Download EC-Council Certified Security Analyst.ECSAv10.ActualTests.2019-08-27.68q.vcex

Vendor: ECCouncil
Exam Code: ECSAv10
Exam Name: EC-Council Certified Security Analyst
Date: Aug 27, 2019
File Size: 802 KB

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Demo Questions

Question 1
Peter, a disgruntled ex-employee of Zapmaky Solutions Ltd., is trying to jeopardize the company’s website http://zapmaky.com. He conducted the port scan of the website by using the Nmap tool to extract the information about open ports and their corresponding services. While performing the scan, he recognized that some of his requests are being blocked by the firewall deployed by the IT personnel of Zapmaky and he wants to bypass the same. For evading the firewall, he wanted to employ the stealth scanning technique which is an incomplete TCP three-way handshake method that can effectively bypass the firewall rules and logging mechanisms. 
Which if the following Nmap commands should Peter execute to perform stealth scanning?
  1. nmap -sT -v zapmaky.com
  2. nmap -T4 -A -v zapmaky.com
  3. nmap -sX -T4 -A -v zapmaky.com
  4. nmap -sN -A zapmaky.com
Correct answer: A
Question 2
Richard, a penetration tester was asked to assess a web application. During the assessment, he discovered a file upload field where users can upload their profile pictures. While scanning the page for vulnerabilities, Richard found a file upload exploit on the website. Richard wants to test the web application by uploading a malicious PHP shell, but the web page denied the file upload. Trying to get around the security, Richard added the ‘jpg’ extension to the end of the file. The new file name ended with ‘.php.jpg’. He then used the Burp suite tool and removed the ‘jpg’’ extension from the request while uploading the file. This enabled him to successfully upload the PHP shell. 
Which of the following techniques has Richard implemented to upload the PHP shell?
  1. Session stealing
  2. Cookie tampering 
  3. Cross site scripting
  4. Parameter tampering
Correct answer: D
Question 3
An organization has deployed a web application that uses encoding technique before transmitting the data over the Internet. This encoding technique helps the organization to hide the confidential data such as user credentials, email attachments, etc. when in transit. This encoding technique takes 3 bytes of binary data and divides it into four chunks of 6 bits. Each chunk is further encoded into respective printable character. 
Identify the encoding technique employed by the organization?
  1. Unicode encoding
  2. Base64 encoding
  3. URL encoding
  4. HTMS encoding
Correct answer: B
Question 4
During an internal network audit, you are asked to see if there is any RPC server running on the network and if found, enumerate the associate RPC services. 
Which port would you scan to determine the RPC server and which command will you use to enumerate the RPC services?
  1. Port 111, rpcinfo
  2. Port 111, rpcenum
  3. Port 145, rpcinfo
  4. Port 145, rpcenum
Correct answer: A
Question 5
The penetration testing team of MirTech Inc. identified the presence of various vulnerabilities in the web application coding. They prepared a detailed report addressing to the web developers regarding the findings. In the report, the penetration testing team advised the web developers to avoid the use of dangerous standard library functions. They also informed the web developers that the web application copies the data without checking whether it fits into the target destination memory and is susceptible in supplying the application with large amount of data. 
According to the findings by the penetration testing team, which type of attack was possible on the web application?
  1. Buffer overflow
  2. SQL injection
  3. Cross-site scripting
  4. Denial-of-service
Correct answer: A
Question 6
You have just completed a database security audit and writing the draft pen testing report. 
Which of the following will you include in the recommendation section to enhance the security of the database server?
  1. Allow direct catalog updates
  2. Install SQL Server on a domain controller
  3. Install a certificate to enable SSL connections
  4. Grant permissions to the public database role
Correct answer: C
Explanation:
Question 7
George, a freelance Security Auditor and Penetration Tester, was working on a pen testing assignment for Xsecurity. George is an ESCA certified professional and was following the LPT methodology in performing a comprehensive security assessment of the company. After the initial reconnaissance, scanning and enumeration phases, he successfully recovered a user password and was able to log on to a Linux machine located on the network. He was also able to access the /etc/passwd file; however, the passwords were stored as a single “x” character. 
What will George do to recover the actual encrypted passwords?
  1. George will perform sniffing to capture the actual passwords
  2. George will perform replay attack to collect the actual passwords
  3. George will escalate his privilege to root level and look for /etc/shadow file
  4. George will perform a password attack using the pre-computed hashes also known as a rainbow attack
Correct answer: C
Question 8
An attacker targeted to attack network switches of an organization to steal confidential information such as network subscriber information, passwords, etc. He started transmitting data through one switch to another by creating and sending two 802.1Q tags, one for the attacking switch and the other for victim switch. By sending these frames. The attacker is fooling the victim switch into thinking that the frame is intended for it. The target switch then forwards the frame to the victim port. 
Identify the type of attack being performed by the attacker?
  1. SNMP brute forcing
  2. MAC flooding
  3. IP spoofing
  4. VLAN hopping
Correct answer: D
Question 9
Joe, an ECSA certified professional, is working on a pen testing engagement for one of his SME clients. He discovered the host file in one of the Windows machines has the following entry:
213.65.172.55 microsoft.com 
After performing a Whois lookup, Joe discovered the IP does not refer to Microsoft.com. The network admin denied modifying the host files. 
Which type of attack does this scenario present?
  1. DNS starvation
  2. DNS poisoning
  3. Phishing
  4. MAC spoofing
Correct answer: B
Question 10
The Rhythm Networks Pvt Ltd firm is a group of ethical hackers. Rhythm Networks was asked by their client Zombie to identify how the attacker penetrated their firewall. Rhythm discovered the attacker modified the addressing information of the IP packet header and the source address bits field to bypass the firewall. 
What type of firewall bypassing technique was used by the attacker?
  1. Source routing
  2. Proxy Server
  3. HTTP Tunneling
  4. Anonymous Website Surfing Sites
Correct answer: C
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!