New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Pass ECSAv10 Exam Guide

Page: 6 / 8
Total 201 questions

EC-Council Certified Security Analyst (ECSA) v10 : Penetration Testing Questions and Answers

Question 21

Choose the correct option to define the Prefix Length.

Options:

A.

Prefix Length = Subnet + Host portions

B.

Prefix Length = Network + Host portions

C.

Prefix Length = Network + Subnet portions

D.

Prefix Length = Network + Subnet + Host portions

Question 22

In the process of hacking a web application, attackers manipulate the HTTP requests to subvert the application authorization schemes by modifying input fields that relate to the user ID, username, access group, cost, file names, file identifiers, etc.

They first access the web application using a low privileged account and then escalate privileges to access protected resources. What attack has been carried out?

Options:

A.

XPath Injection Attack

B.

Authorization Attack

C.

Authentication Attack

D.

Frame Injection Attack

Question 23

After passing her CEH exam, Carol wants to ensure that her network is completely secure. She implements a DMZ, statefull firewall, NAT, IPSEC, and a packet filtering firewall. Since all security measures were taken, none of the hosts on her network can reach the Internet.

Why is that?

Options:

A.

IPSEC does not work with packet filtering firewalls

B.

NAT does not work with IPSEC

C.

NAT does not work with statefull firewalls

D.

Statefull firewalls do not work with packet filtering firewalls

Question 24

Which of the following statements is true about Multi-Layer Intrusion Detection Systems (mIDSs)?

Options:

A.

Decreases consumed employee time and increases system uptime

B.

Increases detection and reaction time

C.

Increases response time

D.

Both Decreases consumed employee time and increases system uptime and Increases response time

Page: 6 / 8
Total 201 questions