ECSAv10 Exam Dumps - EC-Council Certified Security Analyst (ECSA) v10 : Penetration Testing

Go to page:

Question # 4

The Internet is a giant database where people store some of their most private information on the cloud, trusting that the service provider can keep it all safe. Trojans, Viruses, DoS attacks, website defacement, lost computers, accidental publishing, and more have all been sources of major leaks over the last 15 years.

What is the biggest source of data leaks in organizations today?

Weak passwords and lack of identity management

Insufficient IT security budget

Rogue employees and insider attacks

Vulnerabilities, risks, and threats facing Web sites

Full Access

Question # 5

What will the following URL produce in an unpatched IIS Web Server?

Execute a buffer flow in the C: drive of the web server

Insert a Trojan horse into the C: drive of the web server

Directory listing of the C:\windows\system32 folder on the web server

Directory listing of C: drive on the web server

Full Access

Question # 6

Which of the following approaches to vulnerability assessment relies on the administrator providing baseline of system configuration and then scanning continuously without incorporating any information found at the time of scanning?

Service-based Assessment Solutions

Product-based Assessment Solutions

Tree-based Assessment

Inference-based Assessment

Full Access

Question # 7

TCP/IP provides a broad range of communication protocols for the various applications on the network. The TCP/IP model has four layers with major protocols included within each layer. Which one of the following protocols is used to collect information from all the network devices?

Simple Network Management Protocol (SNMP)

Network File system (NFS)

Internet Control Message Protocol (ICMP)

Transmission Control Protocol (TCP)

Full Access

Question # 8

In Linux, what is the smallest possible shellcode?

800 bytes

8 bytes

80 bytes

24 bytes

Full Access