[Free] 2018(Jan) EnsurePass Testking ECCouncil ECSAv8 Dumps with VCE and PDF 11-20

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released ECSAv8
100% Free Download! 100% Pass Guaranteed!

EC-Council Certified Security Analyst (ECSA)

Question No: 11

Which of the following approaches to vulnerability assessment relies on the administrator providing baseline of system configuration and then scanning continuously without incorporating any information found at the time of scanning?

Ensurepass 2018 PDF and VCE

  1. Service-based Assessment Solutions

  2. Product-based Assessment Solutions

  3. Tree-based Assessment

  4. Inference-based Assessment

Answer: C

Reference: http://www.netsense.info/downloads/security_wp_mva.pdf (page 12, tree-based

assessment technology, second para)

Question No: 12

Which of the following password cracking techniques is used when the attacker has some information about the password?

  1. Hybrid Attack

  2. Dictionary Attack

  3. Syllable Attack

  4. Rule-based Attack

Answer: D

Reference: System/Computer Forensics; H ard Disk and Operating Systems/CHAPTER 7 Application Pass word Crackers.pdf (page 4, rule-based attack)

Question No: 13

Information gathering is performed to:

  1. Collect basic information about the target company and its network

  2. Determine the operating system used, platforms running, web server versions, etc.

  3. Find vulnerabilities and exploits

Ensurepass 2018 PDF and VCE

Which of the following pen testing tests yields information about a company’s technology infrastructure?

  1. Searching for web page posting patterns

  2. Analyzing the link popularity of the company’s website

  3. Searching for trade association directories

  4. Searching for a company’s job postings

Answer: D

Question No: 14

Which of the following shields Internet users from artificial DNS data, such as a deceptive or mischievous address instead of the genuine address that was requested?


  2. Firewall

  3. Packet filtering

  4. IPSec

Answer: A

Reference: http://tools.ietf.org/html/draft-osterweil-dane-ipsec-01 (abstract, first para)

Question No: 15

A directory traversal (or path traversal) consists in exploiting insufficient security validation/sanitization of user-supplied input file names, so that characters representing quot;traverse to parent directoryquot; are passed through to the file APIs.

The goal of this attack is to order an application to access a computer file that is not intended to be accessible. This attack exploits a lack of security (the software is acting exactly as it is supposed to) as opposed to exploiting a bug in the code.

Ensurepass 2018 PDF and VCE

To perform a directory traversal attack, which sequence does a pen tester need to follow to manipulate variables of reference files?

  1. dot-dot-slash (../) sequence

  2. Denial-of-Service sequence

  3. Brute force sequence

  4. SQL Injection sequence

Answer: A

Reference: https://www.cs.ucsb.edu/~vigna/publications/2010_doupe_cova_vigna_dimva10.pdf (pae 7, directory traversal)

Question No: 16

Which one of the following scans starts, but does not complete the TCP handshake sequence for each port selected, and it works well for direct scanning and often works well through firewalls?

  1. SYN Scan

  2. Connect() scan

  3. XMAS Scan

  4. Null Scan

Answer: A

Question No: 17

You work as an IT security auditor hired by a law firm in Boston. You have been assigned the responsibility to audit the client for security risks. When assessing the risk to the clients network, what step should you take first?

  1. Analyzing, categorizing and prioritizing resources

  2. Evaluating the existing perimeter and internal security

  3. Checking for a written security policy

  4. Analyzing the use of existing management and control architecture

Answer: C

Question No: 18

Internet Control Message Protocol (ICMP) messages occur in many situations, such as whenever a datagram cannot reach the destination or the gateway does not have the buffering capacity to forward a datagram. Each ICMP message contains three fields: type, code, and checksum. Different types of Internet Control Message Protocols (ICMPs) are identified by a type and code field.

Ensurepass 2018 PDF and VCE

Which of the following ICMP messages will be generated if the destination port is not reachable?

  1. ICMP Type 11 code 1

  2. ICMP Type 5 code 3

  3. ICMP Type 3 code 2

  4. ICMP Type 3 code 3

Answer: D

Question No: 19

Which one of the following log analysis tools is used for analyzing the server’s log files?

  1. Performance Analysis of Logs tool

  2. Network Sniffer Interface Test tool

  3. Ka Log Analyzer tool

  4. Event Log Tracker tool

Answer: C

Question No: 20

Transmission control protocol accepts data from a data stream, divides it into chunks, and adds a TCP header creating a TCP segment.

The TCP header is the first 24 bytes of a TCP segment that contains the parameters and state of an end-to-end TCP socket. It is used to track the state of communication between two TCP endpoints.

For a connection to be established or initialized, the two hosts must synchronize. The synchronization requires each side to send its own initial sequence number and to receive a confirmation of exchange in an acknowledgment (ACK) from the other side

The below diagram shows the TCP Header format:

Ensurepass 2018 PDF and VCE

How many bits is a acknowledgement number?

  1. 16 bits

  2. 32 bits

  3. 8 bits

  4. 24 bits

Answer: B

Reference: http://en.wikipedia.org/wiki/Transmission_Control_Protocol (acknowledgement number)

100% Ensurepass Free Download!
Download Free Demo:ECSAv8 Demo PDF
100% Ensurepass Free Guaranteed!
ECSAv8 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No