Winter Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

ECCouncil ECSAv10 - EC-Council Certified Security Analyst (ECSA) v10 : Penetration Testing

ECCouncil ECSAv10 Premium Access     Download Demo    
Page: 6 / 6
Total 201 questions

Information gathering is performed to:

i) Collect basic information about the target company and its network

ii) Determine the operating system used, platforms running, web server versions, etc.

iii) Find vulnerabilities and exploits

Which of the following pen testing tests yields information about a company’s technology infrastructure?

A.

Searching for web page posting patterns

B.

Analyzing the link popularity of the company’s website

C.

Searching for trade association directories

D.

Searching for a company’s job postings

A firewall protects networked computers from intentional hostile intrusion that could compromise confidentiality or result in data corruption or denial of service. It examines all traffic routed between the two networks to see if it meets certain criteria. If it does, it is routed between the networks, otherwise it is stopped.

Why is an appliance-based firewall is more secure than those implemented on top of the commercial operating system (Software based)?

A.

Appliance based firewalls cannot be upgraded

B.

Firewalls implemented on a hardware firewall are highly scalable

C.

Hardware appliances does not suffer from security vulnerabilities associated with the underlying operating system

D.

Operating system firewalls are highly configured

Black-box testing is a method of software testing that examines the functionality of an application (e.g. what the software does) without peering into its internal structures or workings. Black-box testing is used to detect issues in SQL statements and to detect SQL injection vulnerabilities.

Most commonly, SQL injection vulnerabilities are a result of coding vulnerabilities during the Implementation/Development phase and will likely require code changes. Pen testers need to perform this testing during the development phase to find and fix the SQL injection vulnerability.

What can a pen tester do to detect input sanitization issues?

A.

Send single quotes as the input data to catch instances where the user input is not sanitized

B.

Send double quotes as the input data to catch instances where the user input is not sanitized

C.

Send long strings of junk data, just as you would send strings to detect buffer overruns

D.

Use a right square bracket (the “]” character) as the input data to catch instances where the user input is used as part of a SQL identifier without any input sanitization

Identify the type of authentication mechanism represented below:

A.

NTLMv1

B.

NTLMv2

C.

LAN Manager Hash

D.

Kerberos

You are carrying out the last round of testing for your new website before it goes live. The website has many dynamic pages and connects to a SQL backend that accesses your product inventory in a database. You come across a web security site that recommends inputting the following code into a search field on web pages to check for vulnerabilities:

When you type this and click on search, you receive a pop-up window that says:

"This is a test."

What is the result of this test?

A.

Your website is vulnerable to web bugs

B.

Your website is vulnerable to XSS

C.

Your website is not vulnerable

D.

Your website is vulnerable to SQL injection

What does ICMP Type 3/Code 13 mean?

A.

Host Unreachable

B.

Port Unreachable

C.

Protocol Unreachable

D.

Administratively Blocked

George is the network administrator of a large Internet company on the west coast. Per corporate policy, none of the employees in the company are allowed to use FTP or SFTP programs without obtaining approval from the IT department. Few managers are using SFTP program on their computers.

Before talking to his boss, George wants to have some proof of their activity. George wants to use Ethereal to monitor network traffic, but only SFTP traffic to and from his network. What filter should George use in Ethereal?

A.

net port 22

B.

udp port 22 and host 172.16.28.1/24

C.

src port 22 and dst port 22

D.

src port 23 and dst port 23

Which one of the following log analysis tools is a Cisco Router Log Format log analyzer and it parses logs, imports them into a SQL database (or its own built-in database), aggregates them, and generates the dynamically filtered reports, all through a web interface?

A.

Event Log Tracker

B.

Sawmill

C.

Syslog Manager

D.

Event Log Explorer

Which of the following scan option is able to identify the SSL services?

A.

–sS

B.

–sV

C.

–sU

D.

–sT

John, a penetration tester from a pen test firm, was asked to collect information about the host file in a Windows system directory. Which of the following is the location of the host file in Window system directory?

A.

C:\Windows\System32\Boot

B.

C:\WINNT\system32\drivers\etc

C.

C:\WINDOWS\system32\cmd.exe

D.

C:\Windows\System32\restore