Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 412-79V9

EC-Council 412-79V9 Exam Questions
EC-Council Certified Security Analyst (ECSA) v9 (Page 11 )

Updated On: 17-Feb-2026
Page 8 of 42
PDF with 203 Questions

A Blind SQL injection is a type of SQL Injection attack that asks the database true or false questions and determines the answer based on the application response. This attack is often used when the web application is configured to show generic error messages, but has not mitigated the code that is vulnerable to SQL injection.



It is performed when an error message is not received from application while trying to exploit SQL vulnerabilities. The developer's specific message is displayed instead of an error message. So it is quite difficult to find SQL vulnerability in such cases.
A pen tester is trying to extract the database name by using a blind SQL injection. He tests the database using the below query and finally finds the database name.
http://juggyboy.com/page.aspx?id=1; IF (LEN(DB_NAME())=4) WAITFOR DELAY '00:00:10'--
http://juggyboy.com/page.aspx?id=1; IF (ASCII(lower(substring((DB_NAME()), 1, 1)))=97) WAITFOR DELAY '00:00:10'--
http://juggyboy.com/page.aspx?id=1; IF (ASCII(lower(substring((DB_NAME()), 2, 1)))=98) WAITFOR DELAY '00:00:10'--
http://juggyboy.com/page.aspx?id=1; IF (ASCII(lower(substring((DB_NAME()), 3, 1)))=99)
WAITFOR DELAY '00:00:10'--
http://juggyboy.com/page.aspx?id=1; IF (ASCII(lower(substring((DB_NAME()), 4, 1)))=100) WAITFOR DELAY '00:00:10'--
What is the database name?

  1. WXYZ
  2. PQRS
  3. EFGH
  4. ABCD

Answer(s): D


Reference:

http://www.scribd.com/doc/184891028/CEHv8-Module-14-SQL-Injection-pdf (see module 14, page 2049 to 2051)



A WHERE clause in SQL specifies that a SQL Data Manipulation Language (DML) statement should only affect rows that meet specified criteria. The criteria are expressed in the form of predicates. WHERE clauses are not mandatory clauses of SQL DML statements, but can be used to limit the number of rows affected by a SQL DML statement or returned by a query.



A pen tester is trying to gain access to a database by inserting exploited query statements with a WHERE clause. The pen tester wants to retrieve all the entries from the database using the WHERE clause from a particular table (e.g. StudentTable).
What query does he need to write to retrieve the information?

  1. EXTRACT* FROM StudentTable WHERE roll_number = 1 order by 1000
  2. DUMP * FROM StudentTable WHERE roll_number = 1 AND 1=1--
  3. SELECT * FROM StudentTable WHERE roll_number = '' or '1' = '1`
  4. RETRIVE * FROM StudentTable WHERE roll_number = 1'#

Answer(s): C



Identify the person who will lead the penetration-testing project and be the client point of contact.

  1. Database Penetration Tester
  2. Policy Penetration Tester
  3. Chief Penetration Tester
  4. Application Penetration Tester

Answer(s): C


Reference:

http://www.scribd.com/doc/133635286/LPTv4-Module-15-Pre-Penetration- Testing-Checklist-NoRestriction (page 15)



Logs are the record of the system and network activities. Syslog protocol is used for delivering log information across an IP network. Syslog messages can be sent via which one of the following?

  1. UDP and TCP
  2. TCP and SMTP
  3. SMTP
  4. UDP and SMTP

Answer(s): A



The IP protocol was designed for use on a wide variety of transmission links. Although the maximum length of an IP datagram is 64K, most transmission links enforce a smaller maximum packet length limit, called a MTU.
The value of the MTU depends on the type of the transmission link. The design of IP accommodates MTU differences by allowing routers to fragment IP datagrams as necessary. The receiving station is responsible for reassembling the fragments back into the original full size IP datagram.
IP fragmentation involves breaking a datagram into a number of pieces that can be reassembled later. The IP source, destination, identification, total length, and fragment offset fields in the IP header, are used for IP fragmentation and reassembly.



The fragment offset is 13 bits and indicates where a fragment belongs in the original IP datagram. This value is a:

  1. Multiple of four bytes
  2. Multiple of two bytes
  3. Multiple of eight bytes
  4. Multiple of six bytes

Answer(s): C


Reference:

http://www.freesoft.org/CIE/Course/Section3/7.htm (fragment offset: 13 bits)






Post your Comments and Discuss EC-Council 412-79V9 exam dumps with other Community members:

Join the 412-79V9 Discussion