[Free] 2018(Jan) EnsurePass Testking ECCouncil ECSAv8 Dumps with VCE and PDF 51-60

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released ECSAv8
100% Free Download! 100% Pass Guaranteed!

EC-Council Certified Security Analyst (ECSA)

Question No: 51

Which of the following attributes has a LM and NTLMv1 value as 64bit 64bit 64bit and NTLMv2 value as 128 bits?

  1. Hash Key Length

  2. C/R Value Length

  3. C/R Key Length

  4. Hash Value Length

Answer: B

Reference: http://books.google.com.pk/books?id=QWQRSTnkFsQCamp;pg=SA4- PA5amp;lpg=SA4- PA5amp;dq=attributes has a LM and NTLMv1 value as 64bit + 64bit + 64bit an d NTLMv2 value as 128 bitsamp;source=blamp;ots=wJPR32BaF6amp;sig=YEt9LNfQAbm2M- c6obVggKCkQ2samp;hl=enamp;sa=Xamp;ei=scMfVMfdC8u7ygP4xYGQDgamp;ved=0CCkQ6AEwAg#v

=onepageamp;q=attributes has a LM and NTLMv1 value as 64 bit + 64bit + 64bit and NTLMv2 value as 128

bitsamp;f=false (see Table 4-1)

Question No: 52

A penetration test consists of three phases: pre-attack phase, attack phase, and post- attack phase.

Ensurepass 2018 PDF and VCE

Active reconnaissance which includes activities such as network mapping, web profiling, and perimeter mapping is a part which phase(s)?

  1. Post-attack phase

  2. Pre-attack phase and attack phase

  3. Attack phase

  4. Pre-attack phase

Answer: D

Reference: https://www.duo.uio.no/bitstream/handle/10852/34904/Shrestha- masterthesis.pdf?sequence=1 (page 28, first para)

Question No: 53

Rule of Engagement (ROE) is the formal permission to conduct a pen-test. It provides top- level guidance for conducting the penetration testing.

Various factors are considered while preparing the scope of ROE which clearly explain the limits associated with the security test.

Ensurepass 2018 PDF and VCE

Which of the following factors is NOT considered while preparing the scope of the Rules of Engagment (ROE)?

  1. A list of employees in the client organization

  2. A list of acceptable testing techniques

  3. Specific IP addresses/ranges to be tested

  4. Points of contact for the penetration testing team

Answer: A

Question No: 54

A firewall’s decision to forward or reject traffic in network filtering is dependent upon which of the following?

  1. Destination address

  2. Port numbers

  3. Source address

  4. Protocol used

Answer: D

Reference: http://www.vicomsoft.com/learning-center/firewalls/ (what does a firewall do)

Question No: 55

Which of the following statements is true about Multi-Layer Intrusion Detection Systems (mIDSs)?

  1. Decreases consumed employee time and increases system uptime

  2. Increases detection and reaction time

  3. Increases response time

  4. Both a and c

Answer: A

Reference: http://www.symantec.com/connect/articles/multi-layer-intrusion-detection- systems (economic advantages, first para)

Question No: 56

This is a group of people hired to give details of the vulnerabilities present in the system found after a penetration test. They are elite and extremely competent penetration testers and intrusion analysts. This team prepares a report on the vulnerabilities in the system, attack methods, and how to defend against them.

Ensurepass 2018 PDF and VCE

What is this team called?

  1. Blue team

  2. Tiger team

  3. Gorilla team

  4. Lion team

Answer: B

Question No: 57

A security policy is a document or set of documents that describes, at a high level, the security controls that will be implemented by the company. Which one of the following policies forbids everything and restricts usage of company computers, whether it is system usage or network usage?

  1. Paranoid Policy

  2. Prudent Policy

  3. Promiscuous Policy

  4. Information-Protection Policy

Answer: A

Question No: 58

A wireless intrusion detection system (WIDS) monitors the radio spectrum for the presence of unauthorized, rogue access points and the use of wireless attack tools. The system monitors the radio spectrum used by wireless LANs, and immediately alerts a systems administrator whenever a rogue access point is detected.

Conventionally it is achieved by comparing the MAC address of the participating wireless devices.

Which of the following attacks can be detected with the help of wireless intrusion detection system (WIDS)?

Ensurepass 2018 PDF and VCE

  1. Social engineering

  2. SQL injection

  3. Parameter tampering

  4. Man-in-the-middle attack

Answer: D

Reference: http://www.infosecwriters.com/text_resources/pdf/Wireless_IDS_JDixon.pdf (page 5)

Question No: 59

Which of the following reports provides a summary of the complete pen testing process, its outcomes, and recommendations?

  1. Vulnerability Report

  2. Executive Report

  3. Client-side test Report

  4. Host Report

Answer: B

Question No: 60

Which one of the following is a command line tool used for capturing data from the live network and copying those packets to a file?

  1. Wireshark: Capinfos

  2. Wireshark: Tcpdump

  3. Wireshark: Text2pcap

  4. Wireshark: Dumpcap

Answer: D

100% Ensurepass Free Download!
Download Free Demo:ECSAv8 Demo PDF
100% Ensurepass Free Guaranteed!
ECSAv8 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No