New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free and Premium ECCouncil ECSAv10 Dumps Questions Answers

Page: 1 / 8
Total 201 questions

EC-Council Certified Security Analyst (ECSA) v10 : Penetration Testing Questions and Answers

Question 1

A pen tester has extracted a database name by using a blind SQL injection. Now he begins to test the table inside the database using the below query and finds the table:

IF (LEN(SELECT TOP 1 NAME from sysobjects where xtype='U')=3) WAITFOR DELAY '00:00:10'--

spx?id=1; IF (ASCII(lower(substring((SELECT TOP 1 NAME from sysobjects where xtype=char(85)),1,1)))=101) WAITFOR DELAY '00:00:10'--

IF (ASCII(lower(substring((SELECT TOP 1 NAME from sysobjects where xtype=char(85)),2,1)))=109) WAITFOR DELAY '00:00:10'--

IF (ASCII(lower(substring((SELECT TOP 1 NAME from sysobjects where xtype=char(85)),3,1)))=112) WAITFOR DELAY '00:00:10'—

What is the table name?

Options:

A.

CTS

B.

QRT

C.

EMP

D.

ABC

Buy Now
Question 2

Identify the person who will lead the penetration-testing project and be the client point of contact.

Options:

A.

Database Penetration Tester

B.

Policy Penetration Tester

C.

Chief Penetration Tester

D.

Application Penetration Tester

Question 3

What is a good security method to prevent unauthorized users from "tailgating"?

Options:

A.

Electronic key systems

B.

Man trap

C.

Pick-resistant locks

D.

Electronic combination locks

Question 4

The first phase of the penetration testing plan is to develop the scope of the project in consultation with the client. Pen testing test components depend on the client’s operating environment, threat perception, security and compliance requirements, ROE, and budget.

Various components need to be considered for testing while developing the scope of the project.

Which of the following is NOT a pen testing component to be tested?

Options:

A.

System Software Security

B.

Intrusion Detection

C.

Outside Accomplices

D.

Inside Accomplices

Question 5

Identify the type of authentication mechanism represented below:

Options:

A.

NTLMv1

B.

NTLMv2

C.

LAN Manager Hash

D.

Kerberos

Question 6

Frank is working on a vulnerability assessment for a company on the West coast. The company hired Frank to assess its network security through scanning, pen tests, and vulnerability assessments. After discovering numerous known vulnerabilities detected by a temporary IDS he set up, he notices a number of items that show up as unknown but questionable in the logs. 

He looks up the behavior on the Internet, but cannot find anything related. What organization should Frank submit the log to find out if it is a new vulnerability or not?

Options:

A.

CVE

B.

IANA

C.

RIPE

D.

APIPA

Question 7

What does ICMP Type 3/Code 13 mean?

Options:

A.

Host Unreachable

B.

Port Unreachable

C.

Protocol Unreachable

D.

Administratively Blocked

Question 8

A framework for security analysis is composed of a set of instructions, assumptions, and limitations to analyze and solve security concerns and develop threat free applications.

Which of the following frameworks helps an organization in the evaluation of the company’s information security with that of the industrial standards?

Options:

A.

Microsoft Internet Security Framework

B.

Information System Security Assessment Framework

C.

The IBM Security Framework

D.

Nortell’s Unified Security Framework

Question 9

The IP protocol was designed for use on a wide variety of transmission links. Although the maximum length of an IP datagram is 64K, most transmission links enforce a smaller maximum packet length limit, called a MTU.

The value of the MTU depends on the type of the transmission link. The design of IP accommodates MTU differences by allowing routers to fragment IP datagrams as necessary. The receiving station is responsible for reassembling the fragments back into the original full size IP datagram.

IP fragmentation involves breaking a datagram into a number of pieces that can be reassembled later. The IP source, destination, identification, total length, and fragment offset fields in the IP header, are used for IP fragmentation and reassembly.

The fragment offset is 13 bits and indicates where a fragment belongs in the original IP datagram. This value is a:

Options:

A.

Multiple of four bytes

B.

Multiple of two bytes

C.

Multiple of eight bytes

D.

Multiple of six bytes

Question 10

Which one of the following Snort logger mode commands is associated to run a binary log file through Snort in sniffer mode to dump the packets to the screen?

Options:

A.

./snort -dvr packet.log icmp

B.

./snort -dev -l ./log

C.

./snort -dv -r packet.log

D.

./snort -l ./log –b

Question 11

What is kept in the following directory? HKLM\SECURITY\Policy\Secrets

Options:

A.

Service account passwords in plain text

B.

Cached password hashes for the past 20 users

C.

IAS account names and passwords

D.

Local store PKI Kerberos certificates

Question 12

Which vulnerability assessment phase describes the scope of the assessment, identifies and ranks the critical assets, and creates proper information protection procedures such as effective planning, scheduling, coordination, and logistics?

Options:

A.

Threat-Assessment Phase

B.

Pre-Assessment Phase

C.

Assessment Phase

D.

Post-Assessment Phase

Question 13

Which one of the following log analysis tools is used for analyzing the server’s log files?

Options:

A.

Performance Analysis of Logs tool

B.

Network Sniffer Interface Test tool

C.

Ka Log Analyzer tool

D.

Event Log Tracker tool

Question 14

Which of the following policy forbids everything with strict restrictions on all usage of the company systems and network?

Options:

A.

Information-Protection Po

B.

Paranoid Policy

C.

Promiscuous Policy

D.

Prudent Policy

Question 15

Which one of the following is a command line tool used for capturing data from the live network and copying those packets to a file?

Options:

A.

Wireshark: Capinfos

B.

Wireshark: Tcpdump

C.

Wireshark: Text2pcap

D.

Wireshark: Dumpcap

Question 16

You just passed your ECSA exam and are about to start your first consulting job running security audits for a financial institution in Los Angeles. The IT manager of the company you will be working for tries to see if you remember your ECSA class. He asks about the methodology you will be using to test the company's network.

How would you answer?

Options:

A.

IBM Methodology

B.

LPT Methodology

C.

Google Methodology

D.

Microsoft Methodology

Question 17

Many security and compliance projects begin with a simple idea: assess the organization's risk, vulnerabilities, and breaches. Implementing an IT security risk assessment is critical to the overall security posture of any organization.

An effective security risk assessment can prevent breaches and reduce the impact of realized breaches.

What is the formula to calculate risk?

Options:

A.

Risk = Budget x Time

B.

Risk = Goodwill x Reputation

C.

Risk = Loss x Exposure factor

D.

Risk = Threats x Attacks

Question 18

You work as an IT security auditor hired by a law firm in Boston. You have been assigned the responsibility to audit the client for security risks. When assessing the risk to the clients network, what step should you take first?

Options:

A.

Analyzing, categorizing and prioritizing resources

B.

Evaluating the existing perimeter and internal security

C.

Checking for a written security policy

D.

Analyzing the use of existing management and control architecture

Question 19

TCP/IP provides a broad range of communication protocols for the various applications on the network. The TCP/IP model has four layers with major protocols included within each layer. Which one of the following protocols is used to collect information from all the network devices?

Options:

A.

Simple Network Management Protocol (SNMP)

B.

Network File system (NFS)

C.

Internet Control Message Protocol (ICMP)

D.

Transmission Control Protocol (TCP)

Question 20

Identify the type of firewall represented in the diagram below:

Options:

A.

Stateful multilayer inspection firewall

B.

Application level gateway

C.

Packet filter

D.

Circuit level gateway

Question 21

Choose the correct option to define the Prefix Length.

Options:

A.

Prefix Length = Subnet + Host portions

B.

Prefix Length = Network + Host portions

C.

Prefix Length = Network + Subnet portions

D.

Prefix Length = Network + Subnet + Host portions

Question 22

In the process of hacking a web application, attackers manipulate the HTTP requests to subvert the application authorization schemes by modifying input fields that relate to the user ID, username, access group, cost, file names, file identifiers, etc.

They first access the web application using a low privileged account and then escalate privileges to access protected resources. What attack has been carried out?

Options:

A.

XPath Injection Attack

B.

Authorization Attack

C.

Authentication Attack

D.

Frame Injection Attack

Question 23

After passing her CEH exam, Carol wants to ensure that her network is completely secure. She implements a DMZ, statefull firewall, NAT, IPSEC, and a packet filtering firewall. Since all security measures were taken, none of the hosts on her network can reach the Internet.

Why is that?

Options:

A.

IPSEC does not work with packet filtering firewalls

B.

NAT does not work with IPSEC

C.

NAT does not work with statefull firewalls

D.

Statefull firewalls do not work with packet filtering firewalls

Question 24

Which of the following statements is true about Multi-Layer Intrusion Detection Systems (mIDSs)?

Options:

A.

Decreases consumed employee time and increases system uptime

B.

Increases detection and reaction time

C.

Increases response time

D.

Both Decreases consumed employee time and increases system uptime and Increases response time

Question 25

Which of the following is a framework of open standards developed by the Internet Engineering Task Force (IETF) that provides secure transmission of the sensitive data over an unprotected medium, such as the Internet?

Options:

A.

DNSSEC

B.

Netsec

C.

IKE

D.

IPsec

Question 26

You work as a penetration tester for Hammond Security Consultants. You are currently working on a contract for the state government of California. Your next step is to initiate a DoS attack on their network. Why would you want to initiate a DoS attack on a system you are testing?

Options:

A.

Use attack as a launching point to penetrate deeper into the network

B.

Demonstrate that no system can be protected against DoS attacks

C.

List weak points on their network

D.

Show outdated equipment so it can be replaced

Question 27

Which one of the following acts related to the information security in the US fix the responsibility of management for establishing and maintaining an adequate internal control structure and procedures for financial reporting?

Options:

A.

California SB 1386

B.

Sarbanes-Oxley 2002

C.

Gramm-Leach-Bliley Act (GLBA)

D.

USA Patriot Act 2001

Question 28

DNS information records provide important data about:

Options:

A.

Phone and Fax Numbers

B.

Location and Type of Servers

C.

Agents Providing Service to Company Staff

D.

New Customer

Question 29

In a virtual test environment, Michael is testing the strength and security of BGP using multiple routers to mimic the backbone of the Internet. This project will help him write his doctoral thesis on "bringing down the Internet".

Without sniffing the traffic between the routers, Michael sends millions of RESET packets to the routers in an attempt to shut one or all of them down. After a few hours, one of the routers finally shuts itself down.

What will the other routers communicate between themselves?

Options:

A.

More RESET packets to the affected router to get it to power back up

B.

RESTART packets to the affected router to get it to power back up

C.

The change in the routing fabric to bypass the affected router

D.

STOP packets to all other routers warning of where the attack originated

Question 30

Which of the following is NOT related to the Internal Security Assessment penetration testing strategy?

Options:

A.

Testing to provide a more complete view of site security

B.

Testing focused on the servers, infrastructure, and the underlying software, including the target

C.

Testing including tiers and DMZs within the environment, the corporate network, or partner company connections

D.

Testing performed from a number of network access points representing each logical and physical segment

Page: 1 / 8
Total 201 questions