Online Access Free 412-79 Exam Questions

This is a group of people hired to give details of the vulnerabilities present in the system found after a penetration test. They are elite and extremely competent penetration testers and intrusion analysts. This team prepares a report on the vulnerabilities in the system, attack methods, and how to defend against them.

What is this team called?

• A.Lion team
• B.Blue team
• C.Tiger team
• D.Gorilla team

Identify the transition mechanism to deploy IPv6 on the IPv4 network from the following diagram.

• A.Translation
• B.Dual Stacks
• C.Encapsulation
• D.Tunneling

SQL injection attack consists of insertion or "injection" of either a partial or complete SQL query via the data input or transmitted from the client (browser) to the web application.
A successful SQL injection attack can:
i)Read sensitive data from the database
iii)Modify database data (insert/update/delete)
iii)Execute administration operations on the database (such as shutdown the DBMS) iV)Recover the content of a given file existing on the DBMS file system or write files into the file system v)Issue commands to the operating system

Pen tester needs to perform various tests to detect SQL injection vulnerability. He has to make a list of all input fields whose values could be used in crafting a SQL query, including the hidden fields of POST requests and then test them separately, trying to interfere with the query and to generate an error.
In which of the following tests is the source code of the application tested in a non-runtime environment to detect the SQL injection vulnerabilities?

• A.Automated Testing
• B.Function Testing
• C.Dynamic Testing
• D.Static Testing

Wireless communication allows networks to extend to places that might otherwise go untouched by the wired networks.
When most people say 'Wireless' these days, they are referring to one of the 802.11 standards.
There are three main 802.11 standards: B, A, and G.
Which one of the following 802.11 types uses DSSS Modulation, splitting the 2.4ghz band into channels?

• A.802.11-Legacy
• B.802.11g
• C.802.11b
• D.802.11n

Information gathering is performed to:
i) Collect basic information about the target company and its network
ii) Determine the operating system used, platforms running, web server versions, etc.
iii) Find vulnerabilities and exploits

Which of the following pen testing tests yields information about a company's technology infrastructure?

• A.Searching for trade association directories
• B.Analyzing the link popularity of the company's website
• C.Searching for web page posting patterns
• D.Searching for a company's job postings