New Year Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

ECSAv10 Exam Dumps - EC-Council Certified Security Analyst (ECSA) v10 : Penetration Testing

Go to page:
Question # 9

The objective of this act was to protect consumers personal financial information held by financial institutions and their service providers.

A.

HIPAA

B.

Sarbanes-Oxley 2002

C.

Gramm-Leach-Bliley Act

D.

California SB 1386a

Full Access
Question # 10

In which of the following firewalls are the incoming or outgoing packets blocked from accessing services for which there is no proxy?

A.

Circuit level firewalls

B.

Packet filters firewalls

C.

Stateful multilayer inspection firewalls

D.

Application level firewalls

Full Access
Question # 11

The framework primarily designed to fulfill a methodical and organized way of addressing five threat classes to network and that can be used to access, plan, manage, and maintain secure computers and communication networks is:

A.

Nortells Unified Security Framework

B.

The IBM Security Framework

C.

Bell Labs Network Security Framework

D.

Microsoft Internet Security Framework

Full Access
Question # 12

Which of the following acts is a proprietary information security standard for organizations that handle cardholder information for the major debit, credit, prepaid, e-purse, ATM, and POS cards and applies to all entities involved in payment card processing?

A.

PIPEDA

B.

PCI DSS

C.

Human Rights Act 1998

D.

Data Protection Act 1998

Full Access
Question # 13

Wireless communication allows networks to extend to places that might otherwise go untouched by the wired networks. When most people say ‘Wireless’ these days, they are referring to one of the 802.11 standards. There are three main 802.11 standards: B, A, and G.

Which one of the following 802.11 types uses DSSS Modulation, splitting the 2.4ghz band into channels?

A.

802.11b

B.

802.11g

C.

802.11-Legacy

D.

802.11n

Full Access
Question # 14

Wireshark is a network analyzer. It reads packets from the network, decodes them, and presents them in an easy-to-understand format. Which one of the following is the command-line version of Wireshark, which can be used to capture the live packets from the wire or to read the saved capture files?

A.

Tcpdump

B.

Capinfos

C.

Tshark

D.

Idl2wrs

Full Access
Question # 15

You work as a penetration tester for Hammond Security Consultants. You are currently working on a contract for the state government of California. Your next step is to initiate a DoS attack on their network. Why would you want to initiate a DoS attack on a system you are testing?

A.

Use attack as a launching point to penetrate deeper into the network

B.

Demonstrate that no system can be protected against DoS attacks

C.

List weak points on their network

D.

Show outdated equipment so it can be replaced

Full Access
Question # 16

An attacker injects malicious query strings in user input fields to bypass web service authentication mechanisms and to access back-end databases. Which of the following attacks is this?

A.

Frame Injection Attack

B.

LDAP Injection Attack

C.

XPath Injection Attack

D.

SOAP Injection Attack

Full Access
Go to page: