New Year Sale - Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70dumps

ECSAv10 Questions and Answers

Question # 6

A penetration test consists of three phases: pre-attack phase, attack phase, and post-attack phase.

Active reconnaissance which includes activities such as network mapping, web profiling, and perimeter mapping is a part which phase(s)?

A.

Post-attack phase

B.

Pre-attack phase and attack phase

C.

Attack phase

D.

Pre-attack phase

Full Access
Question # 7

Harold is a web designer who has completed a website for ghttech.net. As part of the maintenance agreement he signed with the client, Harold is performing research online and seeing how much exposure the site has received so far. Harold navigates to google.com and types in the following search.

link:www.ghttech.net

What will this search produce?

A.

All sites that link to ghttech.net

B.

Sites that contain the code: link:www.ghttech.net

C.

All sites that ghttech.net links to

D.

All search engines that link to .net domains

Full Access
Question # 8

SQL injection attacks are becoming significantly more popular amongst hackers and there has been an estimated 69 percent increase of this attack type.

This exploit is used to great effect by the hacking community since it is the primary way to steal sensitive data from web applications. It takes advantage of non-validated input vulnerabilities to pass SQL commands through a web application for execution by a back-end database.

The below diagram shows how attackers launched SQL injection attacks on web applications.

Which of the following can the attacker use to launch an SQL injection attack?

A.

Blah' “2=2 –“

B.

Blah' and 2=2 --

C.

Blah' and 1=1 --

D.

Blah' or 1=1 --

Full Access
Question # 9

Wireshark is a network analyzer. It reads packets from the network, decodes them, and presents them in an easy-to-understand format. Which one of the following is the command-line version of Wireshark, which can be used to capture the live packets from the wire or to read the saved capture files?

A.

Tcpdump

B.

Capinfos

C.

Tshark

D.

Idl2wrs

Full Access
Question # 10

During the process of fingerprinting a web application environment, what do you need to do in order to analyze HTTP and HTTPS request headers and the HTML source code?

A.

Examine Source of the Available Pages

B.

Perform Web Spidering

C.

Perform Banner Grabbing

D.

Check the HTTP and HTML Processing by the Browser

Full Access
Question # 11

An automated electronic mail message from a mail system which indicates that the user does not exist on that server is called as?

A.

SMTP Queue Bouncing

B.

SMTP Message Bouncing

C.

SMTP Server Bouncing

D.

SMTP Mail Bouncing

Full Access
Question # 12

You work as an IT security auditor hired by a law firm in Boston. You have been assigned the responsibility to audit the client for security risks. When assessing the risk to the clients network, what step should you take first?

A.

Analyzing, categorizing and prioritizing resources

B.

Evaluating the existing perimeter and internal security

C.

Checking for a written security policy

D.

Analyzing the use of existing management and control architecture

Full Access
Question # 13

George is a senior security analyst working for a state agency in Florida. His state's congress just passed a bill mandating every state agency to undergo a security audit annually. After learning what will be required, George needs to implement an IDS as soon as possible before the first audit occurs.

The state bill requires that an IDS with a "time-based induction machine" be used. What IDS feature must George implement to meet this requirement?

A.

Pattern matching

B.

Statistical-based anomaly detection

C.

Real-time anomaly detection

D.

Signature-based anomaly detection

Full Access
Question # 14

A framework for security analysis is composed of a set of instructions, assumptions, and limitations to analyze and solve security concerns and develop threat free applications.

Which of the following frameworks helps an organization in the evaluation of the company’s information security with that of the industrial standards?

A.

Microsoft Internet Security Framework

B.

Information System Security Assessment Framework

C.

The IBM Security Framework

D.

Nortell’s Unified Security Framework

Full Access
Question # 15

When you are running a vulnerability scan on a network and the IDS cuts off your connection, what type of IDS is being used?

A.

Passive IDS

B.

Active IDS

C.

Progressive IDS

D.

NIPS

Full Access
Question # 16

War Driving is the act of moving around a specific area, mapping the population of wireless access points for statistical purposes. These statistics are then used to raise awareness of the security problems associated with these types of networks.

Which one of the following is a Linux based program that exploits the weak IV (Initialization Vector) problem documented with static WEP?

A.

Airsnort

B.

Aircrack

C.

WEPCrack

D.

Airpwn

Full Access
Question # 17

You just passed your ECSA exam and are about to start your first consulting job running security audits for a financial institution in Los Angeles. The IT manager of the company you will be working for tries to see if you remember your ECSA class. He asks about the methodology you will be using to test the company's network.

How would you answer?

A.

IBM Methodology

B.

LPT Methodology

C.

Google Methodology

D.

Microsoft Methodology

Full Access
Question # 18

Which one of the following log analysis tools is a Cisco Router Log Format log analyzer and it parses logs, imports them into a SQL database (or its own built-in database), aggregates them, and generates the dynamically filtered reports, all through a web interface?

A.

Event Log Tracker

B.

Sawmill

C.

Syslog Manager

D.

Event Log Explorer

Full Access
Question # 19

The objective of this act was to protect consumers personal financial information held by financial institutions and their service providers.

A.

HIPAA

B.

Sarbanes-Oxley 2002

C.

Gramm-Leach-Bliley Act

D.

California SB 1386a

Full Access
Question # 20

Which one of the following log analysis tools is used for analyzing the server’s log files?

A.

Performance Analysis of Logs tool

B.

Network Sniffer Interface Test tool

C.

Ka Log Analyzer tool

D.

Event Log Tracker tool

Full Access
Question # 21

Julia is a senior security analyst for Berber Consulting group. She is currently working on a contract for a small accounting firm in Florida. They have given her permission to perform social engineering attacks on the company to see if their in-house training did any good. Julia calls the main number for the accounting firm and talks to the receptionist. Julia says that she is an IT technician from the company's main office in Iowa.

She states that she needs the receptionist's network username and password to troubleshoot a problem they are having. Julia says that Bill Hammond, the CEO of the company, requested this information. After hearing the name of the CEO, the receptionist gave Julia all the information she asked for.

What principal of social engineering did Julia use?

A.

Reciprocation

B.

Friendship/Liking

C.

Social Validation

D.

Scarcity

Full Access
Question # 22

Which of the following is NOT related to the Internal Security Assessment penetration testing strategy?

A.

Testing to provide a more complete view of site security

B.

Testing focused on the servers, infrastructure, and the underlying software, including the target

C.

Testing including tiers and DMZs within the environment, the corporate network, or partner company connections

D.

Testing performed from a number of network access points representing each logical and physical segment

Full Access
Question # 23

The objective of social engineering pen testing is to test the strength of human factors in a security chain within the organization. It is often used to raise the level of security awareness among employees.

The tester should demonstrate extreme care and professionalism during a social engineering pen test as it might involve legal issues such as violation of privacy and may result in an embarrassing situation for the organization.

Which of the following methods of attempting social engineering is associated with bribing, handing out gifts, and becoming involved in a personal relationship to befriend someone inside the company?

A.

Accomplice social engineering technique

B.

Identity theft

C.

Dumpster diving

D.

Phishing social engineering technique

Full Access
Question # 24

STION NO: 23

Identify the framework that comprises of five levels to guide agency assessment of their security programs and assist in prioritizing efforts for improvement:

A.

Information System Security Assessment Framework (ISSAF)

B.

Microsoft Internet Security Framework

C.

Nortells Unified Security Framework

D.

Federal Information Technology Security Assessment Framework

Full Access
Question # 25

Which of the following is not a characteristic of a firewall?

A.

Manages public access to private networked resources

B.

Routes packets between the networks

C.

Examines all traffic routed between the two networks to see if it meets certain criteria

D.

Filters only inbound traffic but not outbound traffic

Full Access
Question # 26

By default, the TFTP server listens on UDP port 69. Which of the following utility reports the port status of target TCP and UDP ports on a local or a remote computer and is used to troubleshoot TCP/IP connectivity issues?

A.

PortQry

B.

Netstat

C.

Telnet

D.

Tracert

Full Access
Question # 27

Which of the following will not handle routing protocols properly?

A.

“Internet-router-firewall-net architecture”

B.

“Internet-firewall-router-net architecture”

C.

“Internet-firewall -net architecture”

D.

“Internet-firewall/router(edge device)-net architecture”

Full Access
Question # 28

Which one of the following acts related to the information security in the US fix the responsibility of management for establishing and maintaining an adequate internal control structure and procedures for financial reporting?

A.

California SB 1386

B.

Sarbanes-Oxley 2002

C.

Gramm-Leach-Bliley Act (GLBA)

D.

USA Patriot Act 2001

Full Access
Question # 29

Which of the following attributes has a LM and NTLMv1 value as 64bit + 64bit + 64bit and NTLMv2 value as 128 bits?

A.

Hash Key Length

B.

C/R Value Length

C.

C/R Key Length

D.

Hash Value Length

Full Access
Question # 30

Firewall is an IP packet filter that enforces the filtering and security policies to the flowing network traffic. Using firewalls in IPv6 is still the best way of protection from low level attacks at the network and transport layers.

Which one of the following cannot handle routing protocols properly?

A.

“Internet-router-firewall-net architecture”

B.

“Internet-firewall-router-net architecture”

C.

“Internet-firewall/router(edge device)-net architecture”

D.

“Internet-firewall -net architecture”

Full Access