Spring Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = getmirror

Home
ECCouncil
ECSA
EC0-479
EC-Council Certified Security Analyst (ECSA) Questions and Answers

Pass the ECCouncil ECSA EC0-479 Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.

Exam EC0-479 Premium Access

View all detail and faqs for the EC0-479 exam

Go to Exam

824 Students Passed

86% Average Score

95% Same Questions

Viewing page 4 out of 7 pages

Viewing questions 31-40 out of questions

Questions # 31:

How many bits is Source Port Number in TCP Header packet?

Options:

Answer

Questions # 32:

If an attacker's computer sends an IPID of 31400 to a zombie computer on an open port in IDLE scanning, what will be the response?

Options:

31401

The zombie will not send a response

31402

31399

Answer

Questions # 33:

An "idle" system is also referred to as what?

Options:

PC not being used

PC not connected to the Internet

Bot

Zombie

Answer

Questions # 34:

Why is it a good idea to perform a penetration test from the inside?

Options:

It is easier to hack from the inside

It is never a good idea to perform a penetration test from the inside

To attack a network from a hacker's perspective

Because 70% of attacks are from inside the organization

Answer

Questions # 35:

After passing her CEH exam, Carol wants to ensure that her network is completely secure. She implements a DMZ, statefull firewall, NAT, IPSEC, and a packet filtering firewall. Since all security measures were taken, none of the hosts on her network can reach the Internet. Why is that?

Options:

IPSEC does not work with packet filtering firewalls

NAT does not work with IPSEC

NAT does not work with statefull firewalls

Statefull firewalls do not work with packet filtering firewalls

Answer

Questions # 36:

Your company uses Cisco routers exclusively throughout the network. After securing the routers to the best of your knowledge, an outside security firm is brought in to assess the network security. Although they found very few issues, they were able to enumerate the model, OS version, and capabilities for all your Cisco routers with very little effort. Which feature will you disable to eliminate the ability to enumerate this information on your Cisco routers?

Options:

Simple Network Management Protocol

Broadcast System Protocol

Cisco Discovery Protocol

Border Gateway Protocol

Answer

Questions # 37:

Jonathan is a network administrator who is currently testing the internal security of his network. He is attempting to hijack a session, using Ettercap, of a user connected to his Web server. Why will Jonathan not succeed?

Options:

Only an HTTPS session can be hijacked

Only DNS traffic can be hijacked

Only FTP traffic can be hijacked

HTTP protocol does not maintain session

Answer

Questions # 38:

You are assisting a Department of Defense contract company to become compliant with the stringent security policies set by the DoD. One such strict rule is that firewalls must only allow incoming connections that were first initiated by internal computers. What type of firewall must you implement to abide by this policy?

Options:

Circuit-level proxy firewall

Packet filtering firewall

Application-level proxy firewall

Statefull firewall

Answer

Questions # 39:

On Linux/Unix based Web servers, what privilege should the daemon service be run under?

Options:

Guest

You cannot determine what privilege runs the daemon service

Root

Something other than root

Answer

Questions # 40:

You have compromised a lower-level administrator account on an Active Directory network of a small company in Dallas, Texas. You discover Domain Controllers through enumeration. You connect to one of the Domain Controllers on port 389 using ldp.exe. What are you trying to accomplish here?