EC-COUNCIL ECSAv8 Online Practice Questions and Exam Preparation

EC-COUNCIL ECSAv8 Online Questions & Answers

• Question 81:

  ARP spoofing is a technique whereby an attacker sends fake ("spoofed") Address Resolution Protocol (ARP) messages onto a Local Area Network. Generally, the aim is to associate the attacker's MAC address with the IP address of another host (such as the default gateway), causing any traffic meant for that IP address to be sent to the attacker instead.

  ARP spoofing attack is used as an opening for other attacks.

  

  What type of attack would you launch after successfully deploying ARP spoofing?

  A. Parameter Filtering
  B. Social Engineering
  C. Input Validation
  D. Session Hijacking
  D. Session Hijacking

• Question 82:

  HTTP protocol specifies that arbitrary binary characters can be passed within the URL by using %xx notation, where 'xx' is the

  A. ASCII value of the character
  B. Binary value of the character
  C. Decimal value of the character
  D. Hex value of the character
  C. Decimal value of the character

• Question 83:

  When you are running a vulnerability scan on a network and the IDS cuts off your connection, what type of IDS is being used?

  A. Passive IDS
  B. Active IDS
  C. Progressive IDS
  D. NIPS
  B. Active IDS

• Question 84:

  Which of the following is not the SQL injection attack character?

  A. $
  B. PRINT
  C. #
  D. @@variable
  B. PRINT

• Question 85:

  Which of the following protocol's traffic is captured by using the filter tcp.port==3389 in the Wireshark tool?

  A. Reverse Gossip Transport Protocol (RGTP)
  B. Real-time Transport Protocol (RTP)
  C. Remote Desktop Protocol (RDP)
  D. Session Initiation Protocol (SIP)
  C. Remote Desktop Protocol (RDP)

• Question 86:

  To locate the firewall, SYN packet is crafted using Hping or any other packet crafter and sent to the firewall. If ICMP unreachable type 13 message (which is an admin prohibited packet) with a source IP address of the access control device is received, then it means which of the following type of firewall is in place?

  A. Circuit level gateway
  B. Stateful multilayer inspection firewall
  C. Packet filter
  D. Application level gateway
  B. Stateful multilayer inspection firewall

• Question 87:

  Identify the port numbers used by POP3 and POP3S protocols.

  A. 113 and 981
  B. 111 and 982
  C. 110 and 995
  D. 109 and 973
  C. 110 and 995

• Question 88:

  Which of the following is not a characteristic of a firewall?

  A. Manages public access to private networked resources
  B. Routes packets between the networks
  C. Examines all traffic routed between the two networks to see if it meets certain criteria
  D. Filters only inbound traffic but not outbound traffic
  B. Routes packets between the networks

• Question 89:

  Which of the following is an ARP cache poisoning technique aimed at network switches?

  A. Replay Attack
  B. Mac Flooding
  C. Man-in-the Middle Attack
  D. DNS Poisoning
  B. Mac Flooding

• Question 90:

  A man enters a PIN number at an ATM machine, being unaware that the person next to him was watching. Which of the following social engineering techniques refers to this type of information theft?

  A. Shoulder surfing
  B. Phishing
  C. Insider Accomplice
  D. Vishing
  A. Shoulder surfing