Eccouncil ECSAv10 Certified Security Analyst (ECSA) v10 ECSA v10 Exam Practice Test

Page: 1 / 14
Total 201 questions
Question 1

In the process of hacking a web application, attackers manipulate the HTTP requests to subvert the application authorization schemes by modifying input fields that relate to the user ID, username, access group, cost, file names, file identifiers, etc.

They first access the web application using a low privileged account and then escalate privileges to access protected resources.What attack has been carried out?



Answer : B


Question 2

The framework primarily designed to fulfill a methodical and organized way of addressing five threat classes to network and that can be used to access, plan, manage, and maintain secure computers and communication networks is:



Answer : C


Question 3

How many possible sequence number combinations are there in TCP/IP protocol?



Answer : C


Question 4

Which of the following documents helps in creating a confidential relationship between the pen tester and client to protect critical and confidential information or trade secrets?



Answer : D


Question 5

After passing her CEH exam, Carol wants to ensure that her network is completely secure. She implements aDMZ, statefull firewall, NAT, IPSEC, and a packet filtering firewall. Since all security measures were taken,none of the hosts on her network can reach the Internet.

Why is that?



Answer : B


Question 6

Rule of Engagement (ROE) is the formal permission to conduct a pen-test. It provides top-level guidance for conducting the penetration testing. Various factors are considered while preparing the scope of ROE which clearly explain the limits associated with the security test.

Which of the following factors is NOT considered while preparing the scope of the Rules of Engagment (ROE)?



Answer : A


Question 7

A Demilitarized Zone (DMZ) is a computer host or small network inserted as a ''neutral zone'' between a company's private network and the outside public network. Usage of a protocol within a DMZ environment is highly variable based on the specific needs of an organization.

Privilege escalation, system is compromised when the code runs under root credentials, and DoS attacks are the basic weakness of which one of the following Protocol?



Answer : D


Page:    1 / 14   
Total 201 questions