ECSAV10 Online Practice Questions and Answers
Edward is a penetration tester hired by the OBC Group. He was asked to gather information on the client's
network. As part of the work assigned, Edward needs to find the range of IP addresses and the subnet
mask used by the target organization.
What does Edward need to do to get the required information?
A. Search for web pages posting patterns and revision numbers
B. Search for an appropriate Regional Internet Registry (RIR)
C. Search for link popularity of the company's website
D. Search for Trade Association Directories
What is the purpose of the Traceroute command?
A. For extracting information about the network topology, trusted routers, and firewall locations
B. For extracting information about closed ports
C. For extracting information about the server functioning
D. For extracting information about opened ports
Dale is a network admin working in Zero Faults Inc. Recently the company's network was compromised and is experiencing very unusual traffic. Dale checks for the problem that compromised the network. He performed a penetration test on the network's IDS and identified that an attacker sent spoofed packets to a broadcast address in the network. Which of the following attacks compromised the network?
A. ARP Spoofing
B. Amplification attack
C. MAC Spoofing
D. Session hijacking
WallSec Inc. has faced several network security issues in the past and hired Williamson, a professional pentester, to audit its information systems. Before starting his work, Williamson, with the help of his legal advisor, signed an agreement with his client. This agreement states that confidential information of the client should not be revealed outside of the engagement. What is the name of the agreement that Williamson and his client signed?
A. Non-disclosure agreement
B. TPOC agreement
C. Engagement letter
D. Authorization letter
StarMotel is a prominent chain of hotels in the world that uses high-tech solutions to ease the stay of their guests. In those high-tech solutions, they deployed RFID cards using which a guest can get access to the allocated hotel room. Keeping an eye on the RFID technology and with an objective of exploiting it, John, a professional hacker, decided to hack it in order to obtain access to any room in the target hotel. In this process, he first pulled an RFID keycard from the trash of the target hotel and identified the master keycard
code in several tries using an RFID card reading and writing tool. Then, he created its clone using a new
RFID card that gave him free reign to roam in any hotel room in the building.
Identify the RFID attack John has performed on the target hotel?
A. RFID spoofing attack
B. Reverse engineering attack
C. RFID replay attack
D. Power analysis attack
You just passed your ECSA exam and are about to start your first consulting job running security audits for a financial institution in Los Angeles. The IT manager of the company you will be working for tries to see if you remember your ECSA class. He asks about the methodology you will be using to test the company's network. How would you answer?
A. IBM Methodology
B. LPT Methodology
C. Google Methodology
D. Microsoft Methodology
What is the target host IP in the following command?
C:\> firewalk -F 80 10.10.150.1 172.16.28.95 -p UDP
A. Firewalk does not scan target hosts
B. 172.16.28.95
C. This command is using FIN packets, which cannot scan target hosts
D. 10.10.150.1
Firewall and DMZ architectures are characterized according to its design. Which one of the following architectures is used when routers have better high-bandwidth data stream handling capacity?
A. Weak Screened Subnet Architecture
B. "Inside Versus Outside" Architecture
C. "Three-Homed Firewall" DMZ Architecture
D. Strong Screened-Subnet Architecture
Which one of the following is a command line tool used for capturing data from the live network and copying those packets to a file?
A. Wireshark: Capinfos
B. Wireshark: Tcpdump
C. Wireshark: Text2pcap
D. Wireshark: Dumpcap
Which one of the following acts related to the information security in the US fix the responsibility of management for establishing and maintaining an adequate internal control structure and procedures for financial reporting?
A. California SB 1386
B. Sarbanes-Oxley 2002
C. Gramm-Leach-Bliley Act (GLBA)
D. USA Patriot Act 2001
What Makes leads4pass.com Differ From Others?
There are tens of thousands of certification exam dumps provided on the internet. To keep the exam dumps valid, the exam questions latest and the exam answers accurate should be the first aim. Also, to make the exam PDF and exam VCE simulator easy to use is very important. Besides, leads4pass.com has 100% pass guarantee policy. Free exam demo is available. Customer support team is ready to help at any time when required.
All rights are reserved by leads4pass.com. Any changes, copy or trademarks abuse will be regarded as infringement. leads4pass.com will reserve the right to pursue accountability.
Copyright © 2004-2025 leads4pass.com.