Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 412-79V9

EC-Council 412-79V9 Exam Questions
EC-Council Certified Security Analyst (ECSA) v9 (Page 6 )

Updated On: 16-Feb-2026
Page 6 of 42
PDF with 203 Questions

Which of the following protocol's traffic is captured by using the filter tcp.port==3389 in the Wireshark tool?

  1. Reverse Gossip Transport Protocol (RGTP)
  2. Real-time Transport Protocol (RTP)
  3. Remote Desktop Protocol (RDP)
  4. Session Initiation Protocol (SIP)

Answer(s): C


Reference:

http://wiki.wireshark.org/RDP



Which among the following information is not furnished by the Rules of Engagement (ROE) document?

  1. Techniques for data collection from systems upon termination of the test
  2. Techniques for data exclusion from systems upon termination of the test
  3. Details on how data should be transmitted during and after the test
  4. Details on how organizational data is treated throughout and after the test

Answer(s): A



Metasploit framework in an open source platform for vulnerability research, development, and penetration testing. Which one of the following metasploit options is used to exploit multiple systems at once?

  1. NinjaDontKill
  2. NinjaHost
  3. RandomNops
  4. EnablePython

Answer(s): A



Which one of the following acts makes reputational risk of poor security a reality because it requires public disclosure of any security breach that involves personal information if it is unencrypted or if it is reasonably believed that the information has been acquired by an unauthorized person?

  1. California SB 1386
  2. Sarbanes-Oxley 2002
  3. Gramm-Leach-Bliley Act (GLBA)
  4. USA Patriot Act 2001

Answer(s): A



Black-box testing is a method of software testing that examines the functionality of an application (e.g. what the software does) without peering into its internal structures or workings. Black-box testing is used to detect issues in SQL statements and to detect SQL injection vulnerabilities.



Most commonly, SQL injection vulnerabilities are a result of coding vulnerabilities during the Implementation/Development phase and will likely require code changes.
Pen testers need to perform this testing during the development phase to find and fix the SQL injection vulnerability.
What can a pen tester do to detect input sanitization issues?

  1. Send single quotes as the input data to catch instances where the user input is not sanitized
  2. Send double quotes as the input data to catch instances where the user input is not sanitized
  3. Send long strings of junk data, just as you would send strings to detect buffer overruns
  4. Use a right square bracket (the "]" character) as the input data to catch instances where the user input is used as part of a SQL identifier without any input sanitization

Answer(s): D






Post your Comments and Discuss EC-Council 412-79V9 exam dumps with other Community members:

Join the 412-79V9 Discussion