ECSAV10 Exam Details

  • Exam Code
    :ECSAV10
  • Exam Name
    :EC-Council Certified Security Analyst (ECSA) v10
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :354 Q&As
  • Last Updated
    :Jul 13, 2026

EC-COUNCIL ECSAV10 Online Questions & Answers

  • Question 1:

    During the process of fingerprinting a web application environment, what do you need to do in order to analyze HTTP and HTTPS request headers and the HTML source code?

    A. Examine Source of the Available Pages
    B. Perform Web Spidering
    C. Perform Banner Grabbing
    D. Check the HTTP and HTML Processing by the Browser

  • Question 2:

    The SnortMain () function begins by associating a set of handlers for the signals, Snort receives. It does this using the signal () function. Which one of the following functions is used as a programspecific signal and the handler for this calls the DropStats() function to output the current Snort statistics?

    A. SIGUSR1
    B. SIGTERM
    C. SIGINT
    D. SIGHUP

  • Question 3:

    Windows stores user passwords in the Security Accounts Manager database (SAM), or in the Active Directory database in domains. Passwords are never stored in clear text; passwords are hashed and the results are stored in the SAM. NTLM and LM authentication protocols are used to securely store a user's password in the SAM database using different hashing methods.

    The SAM file in Windows Server 2008 is located in which of the following locations?

    A. c:\windows\system32\config\SAM
    B. c:\windows\system32\drivers\SAM
    C. c:\windows\system32\Setup\SAM
    D. c:\windows\system32\Boot\SAM

  • Question 4:

    Identify the attack represented in the diagram below:

    A. Input Validation
    B. Session Hijacking
    C. SQL Injection
    D. Denial-of-Service

  • Question 5:

    Lee has established a new startup where they develop android applications. In order to meet memory requirements of the company, Lee has hired a Cloud Service Provider, who offered memory space along with virtual systems. Lee was

    dissatisfied with their service and wanted to move to another CSP, but was denied as a part of the contract, which reads that the user cannot switch to another CSP.

    What is this condition called?

    A. Virtualization
    B. Lock-in
    C. Resource Isolation
    D. Lock-up

  • Question 6:

    The Internet is a giant database where people store some of their most private information on the cloud, trusting that the service provider can keep it all safe. Trojans, Viruses, DoS attacks, website defacement, lost computers, accidental publishing, and more have all been sources of major leaks over the last 15 years.

    What is the biggest source of data leaks in organizations today?

    A. Weak passwords and lack of identity management
    B. Insufficient IT security budget
    C. Rogue employees and insider attacks
    D. Vulnerabilities, risks, and threats facing Web sites

  • Question 7:

    Which Wireshark filter displays all the packets where the IP address of the source host is 10.0.0.7?

    A. ip.dst==10.0.0.7
    B. ip.port==10.0.0.7
    C. ip.src==10.0.0.7
    D. ip.dstport==10.0.0.7

  • Question 8:

    A pen tester has extracted a database name by using a blind SQL injection. Now he begins to test the table inside the database using the below query and finds the table: http://juggyboy.com/page.aspx?id=1; IF (LEN(SELECT TOP 1 NAME from sysobjects where xtype='U')=3) WAITFOR DELAY '00:00:10'-http://juggyboy.com/page.aspx?id=1; IF (ASCII(lower(substring((SELECT TOP 1 NAME from sysobjects where xtype=char(85)),1,1)))=101) WAITFOR DELAY '00:00:10'-http://juggyboy.com/page.aspx?id=1; IF (ASCII(lower(substring((SELECT TOP 1 NAME from sysobjects where xtype=char(85)),2,1)))=109) WAITFOR DELAY '00:00:10'-http://juggyboy.com/page.aspx?id=1; IF (ASCII(lower(substring((SELECT TOP 1 NAME from sysobjects where xtype=char(85)),3,1)))=112) WAITFOR DELAY '00:00:10'-What is the table name?

    A. CTS
    B. QRT
    C. EMP
    D. ABC

  • Question 9:

    Charles, a network penetration tester, is part of a team assessing the security of perimeter devices of an organization. He is using the following Nmap command to bypass the firewall:

    nmap -D 10.10.8.5, 192.168.168.9, 10.10.10.12

    What Charles is trying to do?

    A. Packet Fragmentation
    B. Cloaking a scan with decoys
    C. Spoofing source address
    D. Spoofing source port number

  • Question 10:

    A hacker initiates so many invalid requests to a cloud network host that the host uses all its resources responding to invalid requests and ignores the legitimate requests. Identify the type of attack

    A. Denial of Service (DoS) attacks
    B. Side Channel attacks
    C. Man-in-the-middle cryptographic attacks
    D. Authentication attacks

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your ECSAV10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.