Spring Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

Login / Register

EC-Council Certified Security Analyst (ECSA)

Last Update 12 hours ago Total Questions : 232

The EC-Council Certified Security Analyst (ECSA) content is now fully updated, with all current exam questions added 12 hours ago. Deciding to include 412-79 practice exam questions in your study plan goes far beyond basic test preparation.

You'll find that our 412-79 exam questions frequently feature detailed scenarios and practical problem-solving exercises that directly mirror industry challenges. Engaging with these 412-79 sample sets allows you to effectively manage your time and pace yourself, giving you the ability to finish any EC-Council Certified Security Analyst (ECSA) practice test comfortably within the allotted time.

Question # 11

What is the following command trying to accomplish?

A.

Verify that NETBIOS is running for the 192.168.0.0 network

B.

Verify that TCP port 445 is open for the 192.168.0.0 network

C.

Verify that UDP port 445 is open for the 192.168.0.0 network

D.

Verify that UDP port 445 is closed for the 192.168.0.0 network

Question # 12

After passing her CEH exam, Carol wants to ensure that her network is completely secure. She implements a DMZ, statefull firewall, NAT, IPSEC, and a packet filtering firewall. Since all security measures were taken, none of the hosts on her network can reach the Internet. Why is that?

A.

IPSEC does not work with packet filtering firewalls

B.

NAT does not work with IPSEC

C.

NAT does not work with statefull firewalls

D.

Statefull firewalls do not work with packet filtering firewalls

Question # 13

Your company ' s network just finished going through a SAS 70 audit. This audit reported that overall, your network is secure, but there are some areas that needs improvement. The major area was SNMP security. The audit company recommended turning off SNMP, but that is not an option since you have so many remote nodes to keep track of. What step could you take to help secure SNMP on your network?

A.

Change the default community string names

B.

Block all internal MAC address from using SNMP

C.

Block access to UDP port 171

D.

Block access to TCP port 171

Question # 14

To preserve digital evidence, an investigator should ____________________

A.

Make tow copies of each evidence item using a single imaging tool

B.

Make a single copy of each evidence item using an approved imaging tool

C.

Make two copies of each evidence item using different imaging tools

D.

Only store the original evidence item

Question # 15

A law enforcement officer may only search for and seize criminal evidence with _____________, which are facts or circumstances that would lead a reasonable person to believe a crime has been committed or is about to be committed, evidence of the specific crime exists and the evidence of the specific crime exists at the place to be searcheD.

A.

Mere Suspicion

B.

A preponderance of the evidence

C.

Probable cause

D.

Beyond a reasonable doubt

Question # 16

Diskcopy is:

A.

a utility byAccessData

B.

a standard MS-DOS command

C.

Digital Intelligence utility

D.

dd copying tool

Question # 17

This organization maintains a database of hash signatures for known software:

A.

International Standards Organization

B.

Institute of Electrical and Electronics Engineers

C.

National Software Reference Library

D.

American National standards Institute

Question # 18

Profiling is a forensics technique for analyzing evidence with the goal of identifying the perpetrator from their various activity. After a computer has been compromised by a hacker, which of the following would be most important in forming a profile of the incident?

A.

The manufacturer of the system compromised

B.

The logic, formatting and elegance of the code used in the attack

C.

The nature of the attack

D.

The vulnerability exploited in the incident

Question # 19

When investigating a Windows System, it is important to view the contents of the page or swap file because:

A.

Windows stores all of the systems configuration information in this file

B.

This is file that windows use to communicate directly with Registry

C.

A Large volume of data can exist within the swap file of which the computer user has no knowledge

D.

This is the file that windows use to store the history of the last 100 commands that were run from the command line

Question # 20

The use of warning banners helps a company avoid litigation by overcoming an employees assumed

____________ When connecting to the company‟s intranet, network or Virtual Private Network(VPN) and will allow the company‟s investigators to monitor, search and retrieve information stored within the network.

A.

Right to work

B.

Right of free speech

C.

Right to Internet Access

D.

Right of Privacy

Go to page:
412-79 PDF + Testing Engine
220-1201 pdf + testing engine
$154.49
$46.35 
220-1201 pdf + testing engine
  • Last Update: May 11, 2026
  • 232 Questions and Answers
  • Single Choice: 228 Q&A's
  • Multiple Choice: 4 Q&A's
 Add to Cart    View Detail

Related ECCouncil Certification Exams

ECCouncil CAIPM
ECCouncil 112-57
ECCouncil 312-49v11
ECCouncil 312-97
ECCouncil 312-50v13
ECCouncil 312-82
ECCouncil ICS-SCADA
ECCouncil 312-40
ECCouncil 112-51
ECCouncil 312-96
ECCouncil 212-82
ECCouncil 312-50v12

New Release

NCP-OUSD Exam Questions
IdentityIQ-Associate Exam Questions
M92 Exam Questions
ISO-IEC-27002-Foundation Exam Questions
NCP-AAI Exam Questions
VNX301 Exam Questions
AI-901 Exam Questions
Als-Con-201 Exam Questions
App-Development-with-Swift-Certified-User Exam Questions
CAIPM Exam Questions
CPCM Exam Questions
RCA Exam Questions
I27001F Exam Questions
FlashArray-Storage-Professional Exam Questions
API-SIEE Exam Questions