ECSAV10 Exam Details

  • Exam Code
    :ECSAV10
  • Exam Name
    :EC-Council Certified Security Analyst (ECSA) v10
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :354 Q&As
  • Last Updated
    :Jul 13, 2026

EC-COUNCIL ECSAV10 Online Questions & Answers

  • Question 311:

    Frank is a senior security analyst at Roger Data Systems Inc. The company asked him to perform a database penetration test on its client network to determine whether the database is vulnerable to attacks or not. The client did not reveal any

    information about the database they are using.

    As a pen tester Frank knows that each database runs on its own default port. So he started database port scanning using the Nmap tool and tried different commands using default port numbers and succeeded with the following command.

    nmap -sU –p 1521

    Identify the database used by the company?

    A. MySQL
    B. Microsoft SQL Server
    C. SQLite
    D. Oracle

  • Question 312:

    Smith, a pen tester, has been hired to analyze the security posture of an organization and is trying to find the operating systems used in the network using Wireshark. What can be inferred about selected packet in the Wireshark screenshot below?

    A. The machine with IP 10.0.0.10 is running on Linux
    B. The machine with IP 10.0.0.12 is running on Linux
    C. The machine with IP 10.0.0.12 is running on Windows
    D. The machine with IP10.0.0.10 is running on Windows

  • Question 313:

    You work as an IT security auditor hired by a law firm in Boston to test whether you can gain access to sensitive information about the company clients. You have rummaged through their trash and found very little information. You do not want to set off any alarms on their network, so you plan on performing passive foot printing against their Web servers. What tool should you use?

    A. Nmap
    B. Netcraft
    C. Ping sweep
    D. Dig

  • Question 314:

    Which of the following statement holds true for TCP Operation?

    A. Port numbers are used to know which application the receiving host should pass the data to
    B. Sequence numbers are used to track the number of packets lost in transmission
    C. Flow control shows the trend of a transmitting host overflowing the buffers in the receiving host
    D. Data transfer begins even before the connection is established

  • Question 315:

    A wireless intrusion detection system (WIDS) monitors the radio spectrum for the presence of unauthorized, rogue access points and the use of wireless attack tools.

    The system monitors the radio spectrum used by wireless LANs, and immediately alerts a systems administrator whenever a rogue access point is detected. Conventionally it is achieved by comparing the MAC address of the participating

    wireless devices.

    Which of the following attacks can be detected with the help of wireless intrusion detection system (WIDS)?

    A. Social engineering
    B. SQL injection
    C. Parameter tampering
    D. Man-in-the-middle attack

  • Question 316:

    George works at 3D-Networks Ltd as a Network Admin. He received an email from one of his clients stating that the client's company website has some flaws and they are receiving continuous emails from customers about the

    inconveniencies. While checking the web servers, he found loopholes with the DNS servers and he installed DNSSEC-Aware lookups. This made the site functional and the client was happy with the outcome.

    What problem does a Non-DNSSEC-Aware site face?

    A. The users will get more information than they desired.
    B. The user's commands will be delayed and the information they requested may be not delivered.
    C. The site becomes slow and vulnerable
    D. A mischievous Internet user can cut off the request and send back incorrect information by spoofing the response.

  • Question 317:

    SQL injection attack consists of insertion or "injection" of either a partial or complete SQL query via the data input or transmitted from the client (browser) to the web application. A successful SQL injection attack can:

    i) Read sensitive data from the database

    iii) Modify database data (insert/update/delete)

    iii) Execute administration operations on the database (such as shutdown the DBMS) iV) Recover the content of a given file existing on the DBMS file system or write files into the file system v) Issue commands to the operating system

    Pen tester needs to perform various tests to detect SQL injection vulnerability. He has to make a list of all input fields whose values could be used in crafting a SQL query, including the hidden fields of POST requests and then test them separately, trying to interfere with the query and to generate an error. In which of the following tests is the source code of the application tested in a non-runtime environment to detect the SQL injection vulnerabilities?

    A. Automated Testing
    B. Function Testing
    C. Dynamic Testing
    D. Static Testing

  • Question 318:

    Tyler is setting up a wireless network for his business that he runs out of his home. He has followed all the directions from the ISP as well as the wireless router manual. He does not have any encryption set and the SSID is being broadcast.

    On his laptop, he can pick up the wireless signal for short periods of time, but then the connection drops and the signal goes away. Eventually the wireless signal shows back up, but drops intermittently.

    What could be Tyler issue with his home wireless network?

    A. 2.4 Ghz Cordless phones
    B. Satellite television
    C. CB radio
    D. Computers on his wired network

  • Question 319:

    Which of the following are the default ports used by NetBIOS service?

    A. 135, 136, 139, 445
    B. 134, 135, 136, 137
    C. 137, 138, 139, 140
    D. 133, 134, 139, 142

  • Question 320:

    Tom is a networking manager in XYZ Inc. He and his team were assigned the task to store and update the confidential files present on a remote server using Network File System (NFS) client-server application protocol. Since the files are

    confidential, Tom was asked to perform this operation in a secured manner by limiting the access only to his team. As per the instructions provided to him, to use NFS securely, he employed the process of limiting the superuser access

    privileges only to his team by using authentication based on the team personnel identity.

    Identify the method employed by Tom for securing access controls in NFS?

    A. Root Squashing
    B. nosuid
    C. noexec
    D. Suid

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your ECSAV10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.