412-79v10 Dumps, 412-79v10 PDF Dumps, 412-79v10 VCE Dumps, EC-Council

(December-2019-New)Braindump2go 412-79v10 PDF and 412-79v10 VCE Dumps Free Share

December/2019 Braindump2go 412-79v10 Dumps with PDF and VCE New Updated Today! Following are some new 412-79v10 Exam Questions,

New Question
The penetration testers are required to follow predefined standard frameworks in making penetration testing reporting formats. Which of the following standards does NOT follow the commonly used methodologies in penetration testing?

A. National Institute of Standards and Technology (NIST)
B. Information Systems Security Assessment Framework (ISSAF)
C. Open Web Application Security Project (OWASP)
D. American Society for Testing Materials (ASTM)

Correct Answer: D

New Question
You have implemented DNSSEC on your primary internal DNS server to protect it from various DNS attacks. Network users complained they are not able to resolve domain names to IP addresses at certain times.
What could be the probable reason?

A. DNSSEC does not provide protection against Denial of Service (DoS) attacks
B. DNSSEC does not guarantee authenticity of a DNS response during an attack
C. DNSSEC does not protect the integrity of a DNS response
D. DNSSEC does not guarantee the non-existence of a domain name or type

Correct Answer: A

New Question
Ross performs security test on his company’s network assets and creates a detailed report of all the findings. In his report, he clearly explains the methodological approach that he has followed in finding the loopholes in the network. However, his report does not mention about the security gaps that can be exploited or the amount of damage that may result from the successful exploitation of the loopholes. The report does not even mention about the remediation steps that are to be taken to secure the network.
What is the type of test that Ross has performed?

A. Penetration testing
B. Vulnerability assessment
C. Risk assessment
D. Security audit

Correct Answer: B

New Question
JUA Networking Solutions is a group of certified ethical hacking professionals with a large client base. Stanley works as a penetrating tester at this firm. Future group approached JUA for an internal pen test. Stanley performs various penetration testing test sequences and gains information about the network resources and shares, routing tables, audit and service settings, SNMP and DNS details, machine names, users and groups, applications and banners.
Identify the technique that gave Stanley this information.

A. Enumeration
B. Sniffing
C. Ping sweeps
D. Port scanning

Correct Answer: A

New Question
Frank is a senior security analyst at Roger Data Systems Inc. The company asked him to perform a database penetration test on its client network to determine whether the database is vulnerable to attacks or not. The client did not reveal any information about the database they are using. As a pen tester Frank knows that each database runs on its own default port. So he started database port scanning using the Nmap tool and tried different commands using default port numbers and succeeded with the following command.
nmap -sU p 1521 <client ip-address> Identify the database used by the company?

A. MySQL
B. Microsoft SQL Server
C. SQLite
D. Oracle

Correct Answer: D

New Question
William, a penetration tester in a pen test firm, was asked to get the information about the SMTP server on a target network. What does William need to do to get the SMTP server information?

A. Send an email message to a non-existing user of the target organization and check for bounced mail header
B. Examine the session variables
C. Examine TCP sequence numbers
D. Look for information available in web page source code

Correct Answer: A

New Question
James is a security consultant at Big Frog Software Pvt Ltd. He is an expert in Footprinting and Social engineering tasks. His team lead tasked him to find details about the target through passive reconnaissance. James used websites to check the link popularity of the client’s domain name.
What information does the link popularity provide?

A. Information about the network resources
B. Information about visitors, their geolocations, etc.
C. Information about the server and its infrastructure
D. Information about the partner of the organization

Correct Answer: D

New Question
Nick is a penetration tester in Stanbiz Ltd. As a part of his duty, he was analyzing the network traffic by using various filters in the Wireshark tool. While sniffing the network traffic, he used “tcp.port==1433” Wireshark filter for acquiring a specific database related information since port number 1433 is the default port of that specific target database.
Which of the following databases Nick is targeting in his test?

A. PostgreSQL

B. Oracle
C. MySQL
D. Microsoft SQL Server

Correct Answer: D

New Question
You are enumerating a target system. Which of the following PortQry commands will give a result similar to the screenshot below:

A. portqry -n myserver -p udp -e 389
B. portqry -n myserver -p udp -e 123
C. portqry -n myserver -p TCP -e 389
D. portqry -n myserver -p TCP -e 123

Correct Answer: C

New Question
Sam is a penetration tester and network admin at McLaren & McLaren, based out of Washington. The company has recently deployed IPv6 in their network. Sam found problems with the protocol implementation and tried to redeploy IPv6 over IPv4. This time, he used the tunneling mechanism while deploying the IPv6 network.
How does the tunneling mechanism work?

A. It encapsulates IPv6 packets in IPv4 packets
B. It transfers IPv4 first and the IPv6
C. It splits the IPv4 packets and provides a way to IPv6
D. It replaces IPv4 with IPv6

Correct Answer: A

New Question
Dale is a network admin working in Zero Faults Inc. Recently the company’s network was compromised and is experiencing very unusual traffic. Dale checks for the problem that compromised the network. He performed a penetration test on the network’s IDS and identified that an attacker sent spoofed packets to a broadcast address in the network.
Which of the following attacks compromised the network?

A. ARP Spoofing
B. Amplification attack
C. MAC Spoofing
D. Session hijacking

Correct Answer: B

1.|2019 Latest Braindump2go 412-79v10 Exam Dumps (VCE & PDF) Instant Download:

https://www.braindump2go.com/412-79v10.html

2.|2019 Latest Braindump2go 412-79v10 Exam Questions & Answers Instant Download:

https://drive.google.com/drive/folders/1MQfh16cDniNa8TQ-HmspgPr5qBRpaMPm?usp=sharing