EC-COUNCIL EC-Council Certified Security Analyst (ECSA) v9 - 412-79v9 FREE EXAM DUMPS QUESTIONS & ANSWERS

A WHERE clause in SQL specifies that a SQL Data Manipulation Language (DML) statement should only affect rows that meet specified criteria. The criteria are expressed in the form of predicates. WHERE clauses are not mandatory clauses of SQL DML statements, but can be used to limit the number of rows affected by a SQL DML statement or returned by a query.

A pen tester is trying to gain access to a database by inserting exploited query statements with a WHERE clause. The pen tester wants to retrieve all the entries from the database using the WHERE clause from a particular table (e.g. StudentTable).
What query does he need to write to retrieve the information?
Correct Answer: A Vote an answer
Which of the following will not handle routing protocols properly?
Correct Answer: C Vote an answer
Information gathering is performed to:
i) Collect basic information about the target company and its network
ii) Determine the operating system used, platforms running, web server versions, etc.
iii) Find vulnerabilities and exploits

Which of the following pen testing tests yields information about a company's technology infrastructure?
Correct Answer: C Vote an answer
Rules of Engagement (ROE) document provides certain rights and restriction to the test team for performing the test and helps testers to overcome legal, federal, and policy-related restrictions to use different penetration testing tools and techniques.

What is the last step in preparing a Rules of Engagement (ROE) document?
Correct Answer: C Vote an answer
Which of the following is a framework of open standards developed by the Internet
Engineering Task Force (IETF) that provides secure transmission of the sensitive data over an unprotected medium, such as the Internet?
Correct Answer: B Vote an answer
Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).
In which of the following firewalls are the incoming or outgoing packets blocked from accessing services for which there is no proxy?
Correct Answer: B Vote an answer
Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).
The first phase of the penetration testing plan is to develop the scope of the project in consultation with the client. Pen testing test components depend on the client's operating environment, threat perception, security and compliance requirements, ROE, and budget.
Various components need to be considered for testing while developing the scope of the project.

Which of the following is NOT a pen testing component to be tested?
Correct Answer: B Vote an answer
Which of the following pen testing reports provides detailed information about all the tasks performed during penetration testing?
Correct Answer: D Vote an answer
Attackers create secret accounts and gain illegal access to resources using backdoor while bypassing the authentication procedures. Creating a backdoor is a where an attacker obtains remote access to a computer on a network.

Which of the following techniques do attackers use to create backdoors to covertly gather critical information about a target machine?
Correct Answer: D Vote an answer
0
0
0
10