ECCouncil 412-79v8 Certified Security Analyst (ECSA) Exam

Sample Questions

Q) Which of the following techniques to crack passwords is used when the attacker has some information about password?

a) hybrid Attack

b) Dictionary Attack

c) syllable of Attack

d) Attack-based rules

Q) Which of the following is an application alert returned by a web application that helps an attacker guessing a valid username?

a) Invalid username or password

b) account user name was not found

c) wrong password

d) Username or password is incorrect

Q) A tester pen has extracted a database name, using a blind SQL injection. Now he begins to test the table within the database using the query below and find the table: What is the name of the table?

a) CTS

b) QRT

c) EMP

d) ABC

Q) When you run a vulnerability scan on a network IDS and cut off your connection, what kind of IDS is used?

a) Passive IDS

b) IDS active

c) progressive IDS

d) NIPS

Q) HTTP protocol specifies that arbitrary binary characters can be passed with the URL using% xx notation, where 'xx' is the

a) The ASCII value of the character

b) Font Binary Value

c) decimal character value

d) hexadecimal value of the character