Weekend Special 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sale65best

Achieve Success in the ECCouncil ECSAv10 Exam: A Detailed EC-Council Certified Security Analyst (ECSA) v10 : Penetration Testing Guide

Questions 51

Which of the following is the range for assigned ports managed by the Internet Assigned Numbers Authority (IANA)?

Options:

A.

3001-3100

B.

5000-5099

C.

6666-6674

D.

0 – 1023

Buy Now
Questions 52

Which of the following policies helps secure data and protects the privacy of organizational information?

Options:

A.

Special-Access Policy

B.

Document retention Policy

C.

Cryptography Policy

D.

Personal Security Policy

Buy Now
Questions 53

Which one of the following tools of trade is a commercial shellcode and payload generator written in Python by Dave Aitel?

Options:

A.

Microsoft Baseline Security Analyzer (MBSA)

B.

CORE Impact

C.

Canvas

D.

Network Security Analysis Tool (NSAT)

Buy Now
Questions 54

An automated electronic mail message from a mail system which indicates that the user does not exist on that server is called as?

Options:

A.

SMTP Queue Bouncing

B.

SMTP Message Bouncing

C.

SMTP Server Bouncing

D.

SMTP Mail Bouncing

Buy Now
Questions 55

What is the target host IP in the following command?

ECSAv10 Question 55

Options:

A.

Firewalk does not scan target hosts

B.

172.16.28.95

C.

This command is using FIN packets, which cannot scan target hosts

D.

10.10.150.1

Buy Now
Questions 56

The Web parameter tampering attack is based on the manipulation of parameters exchanged between client and server in order to modify application data, such as user credentials and permissions, price and quantity of products, etc.

Usually, this information is stored in cookies, hidden form fields, or URL Query Strings, and is used to increase application functionality and control. This attack takes advantage of the fact that many programmers rely on hidden or fixed fields (such as a hidden tag in a form or a parameter in a URL) as the only security measure for certain operations.

Attackers can easily modify these parameters to bypass the security mechanisms that rely on them.

ECSAv10 Question 56

What is the best way to protect web applications from parameter tampering attacks?

Options:

A.

Validating some parameters of the web application

B.

Minimizing the allowable length of parameters

C.

Using an easily guessable hashing algorithm

D.

Applying effective input field filtering parameters

Buy Now
Questions 57

Kimberly is studying to be an IT security analyst at a vocational school in her town. The school offers many different programming as well as networking languages. What networking protocol language should she learn that routers utilize?

Options:

A.

OSPF

B.

BPG

C.

ATM

D.

UDP

Buy Now
Questions 58

STION NO: 23

Identify the framework that comprises of five levels to guide agency assessment of their security programs and assist in prioritizing efforts for improvement:

Options:

A.

Information System Security Assessment Framework (ISSAF)

B.

Microsoft Internet Security Framework

C.

Nortells Unified Security Framework

D.

Federal Information Technology Security Assessment Framework

Buy Now
Questions 59

A chipset is a group of integrated circuits that are designed to work together and are usually marketed as a single product.” It is generally the motherboard chips or the chips used on the expansion card.

Which one of the following is well supported in most wireless applications?

Options:

A.

Orinoco chipsets

B.

Prism II chipsets

C.

Atheros Chipset

D.

Cisco chipset

Buy Now
Questions 60

What operating system would respond to the following command?

ECSAv10 Question 60

Options:

A.

Mac OS X

B.

Windows XP

C.

Windows 95

D.

FreeBSD

Buy Now
Exam Code: ECSAv10
Exam Name: EC-Council Certified Security Analyst (ECSA) v10 : Penetration Testing
Last Update: Dec 9, 2024
Questions: 201

PDF + Testing Engine

$164.99
$57.75

Testing Engine

$124.99
$43.75

PDF (Q&A)

$104.99
$36.75