412-79V10 Exam Questions

What is the difference between host-based intrusion detection systems (HIDS) and network-based intrusion detection systems (NIDS)?

A chip-set is a group of integrated circuits that are designed to work together and are usually marketed as a single product." It is generally the motherboard chips or (the logic g...

In the process of hacking a web application, attackers manipulate the HTTP requests to subvert the application authorization schemes by modifying input fields and parameters that a...

Which of the following IDS evasion techniques does IDS reject the packets that an end system accepts?

Besides the policy implications of chat rooms, Internet Relay Chat (IRC) is frequented by attackers and used as a command and control mechanism. IRC normally uses which one of the...

Internet Control Message Protocol (ICMP) messages occur in many situations, such as whenever a datagram cannot reach the destination or the gateway does not have the buffering capa...

John and Hillary works at the same department in the company. John wants to find out Hillary's network password so he can take a look at her documents on the network. He decides to...

Harold is a security analyst who has just run the rdisk /s command to grab the backup SAM file on a computer. Where should Harold navigate on the computer to find the file?

Which of the following log analysis tools is a Cisco Router Log Format log analyzer and it parses logs, imports them into a SQL database (or its own built-in database), aggregates...

Identify the policy that defines the standards for the organizational network connectivity and security standards for computers that are connected in the organization's network?

System/service FTP server listens on UDP port 69. Which of the following utility reports the port status of target TCP and UDP ports on a local or a remote computer and is used to...

Traffic on which port is unusual for both the TCP and UDP ports?

Identify the type of testing that is carried out without giving any information to the employees or administrative head of the organization.

Identify the person who will lead the penetration-testing project and be the client point of contact.

ARP spoofing is a technique whereby an attacker sends fake ("spoofed") Address Resolution Protocol (ARP) messages onto a Local Area Network. Generally, the attacker spoofs the MAC...

Which of the following password hashing algorithms is used in the NTLMv2 authentication mechanism?

Which of the following will not handle routing protocols properly?

TCP/IP provides a broad range of communication protocols for the various applications on the network. The TCP/IP model has four layers with major protocols included with each layer...

What is the maximum value of a "tinyint" field in most database systems?

After passing her CEH exam, Carol wants to ensure that her network is completely secure. She implements a DMZ, statefull firewall, NAT, IPSEC, and a packet filtering firewall. Sinc...

What are the 6 core concepts in IT security?

What are the scanning techniques that are used to bypass firewall rules and logging mechanisms and disguise themselves as usual network traffic?

What is the difference between penetration testing and vulnerability testing?

Which of the following defines the details of services to be provided for the client's organization and the list of services required for performing the test in the organization?

You are a security analyst working for a private company out of France. Your current assignment is to obtain credit card information from a Swiss bank owned by that company. You ha...

Which of the following attributes has a LM and NTLMv1 value as 64bit + 64bit + 64bit and NTLMv2 value as 128 bits?

When you are running a vulnerability scan on a network and the IDS cuts off your connection, what type of IDS is being used?

Which of the following acts makes reputational risk of poor security a reality because it requires public disclosure of any security breach that involves personal information if it...

A wireless intrusion detection system (WIDS) monitors the radio spectrum for the presence of unauthorized, rogue access points and the use of wireless attack tools. The system moni...

Which is the first step in preparing a Rules of Engagement (ROE) document?

When setting up a wireless network with multiple access points, why is it important to set each access point on a different channel?

Which of the following is developed to address security concerns on time and reduce the misuse or threat of attacks in an organization?

Which one of the following log analysis tools is used for analyzing the server's log files?

Which one of the following attacks does a hacker perform in order to obtain UDDI information such as businessEntity, businessService, bindingTemplate, and tModel?

Which one of the following Snort logger mode commands is associated to run a binary log file through Snort in sniffer mode to dump the packets to the screen?

Which of the following approaches to vulnerability assessment relies on the administrator providing baseline of system configuration and then scanning continuously without incorpor...

You work in multiple offices of your company. Your SNMP software manager is not receiving data from other offices like it is for your main office. You suspect that firewall changes...

Choose the correct option to define the Prefix Length.

Security auditors determine the use of WAPs on their networks with Nessus vulnerability scanner which identifies the commonly used WAPs. This information is not always accurate eno...

You work as an IT security auditor hired by a law firm in Boston to test whether you can gain access to sensitive information about the company clients. You have successfully found...

Identify the correct formula for Return on Investment (ROI).

What is the biggest source of data leaks in organizations today?

Which of the following is a command line tool used for capturing data from the live network and copying those packets to a file?

Which of the following reports provides a summary of the complete pen testing process, its outcomes, and recommendations?

Penetration testing engagement (ROE) is the formal permission to conduct a pen-test. It provides top-level guidance for conducting the penetration testing. Various factors are cons...

Which is a security method to prevent unauthorized users from "tailgating"?

Which of the following device that is designed to transmit and receive the electromagnetic waves that are generally called radio waves. Which one of the following types of antenna...

Software firewalls work at which layer of the OSI model?

If a web application sends HTTP cookies as its method for transmitting session tokens, it may be vulnerable which of the following attacks?

How many bits is Source Port Number in TCP Header packet?