Eccouncil ECSAv10 ECSA v10 Exam Practice Test Instant Access

Question 1

What are the scanning techniques that are used to bypass firewall rules and logging mechanisms and disguise themselves as usual network traffic?

AConnect Scanning Techniques

BSYN Scanning Techniques

CStealth Scanning Techniques

DPort Scanning Techniques

Answer : C

Question 2

Which one of the following tools of trade is an automated, comprehensive penetration testing product for assessing the specific information security threats to an organization?

ASunbelt Network Security Inspector (SNSI)

BCORE Impact

CCanvas

DMicrosoft Baseline Security Analyzer (MBSA)

Answer : C

Question 3

Which of the following is developed to address security concerns on time and reduce the misuse or threat of attacks in an organization?

AVulnerabilities checklists

BConfiguration checklists

CAction Plan

DTesting Plan

Answer : A

Question 4

Which of the following policies states that the relevant application owner must authorize requests for additional access to specific business applications in writing to the IT Department/resource?

ASpecial-Access Policy

BUser Identification and Password Policy

CPersonal Computer Acceptable Use Policy

DUser-Account Policy

Answer : B

Question 5

Which of the following approaches to vulnerability assessment relies on the administrator providing baseline of system configuration and then scanning continuously without incorporating any information found at the time of scanning?

AService-based Assessment Solutions

BProduct-based Assessment Solutions

CTree-based Assessment

DInference-based Assessment

Answer : C

Question 6

In the context of penetration testing, what does blue teaming mean?

AA penetration test performed with the knowledge and consent of the organization's IT staff

BIt is the most expensive and most widely used

CIt may be conducted with or without warning

DA penetration test performed without the knowledge of the organization's IT staff but with permission from upper management

Answer : A

Question 7

Information gathering is performed to:

i) Collect basic information about the target company and its network

ii) Determine the operating system used, platforms running, web server versions, etc.

iii) Find vulnerabilities and exploits

Which of the following pen testing tests yields information about a company's technology infrastructure?

ASearching for web page posting patterns

BAnalyzing the link popularity of the company's website

CSearching for trade association directories

DSearching for a company's job postings

Answer : D

Eccouncil ECSAv10 Certified Security Analyst (ECSA) v10 ECSA v10 Exam Practice Test