EC-Council ECSAv10 Free Practice Questions

NEW QUESTION 1
HTTP protocol specifies that arbitrary binary characters can be passed within the URL by using %xx notation, where 'xx' is the

• A. ASCII value of the character
• B. Binary value of the character
• C. Decimal value of the character
• D. Hex value of the character

Answer: D

NEW QUESTION 2
You are running through a series of tests on your network to check for any security vulnerabilities. After normal working hours, you initiate a DoS attack against your external firewall. The firewall quickly freezes up and becomes unusable.
You then initiate an FTP connection from an external IP into your internal network. The connection is successful even though you have FTP blocked at the external firewall. What has happened?

• A. The firewall failed-open
• B. The firewall failed-bypass
• C. The firewall failed-closed
• D. The firewall ACL has been purged

Answer: A

NEW QUESTION 3
Which of the following approaches to vulnerability assessment relies on the administrator providing baseline of system configuration and then scanning continuously without incorporating any information found at the time of scanning?

• A. Service-based Assessment Solutions
• B. Product-based Assessment Solutions
• C. Tree-based Assessment
• D. Inference-based Assessment

Answer: C

NEW QUESTION 4
What is a good security method to prevent unauthorized users from "tailgating"?

• A. Electronic key systems
• B. Man trap
• C. Pick-resistant locks
• D. Electronic combination locks

Answer: B

NEW QUESTION 5
The objective of social engineering pen testing is to test the strength of human factors in a security chain within the organization. It is often used to raise the level of security awareness among employees.

The tester should demonstrate extreme care and professionalism during a social engineering pen test as it might involve legal issues such as violation of privacy and may result in an embarrassing situation for the organization.
Which of the following methods of attempting social engineering is associated with bribing, handing out gifts, and becoming involved in a personal relationship to befriend someone inside the company?

• A. Accomplice social engineering technique
• B. Identity theft
• C. Dumpster diving
• D. Phishing social engineering technique

Answer: A

NEW QUESTION 6
Which of the following statements is true about Multi-Layer Intrusion Detection Systems (mIDSs)?

• A. Decreases consumed employee time and increases system uptime
• B. Increases detection and reaction time
• C. Increases response time
• D. Both Decreases consumed employee time and increases system uptime and Increases response time

Answer: A

NEW QUESTION 7
Tyler is setting up a wireless network for his business that he runs out of his home. He has followed all the directions from the ISP as well as the wireless router manual. He does not have any encryption set and the SSID is being broadcast.
On his laptop, he can pick up the wireless signal for short periods of time, but then the connection drops and the signal goes away. Eventually the wireless signal shows back up, but drops intermittently.
What could be Tyler issue with his home wireless network?

• A. 2.4 Ghz Cordless phones
• B. Satellite television
• C. CB radio
• D. Computers on his wired network

Answer: A

NEW QUESTION 8
Which one of the following 802.11 types uses either FHSS or DSSS for modulation?

• A. 802.11b
• B. 802.11a
• C. 802.11n
• D. 802.11-Legacy

Answer: D

NEW QUESTION 9
Which of the following is a framework of open standards developed by the Internet Engineering Task Force (IETF) that provides secure transmission of the sensitive data over an unprotected medium, such as the Internet?

• A. DNSSEC
• B. Netsec
• C. IKE
• D. IPsec

Answer: D

NEW QUESTION 10
What is a difference between host-based intrusion detection systems (HIDS) and network-based intrusion detection systems (NIDS)?

• A. NIDS are usually a more expensive solution to implement compared to HIDS.
• B. Attempts to install Trojans or backdoors cannot be monitored by a HIDS whereas NIDS can monitor and stop such intrusion events.
• C. NIDS are standalone hardware appliances that include network intrusion detection capabilities whereas HIDS consist of software agents installed on individual computers within the system.
• D. HIDS requires less administration and training compared to NIDS.

Answer: C

NEW QUESTION 11
Which of the following statement holds true for TCP Operation?

• A. Port numbers are used to know which application the receiving host should pass the data to
• B. Sequence numbers are used to track the number of packets lost in transmission
• C. Flow control shows the trend of a transmitting host overflowing the buffers in the receiving host
• D. Data transfer begins even before the connection is established

Answer: D

NEW QUESTION 12
What are the 6 core concepts in IT security?

• A. Server management, website domains, firewalls, IDS, IPS, and auditing
• B. Authentication, authorization, confidentiality, integrity, availability, and non-repudiation
• C. Passwords, logins, access controls, restricted domains, configurations, and tunnels
• D. Biometrics, cloud security, social engineering, DoS attack, viruses, and Trojans

Answer: B

NEW QUESTION 13
NTP protocol is used to synchronize the system clocks of computers with a remote time server or time source over a network. Which one of the following ports is used by NTP as its transport layer?

• A. TCP port 152
• B. UDP port 177
• C. UDP port 123
• D. TCP port 113

Answer: C

NEW QUESTION 14
After attending a CEH security seminar, you make a list of changes you would like to perform on your
network to increase its security. One of the first things you change is to switch the Restrict Anonymous setting from 0 to 1 on your servers. This, as you were told, would prevent anonymous users from establishing a null session on the server.
Using User info tool mentioned at the seminar, you succeed in establishing a null session with one of the servers. Why is that?

• A. Restrict Anonymous must be set to "2" for complete security
• B. Restrict Anonymous must be set to "3" for complete security
• C. There is no way to always prevent an anonymous null session from establishing
• D. Restrict Anonymous must be set to "10" for complete security

Answer: A

NEW QUESTION 15
In the process of hacking a web application, attackers manipulate the HTTP requests to subvert the application authorization schemes by modifying input fields that relate to the user ID, username, access group, cost, file names, file identifiers, etc.
They first access the web application using a low privileged account and then escalate privileges to access protected resources. What attack has been carried out?

• A. XPath Injection Attack
• B. Authorization Attack
• C. Authentication Attack
• D. Frame Injection Attack

Answer: B

NEW QUESTION 16
Simon is a former employee of Trinitron XML Inc. He feels he was wrongly terminated and wants to hack into his former company's network. Since Simon remembers some of the server names, he attempts to run the AXFR and IXFR commands using DIG.
What is Simon trying to accomplish here?

• A. Enumerate all the users in the domain
• B. Perform DNS poisoning
• C. Send DOS commands to crash the DNS servers
• D. Perform a zone transfer

Answer: D

NEW QUESTION 17
You are carrying out the last round of testing for your new website before it goes live. The website has
many dynamic pages and connects to a SQL backend that accesses your product inventory in a database. You come across a web security site that recommends inputting the following code into a search field on web pages to check for vulnerabilities:
<script>alert("This is a test.")</script>
When you type this and click on search, you receive a pop-up window that says: "This is a test."
What is the result of this test?

• A. Your website is vulnerable to web bugs
• B. Your website is vulnerable to XSS
• C. Your website is not vulnerable
• D. Your website is vulnerable to SQL injection

Answer: B

NEW QUESTION 18
Julia is a senior security analyst for Berber Consulting group. She is currently working on a contract for a small accounting firm in Florida. They have given her permission to perform social engineering attacks on the company to see if their in-house training did any good. Julia calls the main number for the accounting firm and talks to the receptionist. Julia says that she is an IT technician from the company's main office in Iowa.
She states that she needs the receptionist's network username and password to troubleshoot a problem they are having. Julia says that Bill Hammond, the CEO of the company, requested this information. After hearing the name of the CEO, the receptionist gave Julia all the information she asked for.
What principal of social engineering did Julia use?

• A. Reciprocation
• B. Friendship/Liking
• C. Social Validation
• D. Scarcity

Answer: A

NEW QUESTION 19
Which one of the following log analysis tools is used for analyzing the server’s log files?

• A. Performance Analysis of Logs tool
• B. Network Sniffer Interface Test tool
• C. Ka Log Analyzer tool
• D. Event Log Tracker tool

Answer: C

NEW QUESTION 20
An antenna is a device that is designed to transmit and receive the electromagnetic waves that are generally called radio waves. Which one of the following types of antenna is developed from waveguide technology?

• A. Leaky Wave Antennas
• B. Aperture Antennas
• C. Reflector Antenna
• D. Directional Antenna

Answer: B

NEW QUESTION 21
Which one of the following scans starts, but does not complete the TCP handshake sequence for each port selected, and it works well for direct scanning and often works well through firewalls?

• A. SYN Scan
• B. Connect() scan
• C. XMAS Scan
• D. Null Scan

Answer: A

NEW QUESTION 22
Jim performed a vulnerability analysis on his network and found no potential problems. He runs another utility that executes exploits against his system to verify the results of the vulnerability test. The second utility executes five known exploits against his network in which the vulnerability analysis said were not exploitable.
What kind of results did Jim receive from his vulnerability analysis?

• A. True negatives
• B. False negatives
• C. False positives
• D. True positives

Answer: B

NEW QUESTION 23
Which of the following is the range for assigned ports managed by the Internet Assigned Numbers Authority (IANA)?

• A. 3001-3100
• B. 5000-5099
• C. 6666-6674
• D. 0 – 1023

Answer: D

NEW QUESTION 24
Besides the policy implications of chat rooms, Internet Relay Chat (IRC) is frequented by attackers and used as a command and control mechanism. IRC normally uses which one of the following TCP ports?

• A. 6566 TCP port
• B. 6771 TCP port
• C. 6667 TCP port
• D. 6257 TCP port

Answer: C

NEW QUESTION 25
Attackers create secret accounts and gain illegal access to resources using backdoor while bypassing the authentication procedures. Creating a backdoor is a where an attacker obtains remote access to a computer on a network.

Which of the following techniques do attackers use to create backdoors to covertly gather critical information about a target machine?

• A. Internal network mapping to map the internal network of the target machine
• B. Port scanning to determine what ports are open or in use on the target machine
• C. Sniffing to monitor all the incoming and outgoing network traffic
• D. Social engineering and spear phishing attacks to install malicious programs on the target machine

Answer: D

NEW QUESTION 26
Harold is a web designer who has completed a website for ghttech.net. As part of the maintenance agreement he signed with the client, Harold is performing research online and seeing how much exposure the site has received so far. Harold navigates to google.com and types in the following search.
link:www.ghttech.net
What will this search produce?

• A. All sites that link to ghttech.net
• B. Sites that contain the code: link:www.ghttech.net
• C. All sites that ghttech.net links to
• D. All search engines that link to .net domains

Answer: A

NEW QUESTION 27
The objective of this act was to protect consumers personal financial information held by financial institutions and their service providers.

• A. HIPAA
• B. Sarbanes-Oxley 2002
• C. Gramm-Leach-Bliley Act
• D. California SB 1386a

Answer: C

NEW QUESTION 28
......