DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Unlock Success with ECSA Pracatice Questions, EC-Council Certified Security Analyst | SPOTO

Unlock Success with ECSA Practice Questions, EC-Council Certified Security Analyst | SPOTO. Elevate your preparation with our comprehensive array of resources including practice tests, exam practice materials, online exam questions, sample questions, exam dumps, and exam questions and answers. Engage with our meticulously crafted practice questions designed to enhance your understanding of key concepts and refine your skills. The EC-Council Certified Security Analyst Certification validates proficiency in the analytical phase of ethical hacking, complementing the CEH certification. ECSAs are equipped to analyze the outcomes of various hacking tools and technologies, demonstrating advanced skills in cybersecurity. Prepare effectively with our premium exam materials and increase your chances of success in passing the certification exam. Whether you're aiming to validate your expertise or advance your career, SPOTO's practice questions are tailored to support you on your journey towards certification success.
Take other online exams

Question #1
Dale is a network admin working in Zero Faults Inc. Recently the company’s network was compromised and is experiencing very unusual traffic. Dale checks for the problem that compromised the network. He performed a penetration test on the network’s IDS and identified that an attacker sent spoofed packets to a broadcast address in the network. Which of the following attacks compromised the network?
A. ARP Spoofing
B. Amplification attack
C. MAC Spoofing
D. Session hijacking
View answer
Correct Answer: D
Question #2
Russel, a penetration tester after performing the penetration testing, wants to create a report so that he can provide details of the testing process and findings of the vulnerabilities to the management. Russel employs the commonly available vulnerability scoring framework called Common Vulnerability Scoring System (CVSS) v3.0 ratings for grading the severity and risk level of identified vulnerabilities in the report. For a specific SMB-based vulnerability, Russel assigned a score of 8.7. What is the level
A. Critical
B. Low
C. Medium
D. High
View answer
Correct Answer: C
Question #3
An attacker with a malicious intention decided to hack confidential data from the target organization. For acquiring such information, he started testing IoT devices that are connected to the target network. He started monitoring the network traffic passing between the IoT devices and the network to verify whether credentials are being transmitted in clear text. Further, he also tried to crack the passwords using well-known keywords across all the interfaces. Which of the following IoT threats the attacker
A. Poor physical security
B. Poor authentication
C. Privacy concerns
D. Insecure firmware
View answer
Correct Answer: A
Question #4
ABC Technologies, a large financial company, hired a penetration tester to do physical penetration testing. On the first day of his assignment, the penetration tester goes to the company posing as a repairman and starts checking trash bins to collect the sensitive information. What is the penetration tester trying to do?
A. Trying to attempt social Engineering using phishing
B. Trying to attempt social engineering by shoulder surfingC
D. Trying to attempt social engineering by dumpster diving
View answer
Correct Answer: C
Question #5
Jeffry, a penetration tester in Repotes Solutions Pvt. Ltd., is facing a problem in testing the firewall. By consulting other penetration testers and considering other penetration testing approaches, he was able to take critical decisions on how to test the firewall; he was finally successful in testing the firewall for vulnerabilities. In which of the following sections of penetration testing report will Jeffry mention the above situation?
A. Timeline
B. Evaluation purpose
C. Assumptions
D. System description
View answer
Correct Answer: A
Question #6
An organization hosted a website to provide services to its customers. A visitor of this website has reported a complaint to the organization that they are getting an error message with code 502 when they are trying to access the website. This issue was forwarded to the IT department in the organization. The IT department identified the reason behind the error and started resolving the issue by checking whether the server is overloaded, whether the name resolution is working properly, whether the firewall i
A. Bad request
B. Forbidden
C. Internal errorD
View answer
Correct Answer: C
Question #7
During scanning of a test network, Paul sends TCP probe packets with the ACK flag set to a remote device and then analyzes the header information (TTL and WINDOW field) of the received RST packets to find whether the port is open or closed. Analyze the scanning result below and identify the open port.
A. Port 22
B. Port 23
C. Port 21
D. Port 20
View answer
Correct Answer: C
Question #8
Allen and Greg, after investing in their startup company called Zamtac Ltd., developed a new web application for their company. Before hosting the application, they want to test the robustness and immunity of the developed web application against attacks like buffer overflow, DOS, XSS, and SQL injection. What is the type of the web application security test Allen and Greg should perform?
A. Web fuzzing
B. Web crawling
C. Web spidering
D. Web mirroring
View answer
Correct Answer: B
Question #9
George, a reputed ethical hacker and penetration testing consultant, was hired by FNB Services, a startup financial services company, to audit the security of their web applications. During his investigation, George discovered that the company’s website is vulnerable to blind SQL injection attacks. George entered a custom SQL query in a form located on the vulnerable page which resulted in a back-end SQL query similar to the one given below: http://fnb.com/forms/?id=1+AND+555=if(ord(mid((select+pass from+us
A. George is searching for the first character of all the table entries
B. George is searching for the second character of the first table entry
C. George is searching for the first character of the second table entry
D. George is searching for the first character of the first table entry
View answer
Correct Answer: C
Question #10
Which of the following statements highlights the difference between a vulnerability assessment and a penetration test?
A. A vulnerability assessment identifies and ranks the vulnerabilities, and a penetration test exploits the identified vulnerabilities for validation and to determine impact
B. A vulnerability assessment focuses on low severity vulnerabilities and pen testing focuses on high severity vulnerabilities
C. A vulnerability assessment requires only automated tools to discover the vulnerabilities whereas pen testing also involves manual discovery of vulnerabilities
D. A vulnerability assessment is performed only on software components of an information system, whereas pen testing is performed on all hardware and software components of the system
View answer
Correct Answer: B
Question #11
What is the objective of the following bash script?
A. It gives a list of IP addresses that have an FTP port open
B. It tries to connect to FTP port on a target machine
C. It checks if a target host has the FTP port open and quits
D. It checks if an FTP port on a target machine is vulnerable to arracks
View answer
Correct Answer: D
Question #12
Adam found a pen drive in his company’s parking lot. He connected it to his system to check the content. On the next day, he found that someone has logged into his company email account and sent some emails. What type of social engineering attack has Adam encountered?
A. Media Dropping
B. Phishing
C. Eaves Dropping
D. Dumpster Diving
View answer
Correct Answer: A
Question #13
James, a research scholar, received an email informing that someone is trying to access his Google account from an unknown device. When he opened his email message, it looked like a standard Google notification instructing him to click the link below to take further steps. This link was redirected to a malicious webpage where he was tricked to provide Google account credentials. James observed that the URL began with www.translate.google.com giving a legitimate appearance. In the above scenario, identify th
A. SMiShing
B. Dumpster diving
C. Phishing
D. Vishing
View answer
Correct Answer: D
Question #14
An employee is trying to access the internal website of his company. When he opened a webpage, he received an error message notifying “Proxy Authentication Required.” He approached the IT department in the company and reported the issue. The IT staff explained him that this is an HTTP error indicating that the server is unable to process the request due to lack of appropriate client’s authentication credentials for a proxy server that is processing the requests between the clients and the server. Identify t
A. 415
B. 417
C. 407
D. 404
View answer
Correct Answer: B
Question #15
Arrange the WEP cracking process in the correct order: I. aireplay-ng -1 0 -e SECRET_SSID -a 1e:64:51:3b:ff:3e -h a7:71:fe:8e:d8:25 eth1 II. aircrack-ng -s capture.ivs III. airmon-ng start eth1 IV. airodump-ng --ivs --write capture eth1 V. aireplay-ng -3 -b 1e:64:51:3b:ff:3e -h a7:71:fe:8e:d8:25 eth1
A. IV-->I-->V-->III-->II
B. III-->IV-->V-->II-->I
C. III-->IV-->I-->V-->II
D. IV-->I-->V-->III-->II
View answer
Correct Answer: A
Question #16
Recently, Jacob was assigned a project to test the perimeter security of one of a client. As part of the project, Jacob wants to test whether or not a particular port on the firewall is open or closed. He used the hping utility with the following syntax: #hping –S –c 1 –p -t What response will indicate the particular port is allowed in the firewall?
A. Host Unreachable
B. TTL Exceeded
C. No Response
D. ICMP Port Unreachable
View answer
Correct Answer: B
Question #17
Lee has established a new startup where they develop android applications. In order to meet memory requirements of the company, Lee has hired a Cloud Service Provider, who offered memory space along with virtual systems. Lee was dissatisfied with their service and wanted to move to another CSP, but was denied as a part of the contract, which reads that the user cannot switch to another CSP. What is this condition called?
A. Virtualization
B. Lock-in
C. Resource Isolation
D. Lock-up
View answer
Correct Answer: D
Question #18
Sam is a penetration tester and network admin at McLaren & McLaren, based out of Washington. The company has recently deployed IPv6 in their network. Sam found problems with the protocol implementation and tried to redeploy IPv6 over IPv4. This time, he used the tunneling mechanism while deploying the IPv6 network. How does the tunneling mechanism work?
A. It encapsulates IPv6 packets in IPv4 packets
B. It transfers IPv4 first and the IPv6
C. It splits the IPv4 packets and provides a way to IPv6
D. It replaces IPv4 with IPv6
View answer
Correct Answer: A
Question #19
George, an ex-employee of Netabb Ltd. with bruised feelings due to his layoff, tries to take revenge against the company. He randomly tried several attacks against the organization. As some of the employees used weak passwords to their user accounts, George was successful in cracking the user accounts of several employees with the help of a common passwords file. What type of password cracking attack did George perform?
A. Hybrid attack
B. Dictionary attack
C. Brute forcing attack
D. Birthday attack
View answer
Correct Answer: A
Question #20
Rebecca works as a Penetration Tester in a security service firm named Xsecurity. Rebecca placed a sniffer on a subnet residing deep inside the client’s network. She used the Firewalk tool to test the security of the company’s network firewall. After the test, when Rebecca checked the sniffer logs, she was unable to see any traffic produced by the Firewalk tool. What is the reason for this?
A. Rebecca does not see any of the Firewalk traffic because it sets all packets with a TTL of one
B. Network sniffers cannot detect Firewalk so that is why none of the traffic appears
C. Firewalk cannot pass through firewalls
D. She cannot see the traffic because Firewalk sets all packets with a TTL of zero
View answer
Correct Answer: C

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number: