its design. Which one of the following architectures is used when routers have better high-bandwidth data stream handling capacity?

• A. Weak Screened Subnet Architecture
• B. "Inside Versus Outside" Architecture
• C. "Three-Homed Firewall" DMZ Architecture
• D. Strong Screened-Subnet Architecture

Answer: A

NEW QUESTION 14
Which of the following statements is true about the LM hash?

• A. Disabled in Windows Vista and 7 OSs
• B. Separated into two 8-character strings
• C. Letters are converted to the lowercase
• D. Padded with NULL to 16 characters

Answer: A

Explanation:
Reference: http://www.onlinehashcrack.com/how_to_crack_windows_passwords.php (first paragraph of the page)

NEW QUESTION 15
Phishing is typically carried out by email spoofing or instant messaging and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one.
Phishing is an example of social engineering techniques used to deceive users, and exploits the poor usability of current web security technologies. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures.

What characteristics do phishing messages often have that may make them identifiable?

• A. Invalid email signatures or contact information
• B. Suspiciously good grammar and capitalization
• C. They trigger warning pop-ups
• D. Suspicious attachments

Answer: C

NEW QUESTION 16
You are conducting a penetration test against a company and you would like to know a personal email address of John, a crucial employee. What is the fastest, cheapest way to find out John’s email address.

• A. Call his wife and ask for his personal email account
• B. Call a receptionist and ask for John Stevens’ personal email account
• C. Search in Google for his personal email ID
• D. Send an email to John stating that you cannot send him an important spreadsheet attachment file to his business email account and ask him if he has any other email accounts

Answer: D

NEW QUESTION 17
One of the steps in information gathering is to run searches on a company using complex keywords in Google.

Which search keywords would you use in the Google search engine to find all the PowerPoint presentations containing information about a target company, ROCHESTON?

• A. ROCHESTON fileformat:+ppt
• B. ROCHESTON ppt:filestring
• C. ROCHESTON filetype:ppt
• D. ROCHESTON +ppt:filesearch

Answer: C

Explanation:
Reference: http://blog.hubspot.com/blog/tabid/6307/bid/1264/12-Quick-Tips-To-Search-Google-Like-An-Expert.aspx (specific document types)

NEW QUESTION 18
Which of the following protocols cannot be used to filter VoIP traffic?

• A. Media Gateway Control Protocol (MGCP)
• B. Real-time Transport Control Protocol (RTCP)
• C. Session Description Protocol (SDP)
• D. Real-Time Publish Subscribe (RTPS)

Answer: D

NEW QUESTION 19
Traceroute is a computer network diagnostic tool for displaying the route (path) and measuring transit delays of packets across an Internet Protocol (IP) network. It sends a sequence of three Internet Control Message Protocol (ICMP) echo request packets addressed to a destination host.
The time-to-live (TTL) value, also known as hop limit, is used in determining the intermediate routers being traversed towards the destination.

During routing, each router reduces packets' TTL value by

• A. 3
• B. 1
• C. 4
• D. 2

Answer: B

Explanation:
Reference: http://www.packetu.com/2009/10/09/traceroute-through-the-asa/

NEW QUESTION 20
Port numbers are used to keep track of different conversations crossing the network at the same time. Both TCP and UDP use port (socket) numbers to pass information to the upper
layers. Port numbers have the assigned ranges. The port numbers above 1024 are considered as which one of the following? (Select all that apply)

• A. Well-known port numbers
• B. Dynamically assigned port numbers
• C. Unregistered port numbers
• D. Statically assigned port numbers

Answer: B

NEW QUESTION 21
Identify the person who will lead the penetration-testing project and be the client point of contact.

• A. Database Penetration Tester
• B. Policy Penetration Tester
• C. Chief Penetration Tester
• D. Application Penetration Tester

Answer: C

Explanation:
Reference: http://www.scribd.com/doc/133635286/LPTv4-Module-15-Pre-Penetration-Testing-Checklist-NoRestriction (page 15)

NEW QUESTION 22
Which of the following statement holds true for TCP Operation?

• A. Port numbers are used to know which application the receiving host should pass the data to
• B. Sequence numbers are used to track the number of packets lost in transmission
• C. Flow control shows the trend of a transmitting host overflowing the buffers in the receiving host
• D. Data transfer begins even before the connection is established

Answer: D

NEW QUESTION 23
DNS information records provide important data about:

• A. Phone and Fax Numbers
• B. Location and Type of Servers
• C. Agents Providing Service to Company Staff
• D. New Customer

Answer: B

NEW QUESTION 24
Which one of the following architectures has the drawback of internally considering the hosted services individually?

• A. Weak Screened Subnet Architecture
• B. "Inside Versus Outside" Architecture
• C. "Three-Homed Firewall" DMZ Architecture
• D. Strong Screened-Subnet Architecture

Answer: C

NEW QUESTION 25
Which of the following is an ARP cache poisoning technique aimed at network switches?

• A. Replay Attack
• B. Mac Flooding
• C. Man-in-the Middle Attack
• D. DNS Poisoning

Answer: B

Explanation:
Reference: http://www.watchguard.com/infocenter/editorial/135324.asp (see mac flooding)

NEW QUESTION 26
What sort of vulnerability assessment approach starts by building an inventory of protocols found on the machine?

• A. Inference-based Assessment
• B. Service-based Assessment Solutions
• C. Product-based Assessment Solutions
• D. Tree-based Assessment

Answer: A

Explanation:
Reference: http://www.businessweek.com/adsections/2005/pdf/wp_mva.pdf (page 26, first para on the page)

NEW QUESTION 27
......