DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Prepare Strategically for the EC-Council ECSA Exam with Practice Tests

SPOTO's EC-Council ECSA practice questions are instrumental in aiding candidates to successfully pass the EC-Council Certified Security Analyst (ECSA) exam. These practice tests offer a wide range of exam questions and answers that closely simulate the actual exam environment. By regularly practicing with SPOTO's practice questions and mock exams, candidates can sharpen their skills, identify weak areas, and enhance their exam preparation. SPOTO provides comprehensive study materials and exam resources that complement the practice questions, ensuring candidates have all the tools they need to succeed. With SPOTO's effective exam preparation resources, candidates can confidently approach the ECSA exam and increase their chances of passing successfully.
Take other online exams

Question #1
One needs to run “Scan Server Configuration” tool to allow a remote connection to Nessus from the remote Nessus clients. This tool allows the port and bound interface of the Nessus daemon to be configured. By default, the Nessus daemon listens to connections on which one of the following?
A. ocalhost (127
B. ocalhost (127
C. ocalhost (127
D. ocalhost (127
View answer
Correct Answer: A

View The Updated ECSA Exam Questions

SPOTO Provides 100% Real ECSA Exam Questions for You to Pass Your ECSA Exam!

Question #2
Which one of the following Snort logger mode commands is associated to run a binary log file through Snort in sniffer mode to dump the packets to the screen?
A.
B.
C.
D.
View answer
Correct Answer: C
Question #3
Packet filtering firewalls are usually a part of a router. In a packet filtering firewall, each packet is compared to a set of criteria before it is forwarded.Depending on the packet and the criteria, the firewall can:i) Drop the packetii) Forward it or send a message to the originatorAt which level of the OSI model do the packet filtering firewalls work?
A. pplication layer
B. hysical layer
C. ransport layer
D. etwork layer
View answer
Correct Answer: D
Question #4
Which of the following external pen testing tests reveals information on price, usernames and passwords, sessions, URL characters, special instructors, encryption used, and web page behaviors?
A. heck for Directory Consistency and Page Naming Syntax of the Web Pages
B. xamine Server Side Includes (SSI)
C. xamine Hidden Fields
D. xamine E-commerce and Payment Gateways Handled by the Web Server
View answer
Correct Answer: C
Question #5
What is the objective of the following bash script?
A. It gives a list of IP addresses that have an FTP port open
B. It tries to connect to FTP port on a target machine
C. It checks if a target host has the FTP port open and quits
D. It checks if an FTP port on a target machine is vulnerable to arracks
View answer
Correct Answer: A
Question #6
James is testing the ability of his routers to withstand DoS attacks. James sends ICMP ECHO requests to the broadcast address of his network. What type of DoS attack is James testing against his network?
A. murf
B. rinoo
C. raggle
D. YN flood
View answer
Correct Answer: A
Question #7
Vulnerability assessment is an examination of the ability of a system or application, including current security procedures and controls, to withstand assault. It recognizes, measures, and classifies security vulnerabilities in a computer system, network, and communication channels.A vulnerability assessment is used to identify weaknesses that could be exploited and predict the effectiveness of additional security measures in protecting information resources from attack.Which of the following vulnerability
A. assive Assessment
B. ost-based Assessment
C. xternal Assessment
D. pplication Assessment
View answer
Correct Answer: D
Question #8
Rule of Engagement (ROE) is the formal permission to conduct a pen-test. It provides top-level guidance for conducting the penetration testing.Various factors are considered while preparing the scope of ROE which clearly explain the limits associated with the security test.Which of the following factors is NOT considered while preparing the scope of the Rules of Engagement (ROE)?
A. list of employees in the client organization
B. list of acceptable testing techniques
C. pecific IP addresses/ranges to be tested
D. oints of contact for the penetration testing team
View answer
Correct Answer: A
Question #9
What are the scanning techniques that are used to bypass firewall rules and logging mechanisms and disguise themselves as usual network traffic?
A. onnect Scanning Techniques
B. YN Scanning Techniques
C. tealth Scanning Techniques
D. ort Scanning Techniques
View answer
Correct Answer: C
Question #10
Identify the framework that comprises of five levels to guide agency assessment of their security programs and assist in prioritizing efforts for improvement:
A. nformation System Security Assessment Framework (ISSAF)
B. icrosoft Internet Security Framework
C. ortells Unified Security Framework
D. ederal Information Technology Security Assessment Framework
View answer
Correct Answer: D
Question #11
Which of the following protocols cannot be used to filter VoIP traffic?
A. edia Gateway Control Protocol (MGCP)
B. eal-time Transport Control Protocol (RTCP)
C. ession Description Protocol (SDP)
D. eal-Time Publish Subscribe (RTPS)
View answer
Correct Answer: D
Question #12
Paul's company is in the process of undergoing a complete security audit including logical and physical security testing. After all logical tests were performed; it is now time for the physical round to begin. None of the employees are made aware of this round of testing.The security-auditing firm sends in a technician dressed as an electrician. He waits outside in the lobby for some employees to get to work and follows behind them when they access the restricted areas. After entering the main office, he is
A. Fuzzing
B. Tailgating
C. Man trap attack
D. Backtrapping
View answer
Correct Answer: B
Question #13
Allen and Greg, after investing in their startup company called Zamtac Ltd., developed a new web application for their company. Before hosting the application, they want to test the robustness and immunity of the developed web application against attacks like buffer overflow, DOS, XSS, and SQL injection.What is the type of the web application security test Allen and Greg should perform?
A. Web fuzzing
B. Web crawling
C. Web spidering
D. Web mirroring
View answer
Correct Answer: A
Question #14
Why is a legal agreement important to have before launching a penetration test?
A. uarantees your consultant fees
B. llows you to perform a penetration test without the knowledge and consent of the organization's upper management
C. t establishes the legality of the penetration test by documenting the scope of the project and the consent of the company
D. t is important to ensure that the target organization has implemented mandatory security policies
View answer
Correct Answer: C
Question #15
Which of the following policies helps secure data and protects the privacy of organizational information?
A. pecial-Access Policy
B. ocument retention Policy
C. ryptography Policy
D. ersonal Security Policy
View answer
Correct Answer: C
Question #16
Which of the following attacks does a hacker perform in order to obtain UDDI information such as businessEntity, businesService, bindingTemplate, and tModel?
A. eb Services Footprinting Attack
B. ervice Level Configuration Attacks
C. RL Tampering Attacks
D. nside Attacks
View answer
Correct Answer: A
Question #17
Transmission control protocol accepts data from a data stream, divides it into chunks, and adds a TCP header creating a TCP segment. The TCP header is the first 24 bytes of a TCP segment that contains the parameters and state of an end-to- end TCP socket. It is used to track the state of communication between two TCP endpoints. For a connection to be established or initialized, the two hosts must synchronize. The synchronization requires each side to send its own initial sequence number and to receive a con
A. 6 bits
B. 2 bits
C. bits
D. 4 bits
View answer
Correct Answer: B
Question #18
Which Wireshark filter displays all the packets where the IP address of the source host is 10.0.0.7?
A. p
B. p
C. p
D. p
View answer
Correct Answer: C
Question #19
DNS information records provide important data about:
A. hone and Fax Numbers
B. ocation and Type of Servers
C. gents Providing Service to Company Staff
D. ew Customer
View answer
Correct Answer: B
Question #20
Harold is a web designer who has completed a website for ghttech.net. As part of the maintenance agreement he signed with the client, Harold is performing research online and seeing how much exposure the site has received so far. Harold navigates to google.com and types in the following search.link:www.ghttech.netWhat will this search produce?
A. ll sites that link to ghttech
B. ites that contain the code: link:www
C. ll sites that ghttech
D. ll search engines that link to
View answer
Correct Answer: A
Question #21
Which of the following reports provides a summary of the complete pen testing process, its outcomes, and recommendations?
A. ulnerability Report
B. xecutive Report
C. lient-side test Report
D. ost Report
View answer
Correct Answer: B
Question #22
Which of the following is the range for assigned ports managed by the Internet Assigned Numbers Authority (IANA)?
A. 001-3100
B. 000-5099
C. 666-6674
D. – 1023
View answer
Correct Answer: D
Question #23
Variables are used to define parameters for detection, specifically those of your local network and/or specific servers or ports for inclusion or exclusion in rules. These are simple substitution variables set with the var keyword. Which one of the following operator is used to define meta-variables?
A. $"
B. #"
C. *"
D. ?"
View answer
Correct Answer: A
Question #24
Meyer Electronics Systems just recently had a number of laptops stolen out of their office.On these laptops contained sensitive corporate information regarding patents and company strategies. A month after the laptops were stolen, a competing company was found to have just developed products that almost exactly duplicated products that Meyer produces. What could have prevented this information from being stolen from the laptops?
A. SDW Encryption
B. EFS Encryption
C. DFS Encryption
D. IPS Encryption
View answer
Correct Answer: B
Question #25
Meyer Electronics Systems just recently had a number of laptops stolen out of their office.On these laptops contained sensitive corporate information regarding patents and company strategies. A month after the laptops were stolen, a competing company was found to have just developed products that almost exactly duplicated products that Meyer produces. What could have prevented this information from being stolen from the laptops?
A. SDW Encryption
B. EFS Encryption
C. DFS Encryption
D. IPS Encryption
View answer
Correct Answer: B
Question #26
Snort, an open source network-based intrusion detection sensor, is the most widely installed NIDS in the world. It can be configured to run in the four modes. Which one of the following modes reads the packets off the network and displays them in a continuous stream on the console (screen)?
A. acket Sniffer Mode
B. acket Logger Mode
C. etwork Intrusion Detection System Mode
D. nline Mode
View answer
Correct Answer: A
Question #27
In which of the following IDS evasion techniques does IDS reject the packets that an end system accepts?
A. PS evasion technique
B. DS evasion technique
C. DP evasion technique
D. TL evasion technique
View answer
Correct Answer: D
Question #28
James is testing the ability of his routers to withstand DoS attacks. James sends ICMPECHO requests to the broadcast address of his network. What type of DoS attack is James testing against his network?
A. Smurf
B. Trinoo
C. Fraggle
D. SYN flood
View answer
Correct Answer: A
Question #29
Which one of the following tools of trade is an automated, comprehensive penetration testing product for assessing the specific information security threats to an organization?
A. unbelt Network Security Inspector (SNSI)
B. ORE Impact
C. anvas
D. icrosoft Baseline Security Analyzer (MBSA)
View answer
Correct Answer: C
Question #30
An employee is trying to access the internal website of his company. When he opened a webpage, he received an error message notifying ?€Proxy AuthenticationRequired.?€ He approached the IT department in the company and reported the issue. The IT staff explained him that this is an HTTP error indicating that the server is unable to process the request due to lack of appropriate client?€?s authentication credentials for a proxy server that is processing the requests between the clients and the server.Identify
A. 415
B. 417
C. 407
D. 404
View answer
Correct Answer: C
Question #31
The amount of data stored in organizational databases has increased rapidly in recent years due to the rapid advancement of information technologies. A high percentage of these data is sensitive, private and critical to the organizations, their clients and partners.Therefore, databases are usually installed behind internal firewalls, protected with intrusion detection mechanisms and accessed only by applications. To access a database, users have to connect to one of these applications and submit queries thr
A. Frame Injection Attack
B. LDAP Injection Attack
C. XPath Injection Attack
D. SOAP Injection Attack
View answer
Correct Answer: B
Question #32
Which of the following acts related to information security in the US establish that the management of an organization is responsible for establishing and maintaining an adequate internal control structure and procedures for financial reporting?
A. SA Patriot Act 2001
B. arbanes-Oxley 2002
C. ramm-Leach-Bliley Act (GLBA)
D. alifornia SB 1386
View answer
Correct Answer: A
Question #33
The first phase of the penetration testing plan is to develop the scope of the project in consultation with the client. Pen testing test components depend on the client’s operating environment, threat perception, security and compliance requirements, ROE, and budget. Various components need to be considered for testing while developing the scope of the project.Which of the following is NOT a pen testing component to be tested?
A. ystem Software Security
B. ntrusion Detection
C. utside Accomplices
D. nside Accomplices
View answer
Correct Answer: C
Question #34
In the context of penetration testing, what does blue teaming mean?
A. penetration test performed with the knowledge and consent of the organization's IT staff
B. t is the most expensive and most widely used
C. t may be conducted with or without warning
D. penetration test performed without the knowledge of the organization's IT staff but with permission from upper management
View answer
Correct Answer: A
Question #35
Recently, Jacob was assigned a project to test the perimeter security of one of a client. As part of the project, Jacob wants to test whether or not a particular port on the firewall is open or closed. He used the hping utility with the following syntax:#hping ?€"S ?€"c 1 ?€"p -t What response will indicate the particular port is allowed in the firewall?
A. Host Unreachable
B. TTL Exceeded
C. No Response
D. ICMP Port Unreachable
View answer
Correct Answer: C
Question #36
Which one of the following scans starts, but does not complete the TCP handshake sequence for each port selected, and it works well for direct scanning and often works well through firewalls?
A. YN Scan
B. onnect() scan
C. MAS Scan
D. ull Scan
View answer
Correct Answer: A
Question #37
Identify the policy that defines the standards for the organizational network connectivity and security standards for computers that are connected in the organizational network.
A. Information-Protection Policy
B. Special-AccessPolicy
C. Remote-Access Policy
D. Acceptable-Use Policy
View answer
Correct Answer: C
Question #38
A hacker initiates so many invalid requests to a cloud network host that the host uses all its resources responding to invalid requests and ignores the legitimate requests.Identify the type of attack -
A. enial of Service (DoS) attacks
B. ide Channel attacks
C. an-in-the-middle cryptographic attacks
D. uthentication attacks
View answer
Correct Answer: A
Question #39
Transmission control protocol accepts data from a data stream, divides it into chunks, and adds a TCP header creating a TCP segment.The TCP header is the first 24 bytes of a TCP segment that contains the parameters and state of an end-to-end TCP socket. It is used to track the state of communication between two TCP endpoints.For a connection to be established or initialized, the two hosts must synchronize. The synchronization requires each side to send its own initial sequence number and to receive a confir
A. 6 bits
B. 2 bits
C. bits
D. 4 bits
View answer
Correct Answer: B
Question #40
HTTP protocol specifies that arbitrary binary characters can be passed within the URL by using %xx notation, where 'xx' is the
A. SCII value of the character
B. inary value of the character
C. ecimal value of the character
D. ex value of the character
View answer
Correct Answer: D
Question #41
The objective of this act was to protect consumers personal financial information held by financial institutions and their service providers.
A. IPAA
B. arbanes-Oxley 2002
C. ramm-Leach-Bliley Act
D. alifornia SB 1386a
View answer
Correct Answer: C
Question #42
Which one of the following is a command line tool used for capturing data from the live network and copying those packets to a file?
A. ireshark: Capinfos
B. ireshark: Tcpdump
C. ireshark: Text2pcap
D. ireshark: Dumpcap
View answer
Correct Answer: D
Question #43
Passwords protect computer resources and files from unauthorized access by malicious users. Using passwords is the most capable and effective way to protect information and to increase the security level of a company.Password cracking is the process of recovering passwords from data that have been stored in or transmitted by a computer system to gain unauthorized access to a system.Which of the following password cracking attacks tries every combination of characters until the password is broken?
A. rute-force attack
B. ule-based attack
C. ybrid attack
D. ictionary attack
View answer
Correct Answer: A
Question #44
When you are running a vulnerability scan on a network and the IDS cuts off your connection, what type of IDS is being used?
A. NIPS
B. Passive IDS
C. Progressive IDS
D. Active IDS
View answer
Correct Answer: D
Question #45
Which one of the following log analysis tools is a Cisco Router Log Format log analyzer and it parses logs, imports them into a SQL database (or its own built-in database), aggregates them, and generates the dynamically filtered reports, all through a web interface?
A. Event Log Tracker
B. Sawmill
C. Syslog Manager
D. Event Log Explorer
View answer
Correct Answer: B
Question #46
Identify the person who will lead the penetration-testing project and be the client point of contact.
A. atabase Penetration Tester
B. olicy Penetration Tester
C. hief Penetration Tester
D. pplication Penetration Tester
View answer
Correct Answer: C
Question #47
Security auditors determine the use of WAPs on their networks with Nessus vulnerability scanner which identifies the commonly used WAPs. One of the plug-ins that the Nessus Vulnerability Scanner uses is ID #11026 and is named “Access Point Detection”. This plug-in uses four techniques to identify the presence of a WAP. Which one of the following techniques is mostly used for uploading new firmware images while upgrading the WAP device?
A. MAP TCP/IP fingerprinting
B. TTP fingerprinting
C. TP fingerprinting
D. NMP fingerprinting
View answer
Correct Answer: C
Question #48
In which of the following firewalls are the incoming or outgoing packets blocked from accessing services for which there is no proxy?
A. ircuit level firewalls
B. acket filters firewalls
C. tateful multilayer inspection firewalls
D. pplication level firewalls
View answer
Correct Answer: D
Question #49
A framework for security analysis is composed of a set of instructions, assumptions, and limitations to analyze and solve security concerns and develop threat free applications.Which of the following frameworks helps an organization in the evaluation of the company’s information security with that of the industrial standards?
A. icrosoft Internet Security Framework
B. nformation System Security Assessment Framework
C. he IBM Security Framework
D. ortell’s Unified Security Framework
View answer
Correct Answer: B
Question #50
Which of the following is not a characteristic of a firewall?
A. anages public access to private networked resources
B. outes packets between the networks
C. xamines all traffic routed between the two networks to see if it meets certain criteria
D. ilters only inbound traffic but not outbound traffic
View answer
Correct Answer: D
Question #51
Paul's company is in the process of undergoing a complete security audit including logical and physical security testing. After all logical tests were performed; it is now time for the physical round to begin. None of the employees are made aware of this round of testing.The security-auditing firm sends in a technician dressed as an electrician. He waits outside in the lobby for some employees to get to work and follows behind them when they access the restricted areas. After entering the main office, he is
A. Fuzzing
B. Tailgating
C. Man trap attack
D. Backtrapping
View answer
Correct Answer: B
Question #52
From where can clues about the underlying application environment can be collected?
A. rom the extension of the file
B. rom executable file
C. rom file types and directories
D. rom source code
View answer
Correct Answer: A
Question #53
Which of the following password hashing algorithms is used in the NTLMv2 authentication mechanism?
A. ES
B. ES (ECB mode)
C. D5
D. C5
View answer
Correct Answer: C
Question #54
Fuzz testing or fuzzing is a software/application testing technique used to discover coding errors and security loopholes in software, operating systems, or networks by inputting massive amounts of random data, called fuzz, to the system in an attempt to make it crash.Fuzzers work best for problems that can cause a program to crash, such as buffer overflow, cross-site scripting, denial of service attacks, format bugs, and SQL injection.Fuzzer helps to generate and submit a large number of inputs supplied to
A. Clever Fuzz Testing
B. Dumb Fuzz Testing
C. Complete Fuzz Testing
D. Smart Fuzz Testing
View answer
Correct Answer: D
Question #55
Rules of Engagement (ROE) document provides certain rights and restriction to the test team for performing the test and helps testers to overcome legal, federal, and policy-related restrictions to use different penetration testing tools and techniques.What is the last step in preparing a Rules of Engagement (ROE) document?
A. onduct a brainstorming session with top management and technical teams
B. ecide the desired depth for penetration testing
C. onduct a brainstorming session with top management and technical teams
D. ave pre-contract discussions with different pen-testers
View answer
Correct Answer: C
Question #56
Software firewalls work at which layer of the OSI model?
A. Transport
B. Application
C. Network
D. Data Link
View answer
Correct Answer: D
Question #57
If a web application sends HTTP cookies as its method for transmitting session tokens, it may be vulnerable which of the following attacks?
A. arameter tampering Attack
B. ql injection attack
C. ession Hijacking
D. ross-site request attack
View answer
Correct Answer: D
Question #58
The Internet is a giant database where people store some of their most private information on the cloud, trusting that the service provider can keep it all safe. Trojans, Viruses, DoS attacks, website defacement, lost computers, accidental publishing, and more have all been sources of major leaks over the last 15 years.What is the biggest source of data leaks in organizations today?
A. eak passwords and lack of identity management
B. nsufficient IT security budget
C. ogue employees and insider attacks
D. ulnerabilities, risks, and threats facing Web sites
View answer
Correct Answer: C
Question #59
Adam is an IT administrator for Syncan Ltd. He is designated to perform various IT tasks like setting up new user accounts, managing backup/restores, security authentications and passwords, etc. Whilst performing his tasks, he was asked to employ the latest and most secure authentication protocol to encrypt the passwords of users that are stored in the Microsoft Windows OS-based systems.Which of the following authentication protocols should Adam employ in order to achieve the objective?
A. ANMAN
B. erberos
C. TLM
D. TLMv2
View answer
Correct Answer: C
Question #60
You have compromised a lower-level administrator account on an Active Directory network of a small company in Dallas, Texas. You discover Domain Controllers through enumeration. You connect to one of the Domain Controllers on port 389 using Idp.exe.What are you trying to accomplish here?
A. oison the DNS records with false records
B. numerate MX and A records from DNS
C. stablish a remote connection to the Domain Controller
D. numerate domain user accounts and built-in groups
View answer
Correct Answer: D
Question #61
Wireshark is a network analyzer. It reads packets from the network, decodes them, and presents them in an easy-to- understand format. Which one of the following is the command-line version of Wireshark, which can be used to capture the live packets from the wire or to read the saved capture files?
A. cpdump
B. apinfos
C. shark
D. dl2wrs
View answer
Correct Answer: B
Question #62
Which one of the following acts related to the information security in the US fix the responsibility of management for establishing and maintaining an adequate internal control structure and procedures for financial reporting?
A. California SB 1386
B. Sarbanes-Oxley 2002
C. Gramm-Leach-Bliley Act (GLBA)
D. USA Patriot Act 2001
View answer
Correct Answer: B
Question #63
Which one of the following is false about Wireshark? (Select all that apply)
A. ireshark offers some options to analyze the WEP-decrypted data
B. t does not support decrypting the TKIP or CCMP packets
C. n order for Wireshark to decrypt the contents of the WEP-encrypted packets, it must be given the appropriate WEP key for the network
D. acket Sniffer Mode
View answer
Correct Answer: A
Question #64
William, a penetration tester in a pen test firm, was asked to get the information about the SMTP server on a target network.What does William need to do to get the SMTP server information?
A. Send an email message to a non-existing user of the target organization and check for bounced mail header
B. Examine the session variables
C. Examine TCP sequence numbers
D. Look for information available in web page source code
View answer
Correct Answer: A
Question #65
Identify the port numbers used by POP3 and POP3S protocols.
A. 13 and 981
B. 11 and 982
C. 10 and 995
D. 09 and 973
View answer
Correct Answer: C
Question #66
What operating system would respond to the following command?
A. ac OS X
B. indows XP
C. indows 95
D. reeBSD
View answer
Correct Answer: D
Question #67
Windows stores user passwords in the Security Accounts Manager database (SAM), or in the Active Directory database in domains. Passwords are never stored in clear text; passwords are hashed and the results are stored in the SAM.NTLM and LM authentication protocols are used to securely store a user's password in theSAM database using different hashing methods.
A. c:\windows\system32\config\SAM
B. c:\windows\system32\drivers\SAM
C. c:\windows\system32\Setup\SAM
D. c:\windows\system32\Boot\SAM
View answer
Correct Answer: A
Question #68
In the process of hacking a web application, attackers manipulate the HTTP requests to subvert the application authorization schemes by modifying input fields that relate to the user ID, username, access group, cost, file names, file identifiers, etc.They first access the web application using a low privileged account and then escalate privileges to access protected resources. What attack has been carried out?
A. Path Injection Attack
B. uthorization Attack
C. uthentication Attack
D. rame Injection Attack
View answer
Correct Answer: B
Question #69
Which one of the following acts makes reputational risk of poor security a reality because it requires public disclosure of any security breach that involves personal information if it is unencrypted or if it is reasonably believed that the information has been acquired by an unauthorized person?
A. alifornia SB 1386
B. arbanes-Oxley 2002
C. ramm-Leach-Bliley Act (GLBA)
D. SA Patriot Act 2001
View answer
Correct Answer: A
Question #70
Traffic on which port is unusual for both the TCP and UDP ports?
A. ort 81
B. ort 443
C. ort 0
D. ort 21
View answer
Correct Answer: C
Question #71
Terri works for a security consulting firm that is currently performing a penetration test onFirst National Bank in Tokyo. Terri's duties include bypassing firewalls and switches to gain access to the network. Terri sends an IP packet to one of the company's switches withACK bit and the source address of her machine set. What is Terri trying to accomplish by sending this IP packet?
A. Enable tunneling feature on the switch
B. Trick the switch into thinking it already has a session with Terri's computer
C. Crash the switch with a DoS attack since switches cannot send ACK bits
D. Poison the switch's MAC address table by flooding it with ACK bits
View answer
Correct Answer: B
Question #72
Terri works for a security consulting firm that is currently performing a penetration test onFirst National Bank in Tokyo. Terri's duties include bypassing firewalls and switches to gain access to the network. Terri sends an IP packet to one of the company's switches withACK bit and the source address of her machine set. What is Terri trying to accomplish by sending this IP packet?
A. Enable tunneling feature on the switch
B. Trick the switch into thinking it already has a session with Terri's computer
C. Crash the switch with a DoS attack since switches cannot send ACK bits
D. Poison the switch's MAC address table by flooding it with ACK bits
View answer
Correct Answer: B
Question #73
An attacker injects malicious query strings in user input fields to bypass web service authentication mechanisms and to access back-end databases. Which of the following attacks is this?
A. rame Injection Attack
B. DAP Injection Attack
C. Path Injection Attack
D. OAP Injection Attack
View answer
Correct Answer: D
Question #74
Attackers create secret accounts and gain illegal access to resources using backdoor while bypassing the authentication procedures. Creating a backdoor is a where an attacker obtains remote access to a computer on a network.Which of the following techniques do attackers use to create backdoors to covertly gather critical information about a target machine?
A. nternal network mapping to map the internal network of the target machine
B. ort scanning to determine what ports are open or in use on the target machine
C. niffing to monitor all the incoming and outgoing network traffic
D. ocial engineering and spear phishing attacks to install malicious programs on the target machine
View answer
Correct Answer: D
Question #75
Which of the following appendices gives detailed lists of all the technical terms used in the report?
A. equired Work Efforts
B. eferences
C. esearch
D. lossary
View answer
Correct Answer: D
Question #76
War Driving is the act of moving around a specific area, mapping the population of wireless access points for statistical purposes. These statistics are then used to raise awareness of the security problems associated with these types of networks. Which one of the following is a Linux based program that exploits the weak IV (Initialization Vector) problem documented with static WEP?
A. irsnort
B. ircrack
C. EPCrack
D. irpwn
View answer
Correct Answer: A
Question #77
On Linux/Unix based Web servers, what privilege should the daemon service be run under?
A. You cannot determine what privilege runs the daemon service
B. Guest
C. Root
D. Something other than root
View answer
Correct Answer: D
Question #78
Which of the following policies states that the relevant application owner must authorize requests for additional access to specific business applications in writing to the IT Department/resource?
A. pecial-Access Policy
B. ser Identification and Password Policy
C. ersonal Computer Acceptable Use Policy
D. ser-Account Policy
View answer
Correct Answer: B
Question #79
Software firewalls work at which layer of the OSI model?
A. ata Link
B. etwork
C. ransport
D. pplication
View answer
Correct Answer: A
Question #80
One needs to run "Scan Server Configuration" tool to allow a remote connection to Nessus from the remote Nessus clients. This tool allows the port and bound interface of the Nessus daemon to be configured. By default, the Nessus daemon listens to connections on which one of the following?
A. ocalhost (127
B. ocalhost (127
C. ocalhost (127
D. ocalhost (127
View answer
Correct Answer: A
Question #81
Hackers today have an ever-increasing list of weaknesses in the web application structure at their disposal, which they can exploit to accomplish a wide variety of malicious tasks.New flaws in web application security measures are constantly being researched, both by hackers and by security professionals. Most of these flaws affect all dynamic web applications whilst others are dependent on specific application technologies.In both cases, one may observe how the evolution and refinement of web technologies
A. QL Injection Attacks
B. ervice Level Configuration Attacks
C. nside Attacks
D. RL Tampering Attacks
View answer
Correct Answer: A
Question #82
George is the network administrator of a large Internet company on the west coast. Per corporate policy, none of the employees in the company are allowed to use FTP or SFTP programs without obtaining approval from the IT department.Few managers are using SFTP program on their computers.Before talking to his boss, George wants to have some proof of their activity. George wants to use Ethereal to monitor network traffic, but only SFTP traffic to and from his network. What filter should George use in Ethereal?
A. et port 22
B. dp port 22 and host 172
C. rc port 22 and dst port 22
D. rc port 23 and dst port 23
View answer
Correct Answer: C
Question #83
Timing is an element of port-scanning that can catch one unaware. If scans are taking too long to complete or obvious ports are missing from the scan, various time parameters may need to be adjusted. Which one of the following scanned timing options in NMAP's scan is useful across slow WAN links or to hide the scan?
A. aranoid
B. neaky
C. olite
D. ormal
View answer
Correct Answer: C
Question #84
Which of the following attacks is an offline attack?
A. re-Computed Hashes
B. ash Injection Attack
C. assword Guessing
D. umpster Diving
View answer
Correct Answer: A
Question #85
Which one of the following Snort logger mode commands is associated to run a binary log file through Snort in sniffermode to dump the packets to the screen?
A.
B.
C.
D.
View answer
Correct Answer: C
Question #86
An automated electronic mail message from a mail system which indicates that the user does not exist on that server is called as?
A. MTP Queue Bouncing
B. MTP Message Bouncing
C. MTP Server Bouncing
D. MTP Mail Bouncing
View answer
Correct Answer: D

View The Updated EC-Council Exam Questions

SPOTO Provides 100% Real EC-Council Exam Questions for You to Pass Your EC-Council Exam!

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number: