1. Home
  2. EC-COUNCIL
  3. ECSAV10

EC-COUNCIL ECSAV10 Online Practice Questions and Exam Preparation

ECSAV10 Exam Details

  • Exam Code
    :ECSAV10
  • Exam Name
    :EC-Council Certified Security Analyst (ECSA) v10
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :354 Q&As
  • Last Updated
    :May 23, 2026

EC-COUNCIL ECSAV10 Online Questions & Answers

  • Question 251:

    Recently, Jacob was assigned a project to test the perimeter security of one of a client. As part of the project, Jacob wants to test whether or not a particular port on the firewall is open or closed. He used the hping utility with the following

    syntax:

    #hping –S –c 1 –p -t

    What response will indicate the particular port is allowed in the firewall?

    A. Host Unreachable
    B. TTL Exceeded
    C. No Response
    D. ICMP Port Unreachable

  • Question 252:

    Todd is working on an assignment involving auditing of a web service. The scanning phase reveals the web service is using an Oracle database server at the backend. He wants to check the TNS Listener configuration file for configuration

    errors.

    Which of the following directories contains the TNS Listener configuration file, by default:

    A. $ORACLE_HOME/bin
    B. $ORACLE_HOME/network /admin
    C. $ORACLE_HOME/network /bin
    D. $ORACLE_HOME/network

  • Question 253:

    As a part of the pen testing process, James performs a FIN scan as given below: What will be the response if the port is open?

    A. No response
    B. FIN/RST
    C. FIN/ACK
    D. RST

  • Question 254:

    Which one of the following tools of trade is an automated, comprehensive penetration testing product for assessing the specific information security threats to an organization?

    A. Sunbelt Network Security Inspector (SNSI)
    B. CORE Impact
    C. Canvas
    D. Microsoft Baseline Security Analyzer (MBSA)

  • Question 255:

    What is kept in the following directory? HKLM\SECURITY\Policy\Secrets

    A. Service account passwords in plain text
    B. Cached password hashes for the past 20 users
    C. IAS account names and passwords
    D. Local store PKI Kerberos certificates

  • Question 256:

    John, a penetration tester from a pen test firm, was asked to collect information about the host file in a Windows system directory. Which of the following is the location of the host file in Window system directory?

    A. C:\Windows\System32\Boot
    B. C:\WINNT\system32\drivers\etc
    C. C:\WINDOWS\system32\cmd.exe
    D. C:\Windows\System32\restore

  • Question 257:

    The first and foremost step for a penetration test is information gathering. The main objective of this test is to gather information about the target system which can be used in a malicious manner to gain access to the target systems.

    Which of the following information gathering terminologies refers to gathering information through social engineering on-site visits, face-to-face interviews, and direct questionnaires?

    A. Active Information Gathering
    B. Pseudonymous Information Gathering
    C. Anonymous Information Gathering
    D. Open Source or Passive Information Gathering

  • Question 258:

    Adam is working as a senior penetration tester at Eon Tech Services Ltd. The company asked him to perform penetration testing on their database. The company informs Adam they use Microsoft SQL Server. As a part of the penetration

    testing, Adam wants to know the complete information about the company's database. He uses the Nmap tool to get the information.

    Which of the following Nmap commands will Adam use to get the information?

    A. nmap -p2051 --script ms-sql-info
    B. nmap -p1801 --script ms-sql-info
    C. nmap -p1443 --script ms-sql-info
    D. nmap -p1521 --script ms-sql-info

  • Question 259:

    Which of the following protocols cannot be used to filter VoIP traffic?

    A. Media Gateway Control Protocol (MGCP)
    B. Real-time Transport Control Protocol (RTCP)
    C. Session Description Protocol (SDP)
    D. Real-Time Publish Subscribe (RTPS)

  • Question 260:

    Identify the type of authentication mechanism represented below:

    A. NTLMv1
    B. NTLMv2
    C. LAN Manager Hash
    D. Kerberos

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your ECSAV10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.