← Back to exam page

412-79v8 EC-Council Certified Security Analyst

Loading demo links...

Showing 7–9 of 10 questions

Question 7

Hackers today have an ever-increasing list of weaknesses in the web application structure at their disposal, which they can exploit to accomplish a wide variety of malicious tasks.

New flaws in web application security measures are constantly being researched, both by hackers and by security professionals. Most of these flaws affect all dynamic web applications whilst others are dependent on specific application technologies. In both cases, one may observe how the evolution and refinement of web technologies also brings about new exploits which compromise sensitive databases, provide access to theoretically secure networks, and pose a threat to the daily operation of online businesses.

What is the biggest threat to Web 2.0 technologies?

Select an option, then click Submit answer.

  • SQL Injection Attacks

  • Service Level Configuration Attacks

  • Inside Attacks

  • URL Tampering Attacks
Question 8

Which of the following defines the details of services to be provided for the client’s organization and the list of services required for performing the test in the organization?

Select an option, then click Submit answer.

  • Draft

  • Report

  • Requirement list

  • Quotation
Question 9

Passwords protect computer resources and files from unauthorized access by malicious users. Using passwords is the most capable and effective way to protect information and to increase the security level of a company.

Password cracking is the process of recovering passwords from data that have been stored in or transmitted by a computer system to gain unauthorized access to a system.

Which of the following password cracking attacks tries every combination of characters until the password is broken?

Select an option, then click Submit answer.

  • Brute-force attack

  • Rule-based attack

  • Hybrid attack

  • Dictionary attack