EC-COUNCIL ECSAV10 Online Practice Questions and Exam Preparation

EC-COUNCIL ECSAV10 Online Questions & Answers

• Question 141:

  Identify the PRGA from the following screenshot:

  

  A. replay_src-0124-161120.cap
  B. fragment-0124-161129.xor
  C. 0505 933f af2f 740e
  D. 0842 0201 000f b5ab cd9d 0014 6c7e 4080
  A. replay_src-0124-161120.cap

• Question 142:

  James, a research scholar, received an email informing that someone is trying to access his Google account from an unknown device. When he opened his email message, it looked like a standard Google notification instructing him to click

  the link below to take further steps. This link was redirected to a malicious webpage where he was tricked to provide Google account credentials. James observed that the URL began with www.translate.google.com giving a legitimate

  appearance.

  In the above scenario, identify the type of attack being performed on James' email account?

  A. SMiShing
  B. Dumpster diving
  C. Phishing
  D. Vishing
  C. Phishing

• Question 143:

  As a part of information gathering, you are given a website URL and asked to identify the operating system using passive OS fingerprinting. When you begin to use p0f tool and browse the website URL, the tool captures the header information of all the packets sent and received, and decodes them. Which among the decoded request/response packets hold the operating system information of the remote operating system?

  A. SYN
  B. SYN-ACK
  C. ACK
  D. RST
  B. SYN-ACK

• Question 144:

  Rebecca, a security analyst, was auditing the network in her organization. During the scan, she found a service running on a remote host, which helped her to enumerate information related to user accounts, network interfaces, network

  routing and TCP connections.

  Which among the following services allowed Rebecca to enumerate the information?

  A. NTP
  B. SNMP
  C. SMPT
  D. SMB
  B. SNMP

• Question 145:

  Black-box testing is a method of software testing that examines the functionality of an application (e.g. what the software does) without peering into its internal structures or workings. Black-box testing is used to detect issues in SQL statements and to detect SQL injection vulnerabilities.

  

  Most commonly, SQL injection vulnerabilities are a result of coding vulnerabilities during the Implementation/Development phase and will likely require code changes. Pen testers need to perform this testing during the development phase to

  find and fix the SQL injection vulnerability.

  What can a pen tester do to detect input sanitization issues?

  A. Send single quotes as the input data to catch instances where the user input is not sanitized
  B. Send double quotes as the input data to catch instances where the user input is not sanitized
  C. Send long strings of junk data, just as you would send strings to detect buffer overruns
  D. Use a right square bracket (the "]" character) as the input data to catch instances where the user input is used as part of a SQL identifier without any input sanitization
  D. Use a right square bracket (the "]" character) as the input data to catch instances where the user input is used as part of a SQL identifier without any input sanitization

• Question 146:

  Which of the following is NOT related to the Internal Security Assessment penetration testing strategy?

  A. Testing to provide a more complete view of site security
  B. Testing focused on the servers, infrastructure, and the underlying software, including the target
  C. Testing including tiers and DMZs within the environment, the corporate network, or partner company connections
  D. Testing performed from a number of network access points representing each logical and physical segment
  B. Testing focused on the servers, infrastructure, and the underlying software, including the target

• Question 147:

  Simon is a former employee of Trinitron XML Inc. He feels he was wrongly terminated and wants to hack into his former company's network. Since Simon remembers some of the server names, he attempts to run the AXFR and IXFR

  commands using DIG.

  What is Simon trying to accomplish here?

  A. Enumerate all the users in the domain
  B. Perform DNS poisoning
  C. Send DOS commands to crash the DNS servers
  D. Perform a zone transfer
  D. Perform a zone transfer

• Question 148:

  You work as a penetration tester for Hammond Security Consultants. You are currently working on a contract for the state government of California; Your next step is to initiate a DoS attack on their network. Why would you want to initiate a DoS attack on a system you are testing?

  A. Use attack as a launching point to penetrate deeper into the network
  B. Demonstrate that no system can be protected against DoS attacks
  C. List weak points on their network
  D. Show outdated equipment so it can be replaced
  C. List weak points on their network

• Question 149:

  John is a network administrator and he is configuring the Active Directory roles in the primary domain controller (DC) server. Whilst configuring the Flexible Single Master Operation (FSMO) roles in the primary DC, he configured one of the

  roles to synchronize the time among all the DCs in an enterprise. The role that he configured also records the password changes performed by other DCs in the domain, authentication failures due to entering an incorrect password, and

  processes account lockout activities.

  Which of the following FSMO roles has John configured?

  A. RID master
  B. PDC emulator
  C. Domain naming master
  D. Schema master
  B. PDC emulator

• Question 150:

  Which of the following methods is used to perform server discovery?

  A. Banner Grabbing
  B. Who is Lookup
  C. SQL Injection
  D. Session Hijacking
  B. Who is Lookup