Weekend Special 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sale65best

Achieve Success in the ECCouncil ECSAv10 Exam: A Detailed EC-Council Certified Security Analyst (ECSA) v10 : Penetration Testing Guide

Questions 41

Which of the following attacks does a hacker perform in order to obtain UDDI information such as businessEntity, businesService, bindingTemplate, and tModel?

Options:

A.

Web Services Footprinting Attack

B.

Service Level Configuration Attacks

C.

URL Tampering Attacks

D.

Inside Attacks

Buy Now
Questions 42

The framework primarily designed to fulfill a methodical and organized way of addressing five threat classes to network and that can be used to access, plan, manage, and maintain secure computers and communication networks is:

Options:

A.

Nortells Unified Security Framework

B.

The IBM Security Framework

C.

Bell Labs Network Security Framework

D.

Microsoft Internet Security Framework

Buy Now
Questions 43

Security auditors determine the use of WAPs on their networks with Nessus vulnerability scanner which identifies the commonly used WAPs.

One of the plug-ins that the Nessus Vulnerability Scanner uses is ID #11026 and is named “Access Point Detection”. This plug-in uses four techniques to identify the presence of a WAP.

Which one of the following techniques is mostly used for uploading new firmware images while upgrading the WAP device?

Options:

A.

NMAP TCP/IP fingerprinting

B.

HTTP fingerprinting

C.

FTP fingerprinting

D.

SNMP fingerprinting

Buy Now
Questions 44

What is the following command trying to accomplish?

ECSAv10 Question 44

Options:

A.

Verify that NETBIOS is running for the 192.168.0.0 network

B.

Verify that TCP port 445 is open for the 192.168.0.0 network

C.

Verify that UDP port 445 is open for the 192.168.0.0 network

D.

Verify that UDP port 445 is closed for the 192.168.0.0 networks

Buy Now
Questions 45

Harold is a web designer who has completed a website for ghttech.net. As part of the maintenance agreement he signed with the client, Harold is performing research online and seeing how much exposure the site has received so far. Harold navigates to google.com and types in the following search.

link:www.ghttech.net

What will this search produce?

Options:

A.

All sites that link to ghttech.net

B.

Sites that contain the code: <a href="link:www.ghttech.net">link:www.ghttech.net</a>

C.

All sites that ghttech.net links to

D.

All search engines that link to .net domains

Buy Now
Questions 46

Firewall is an IP packet filter that enforces the filtering and security policies to the flowing network traffic. Using firewalls in IPv6 is still the best way of protection from low level attacks at the network and transport layers.

Which one of the following cannot handle routing protocols properly?

Options:

A.

“Internet-router-firewall-net architecture”

B.

“Internet-firewall-router-net architecture”

C.

“Internet-firewall/router(edge device)-net architecture”

D.

“Internet-firewall -net architecture”

Buy Now
Questions 47

Software firewalls work at which layer of the OSI model?

Options:

A.

Data Link

B.

Network

C.

Transport

D.

Application

Buy Now
Questions 48

You are a security analyst performing a penetration tests for a company in the Midwest. After some initial reconnaissance, you discover the IP addresses of some Cisco routers used by the company. You type in the following URL that includes the IP address of one of the routers:

http://172.168.4.131/level/99/exec/show/config

After typing in this URL, you are presented with the entire configuration file for that router. What have you discovered?

Options:

A.

URL Obfuscation Arbitrary Administrative Access Vulnerability

B.

Cisco IOS Arbitrary Administrative Access Online Vulnerability

C.

HTTP Configuration Arbitrary Administrative Access Vulnerability

D.

HTML Configuration Arbitrary Administrative Access Vulnerability

Buy Now
Questions 49

John, the penetration testing manager in a pen testing firm, needs to prepare a pen testing pricing report for a client. Which of the following factors does he need to consider while preparing the pen testing pricing report?

ECSAv10 Question 49

Options:

A.

Number of employees in the client organization

B.

Complete structure of the organization

C.

Number of client computers to be tested and resources required to perform a pen test

D.

Number of servers available in the client organization

Buy Now
Questions 50

A firewall protects networked computers from intentional hostile intrusion that could compromise confidentiality or result in data corruption or denial of service. It examines all traffic routed between the two networks to see if it meets certain criteria. If it does, it is routed between the networks, otherwise it is stopped.

ECSAv10 Question 50

Why is an appliance-based firewall is more secure than those implemented on top of the commercial operating system (Software based)?

Options:

A.

Appliance based firewalls cannot be upgraded

B.

Firewalls implemented on a hardware firewall are highly scalable

C.

Hardware appliances does not suffer from security vulnerabilities associated with the underlying operating system

D.

Operating system firewalls are highly configured

Buy Now