DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

ECSA Certification Exam Sample, Free Exam Resources for Success, EC-Council Certified Security Analyst | SPOTO

Explore our ECSA Certification Exam Sample, Free Exam Resources for Success, EC-Council Certified Security Analyst | SPOTO. Dive into our range of resources including practice tests, free tests, exam practice materials, online exam questions, sample questions, exam dumps, and exam questions and answers. Prepare thoroughly with our mock exams designed to simulate the actual testing environment. Our latest practice tests are tailored to help you succeed in passing the certification exam. The EC-Council Certified Security Analyst Certification is a prestigious credential that validates proficiency in the analytical phase of ethical hacking, complementing the CEH certification. Going beyond CEH, an ECSA possesses the expertise to analyze the outcomes of diverse hacking tools and technologies. Elevate your preparation with our comprehensive exam materials and pave the path for success in your certification journey.
Take other online exams

Question #1
Sam is auditing a web application for SQL injection vulnerabilities. During the testing, Sam discovered that the web application is vulnerable to SQL injection. He starts fuzzing the search field in the web application with UNION based SQL queries, however, he realized that the underlying WAF is blocking the requests. To avoid this, Sam is trying the following query: UNION/**/SELECT/**/’/**/OR/**/1/**/=/**/1 Which of the following evasion techniques is Sam using?
A. Sam is using char encoding to bypass WAF
B. Sam is using obfuscated code to bypass WAF
C. Sam is using inline comments to bypass WAF
D. Sam is manipulating white spaces to bypass WAF
View answer
Correct Answer: A

View The Updated ECSA Exam Questions

SPOTO Provides 100% Real ECSA Exam Questions for You to Pass Your ECSA Exam!

Question #2
Which of the following SQLMAP commands will allow you to test if a parameter in a target URL is vulnerable to SQL injection (injectable)?
A. sqlmap -g “inurl:\”
B. sqlmap
C. sqlmap –url [ Target URL ]
D. sqlmap –host [ Target URL ]
View answer
Correct Answer: D
Question #3
WallSec Inc. has faced several network security issues in the past and hired Williamson, a professional pentester, to audit its information systems. Before starting his work, Williamson, with the help of his legal advisor, signed an agreement with his client. This agreement states that confidential information of the client should not be revealed outside of the engagement. What is the name of the agreement that Williamson and his client signed?
A. Non-disclosure agreement
B. TPOC agreement
C. Engagement letter
D. Authorization letter
View answer
Correct Answer: A
Question #4
Nancy Jones is a network admin at Society Technology Ltd. When she is trying to send data packets from one network (Token-ring) to another network (Ethernet), she receives an error message stating: 'Destination unreachable' What is the reason behind this?
A. Packet is lost
B. Packet fragmentation is required
C. Packet contains image data
D. Packet transmission is not done properly
View answer
Correct Answer: C
Question #5
Watson works as a Penetrating test engineer at Neo security services. The company found its wireless network operating in an unusual manner, with signs that a possible cyber attack might have happened. Watson was asked to resolve this problem. Watson starts a wireless penetrating test, with the first step of discovering wireless networks by war-driving. After several thorough checks, he identifies that there is some problem with rogue access points and resolves it. Identifying rogue access points involves a
A. If a radio media type used by any discovered AP is not present in the authorized list of media types, it is considered as a rogue AP
B. If any new AP which is not present in the authorized list of APs is detected, it would be considered as a rogue AP
C. If the radio channel used by any discovered AP is not present in the authorized list of channels, it is considered as a rogue APD
View answer
Correct Answer: D
Question #6
Analyze the packet capture from Wireshark below and mark the correct statement.
A. It is an invalid DNS query
B. It is a DNS response message
C. It is an answer to the iterative query from Microsoft
D. It is Host (A record) DNS query message
View answer
Correct Answer: C
Question #7
Tom is a networking manager in XYZ Inc. He and his team were assigned the task to store and update the confidential files present on a remote server using Network File System (NFS) client-server application protocol. Since the files are confidential, Tom was asked to perform this operation in a secured manner by limiting the access only to his team. As per the instructions provided to him, to use NFS securely, he employed the process of limiting the superuser access privileges only to his team by using auth
A. Root Squashing
B. nosuid
C. noexec
D. Suid
View answer
Correct Answer: D
Question #8
Linson, an employee in Skitac Ltd., notices a USB flash drive on the pavement of the company. Before he could hand it over to the security guard, he tries to check it out. He connects it with an OTG to his mobile phone and finds some of his favorite music playlists and games. He tries to download them into his mobile, but very lately he came to know that he has been attacked and some of his sensitive financial information was exposed to attackers. What type of attacks did Linson face?
A. Social engineering attack
B. Phishing attack
C. Wardriving attack
D. Impersonation attack
View answer
Correct Answer: C
Question #9
Sarah is a pen tester at JK Hopes & Sons based in Las Vegas. As a part of the penetration testing, she was asked to perform the test without exposing the test to anyone else in the organization. Only a few people in the organization know about the test. This test covers the organization’s security monitoring, incident identification and its response procedures. What kind of pen testing is Sarah performing?
A. Double-blind Testing
B. Announced Testing
C. Unannounced Testing
D. Blind Testing
View answer
Correct Answer: B
Question #10
Henderson has completed the pen testing tasks. He is now compiling the final report for the client. Henderson needs to include the result of scanning that revealed a SQL injection vulnerability and different SQL queries that he used to bypass web application authentication. In which section of the pen testing report, should Henderson include this information?
A. General opinion section
B. Methodology section
C. Comprehensive technical report section
D. Executive summary section
View answer
Correct Answer: A
Question #11
John, a security analyst working for LeoTech organization, was asked to perform penetration testing on the client organizational network. In this process, he used a method that involves threatening or convincing a person from the client organization to obtain sensitive information. Identify the type of penetration testing performed by John on the client organization?
A. Wireless network penetration testing
B. Social engineering penetration testing
C. Mobile device penetration testing
D. Web application penetration testing
View answer
Correct Answer: B
Question #12
Stanley, a pen tester needs to perform various tests to detect SQL injection vulnerabilities. He has to make a list of all input fields whose values could be used in crafting a SQL query. This includes the hidden fields of POST requests and then test them separately, attempting to interfere with the query and cause an error to generate as a result. In which of the following tests is the source code of the application tested in a non-runtime environment to detect the SQL injection vulnerabilities?
A. Dynamic Testing
B. Static Testing
C. Function Testing
D. Source Code Testing
View answer
Correct Answer: A
Question #13
Jacob is a penetration tester at TechSoft Inc. based at Singapore. The company assigned him the task of conducting penetration test on the IoT devices connected to the corporate network. As part of this process, he captured the network traffic of the devices, their mobile applications, and cloud connections to check whether any critical data are transmitted in plain text. Also, he tried to check whether SSL/TLS protocols are properly updated and implemented. Which of the following IoT security issues Jacob
A. Poor authentication/authorization
B. Lack of transport encryption
C. Privacy concerns
D. Insecure software/firmware
View answer
Correct Answer: C
Question #14
Identify the attack from the description below: I. User A sends an ARP request to a switch II. The switch broadcasts the ARP request in the network III. An attacker eavesdrops on the ARP request and responds by spoofing as a legitimate user IV. The attacker sends his MAC address to User A
A. MAC spoofing
B. ARP injection
C. ARP flooding
D. ARP poisoning
View answer
Correct Answer: C
Question #15
David is a penetration tester and he is attempting to extract password hashes from the Oracle database. Which of the following utilities should Dave employ in order to brute-force password hashes from Oracle databases?
A. TNS
B. Orabf
C. Opwg
D. OAT
View answer
Correct Answer: B
Question #16
ABC bank, a UK-based bank hired Anthony, to perform a penetration test for the bank. Anthony began performing lookups on the bank’s DNS servers, reading news articles online about the bank, performing competitive intelligence gathering, watching what times the bank employees come and go, and searching the bank’s job postings. What phase of the penetration testing is Anthony currently in?
A. Attack phase
B. Post-attack phase
C. Pre-attack phase
D. Remediation phase
View answer
Correct Answer: A
Question #17
HDC Networks Ltd. is a leading security services company. Matthew works as a penetrating tester with this firm. He was asked to gather information about the target company. Matthew begins with social engineering by following the steps: I. Secretly observes the target to gain critical information II. Looks at employee’s password or PIN code with the help of binoculars or a low-power telescope Based on the above description, identify the information gathering technique.
A. Phishing
B. Shoulder surfingC
D. Dumpster diving
View answer
Correct Answer: B
Question #18
A month ago, Jason, a software developer at a reputed IT firm was surfing through his company’s website. He was visiting random pages of the company’s website and came to find confidential information about the company was posted on one of the web pages. Jason forgot to report the issue. Jason contacted John, another member of the Security Team, and discussed the issue. John visited the page but found nothing wrong. What should John do to see past versions and pages of a website that Jason saw one month bac
A. John should use SmartWhois to recover the old pages of the website
B. John should recover cashed pages of the website from Google search engine cache
C. John should run the Web Data Extractor tool to recover the old data
D. John can go to Archive
View answer
Correct Answer: B
Question #19
John is a penetration tester who wants to perform port scan on the DNS Server (IP address: 192.168.0.124) deployed in the perimeter. In his primary research, he identified that the DNS server is configured with default settings. Since he is employing Nmap tool to perform port scanning, which of the following Nmap commands should John execute to port scan the DNS Server?
A. nmap -sS -sU –p 80 192
B. nmap -sS -sU –p 69 192
C. nmap -sS -sU –p 123 192
D. nmap -sS -sU –p 53 192
View answer
Correct Answer: B
Question #20
During the reconnaissance phase of a penetration test, you discovered that the client has deployed a firewall that only checks the TCP header information. Which of the following techniques would you use to bypass the firewall?
A. Bypassing the firewall using tiny fragments
B. Bypassing the firewall by manipulating the IPID sequence number
C. Bypassing the firewall source routing
D. Bypassing the firewall using the IP address in place of an URL
View answer
Correct Answer: B

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number: