PrepAway - Latest Free Exam Questions & Answers

Category: 412-79 (v.1)

Exam 412-79: EC-Council Certified Security Analyst (ECSA) (update September 4th, 2014)

What kind of results did Jim receive from his vulnerability analysis?

Jim performed a vulnerability analysis on his network and found no potential problems. He runs
another utility that executes exploits against his system to verify the results of the vulnerability test.
The second utility executes five known exploits against his network in which the vulnerability
analysis said were not exploitable. What kind of results did Jim receive from his vulnerability
analysis?

What tool should you use?

You work as an IT security auditor hired by a law firm in Boston to test whether you can gain
access to sensitive information about the company clients. You have rummaged through their
trash and found very little information. You do not want to set off any alarms on their network, so
you plan on performing passive footprinting against their Web servers. What tool should you use?

Why will this not be viable?

Jason has set up a honeypot environment by creating a DMZ that has no physical or logical
access to his production network. In this honeypot, he has placed a server running Windows
Active Directory. He has also placed a Web server in the DMZ that services a number of web
pages that offer visitors a chance to download sensitive information by clicking on a button. A
week later, Jason finds in his network logs how an intruder accessed the honeypot and
downloaded sensitive information. Jason uses the logs to try and prosecute the intruder for
stealing sensitive corporate information. Why will this not be viable?


Page 3 of 2212345...1020...Last »