EC-COUNCIL ECSAV10 Online Practice Questions and Exam Preparation

EC-COUNCIL ECSAV10 Online Questions & Answers

• Question 201:

  Jessica works as systems administrator for a large electronics firm. She wants to scan her network quickly to detect live hosts by using ICMP ECHO Requests. What type of scan is Jessica going to perform?

  A. Smurf scan
  B. Tracert
  C. Ping trace
  D. ICMP ping sweep
  D. ICMP ping sweep

• Question 202:

  External penetration testing is a traditional approach to penetration testing and is more focused on the servers, infrastructure and the underlying software comprising the target. It involves a comprehensive analysis of publicly available information about the target, such as Web servers, Mail servers, Firewalls, and Routers.

  

  Which of the following types of penetration testing is performed with no prior knowledge of the site?

  A. Blue box testing
  B. White box testing
  C. Grey box testing
  D. Black box testing
  D. Black box testing

• Question 203:

  Kimberly is studying to be an IT security analyst at a vocational school in her town. The school offers many different programming as well as networking languages. What networking protocol language should she learn that routers utilize?

  A. OSPF
  B. BPG
  C. ATM
  D. UDP
  A. OSPF

• Question 204:

  An organization hosted a website to provide services to its customers. A visitor of this website has reported a complaint to the organization that they are getting an error message with code 502 when they are trying to access the website. This

  issue was forwarded to the IT department in the organization. The IT department identified the reason behind the error and started resolving the issue by checking whether the server is overloaded, whether the name resolution is working

  properly, whether the firewall is configured properly, etc.

  Identify the error message corresponding to code 502 that the visitors obtained when they tried to access the organization's website?

  A. Bad request
  B. Forbidden
  C. Internal error
  D. Bad gateway
  D. Bad gateway

• Question 205:

  Analyze the packet capture from Wireshark below and mark the correct statement.

  

  A. It is an invalid DNS query
  B. It is a DNS response message
  C. It is an answer to the iterative query from Microsoft.com DNS server
  D. It is Host (A record) DNS query message
  D. It is Host (A record) DNS query message

• Question 206:

  Frank is performing a wireless pen testing for an organization. Using different wireless attack techniques, he successfully cracked the WPA-PSK key. He is trying to connect to the wireless network using the WPA-PSK key. However, he is

  unable to connect to the WLAN as the target is using MAC filtering.

  What would be the easiest way for Frank to circumvent this and connect to the WLAN?

  A. Attempt to crack the WEP key
  B. Crack the Wi-Fi router login credentials and disable the ACL
  C. Sniff traffic off the WLAN and spoof his MAC address to the one that he has captured
  D. Use deauth command from aircrack-ng to deauthenticate a connected user and hijack the session
  C. Sniff traffic off the WLAN and spoof his MAC address to the one that he has captured

• Question 207:

  Identify the attack from the description below:

  I. User A sends an ARP request to a switch

  II. The switch broadcasts the ARP request in the network

  III. An attacker eavesdrops on the ARP request and responds by spoofing as a legitimate user

  IV.

  The attacker sends his MAC address to User A

  A. MAC spoofing
  B. ARP injection
  C. ARP flooding
  D. ARP poisoning
  I. User A sends an ARP request to a switch II. The switch broadcasts the ARP request in the network III. An attacker eavesdrops on the ARP request and responds by spoofing as a legitimate user IV. The attacker sends his MAC address to User A
  A. MAC spoofing

• Question 208:

  Identify the type of testing that is carried out without giving any information to the employees or administrative head of the organization.

  A. Unannounced Testing
  B. Double Blind Testing
  C. Announced Testing
  D. Blind Testing
  B. Double Blind Testing

• Question 209:

  A firewall protects networked computers from intentional hostile intrusion that could compromise confidentiality or result in data corruption or denial of service. It examines all traffic routed between the two networks to see if it meets certain criteria; If it does, it is routed between the networks, otherwise it is stopped.

  

  Why is an appliance-based firewall is more secure than those implemented on top of the commercial operating system (Software based)?

  A. Appliance based firewalls cannot be upgraded
  B. Firewalls implemented on a hardware firewall are highly scalable
  C. Hardware appliances does not suffer from security vulnerabilities associated with the underlying operating system
  D. Operating system firewalls are highly configured
  C. Hardware appliances does not suffer from security vulnerabilities associated with the underlying operating system

• Question 210:

  Richard is working on a web app pen testing assignment for one of his clients. After preliminary information, gathering and vulnerability scanning Richard runs the SQLMAP tool to extract the database information. Which of the following commands will give Richard an output as shown in the screenshot?

  

  A. sqlmap –url http://quennhotel.com/about.aspx?name=1 –D queenhotel --tables
  B. sqlmap –url http://quennhotel.com/about.aspx?name=1 –dbs
  C. sqlmap –url http://quennhotel.com/about.aspx?name=1 –D queenhotel –T --columns
  D. sqlmap –url http://quennhotel.com/about.aspx?name=1 –database queenhotel –tables
  A. sqlmap –url http://quennhotel.com/about.aspx?name=1 –D queenhotel --tables