1. Home
  2. EC-COUNCIL
  3. ECSAV10

EC-COUNCIL ECSAV10 Online Practice Questions and Exam Preparation

ECSAV10 Exam Details

  • Exam Code
    :ECSAV10
  • Exam Name
    :EC-Council Certified Security Analyst (ECSA) v10
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :354 Q&As
  • Last Updated
    :Jun 01, 2026

EC-COUNCIL ECSAV10 Online Questions & Answers

  • Question 91:

    Arrange the WEP cracking process in the correct order:

    I. aireplay-ng -1 0 -e SECRET_SSID -a 1e:64:51:3b:ff:3e -h a7:71:fe:8e:d8:25 eth1

    II. aircrack-ng -s capture.ivs

    III. airmon-ng start eth1

    IV.

    airodump-ng --ivs --write capture eth1

    V.

    aireplay-ng -3 -b 1e:64:51:3b:ff:3e -h a7:71:fe:8e:d8:25 eth1

    A. IV-->I-->V-->III-->II
    B. III-->IV-->V-->II-->I
    C. III-->IV-->I-->V-->II
    D. IV-->I-->V-->III-->II
    I. aireplay-ng -1 0 -e SECRET_SSID -a 1e:64:51:3b:ff:3e -h a7:71:fe:8e:d8:25 eth1 II. aircrack-ng -s capture.ivs III. airmon-ng start eth1 IV. airodump-ng --ivs --write capture eth1

  • Question 92:

    Christen is a renowned SQL penetration testing specialist in the US. A multinational ecommerce company hired him to check for vulnerabilities in the SQL database. Christen wanted to perform SQL penetration testing on the database by

    entering a massive amount of data to crash the web application of the company and discover coding errors that may lead to a SQL injection attack.

    Which of the following testing techniques is Christen using?

    A. Fuzz Testing
    B. Stored Procedure Injection
    C. Union Exploitation
    D. Automated Exploitation

  • Question 93:

    Traffic on which port is unusual for both the TCP and UDP ports?

    A. Port 81
    B. Port 443
    C. Port 0
    D. Port 21

  • Question 94:

    You are trying to locate Microsoft Outlook Web Access Default Portal using Google search on the Internet. What search string will you use to locate them?

    A. intitle:"exchange server"
    B. outlook:"search"
    C. locate:"logon page"
    D. allinurl:"exchange/logon.asp"

  • Question 95:

    When setting up a wireless network with multiple access points, why is it important to set each access point on a different channel?

    A. Avoid cross talk
    B. Avoid over-saturation of wireless signals
    C. So that the access points will work on different frequencies
    D. Multiple access points can be set up on the same channel without any issues

  • Question 96:

    David is working on a pen testing assignment as a junior consultant. His supervisor told him to test a web application for SQL injection. The supervisor also informed David the web application is known to be vulnerable to the "admin' OR '"

    injection. When David tried this string, he received a WAF error message the input is not allowed.

    Which of the following strings could David use instead of the above string to bypass the WAF filtering?

    A. exec sp_addsrvrolemember 'name ' , 'sysadmin '
    B. ' union select
    C. admin') or '1'='1'-
    D. 'or username like char(37);

  • Question 97:

    What operating system would respond to the following command?

    C:\> nmap -a W 10.10.145.65

    A. Mac OS X
    B. Windows XP
    C. Windows 95
    D. FreeBSD

  • Question 98:

    A penetration test consists of three phases: pre-attack phase, attack phase, and post-attack phase.

    Active reconnaissance which includes activities such as network mapping, web profiling, and perimeter mapping is a part which phase(s)?

    A. Post-attack phase
    B. Pre-attack phase and attack phase
    C. Attack phase
    D. Pre-attack phase

  • Question 99:

    What sort of vulnerability assessment approach starts by building an inventory of protocols found on the machine?

    A. Inference-based Assessment
    B. Service-based Assessment Solutions
    C. Product-based Assessment Solutions
    D. Tree-based Assessment

  • Question 100:

    StarMotel is a prominent chain of hotels in the world that uses high-tech solutions to ease the stay of their guests. In those high-tech solutions, they deployed RFID cards using which a guest can get access to the allocated hotel room. Keeping an eye on the RFID technology and with an objective of exploiting it, John, a professional hacker, decided to hack it in order to obtain access to any room in the target hotel. In this process, he first pulled an RFID keycard from the trash of the target hotel and identified the master keycard code in several tries using an RFID card reading and writing tool. Then, he created its clone using a new RFID card that gave him free reign to roam in any hotel room in the building. Identify the RFID attack John has performed on the target hotel?

    A. RFID spoofing attack
    B. Reverse engineering attack
    C. RFID replay attack
    D. Power analysis attack

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your ECSAV10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.