PASS4TEST 専門 IT 認証試験問題集提供者 http://www.pass4test.jp 1 年で無料進級することに提供する IT Certification Guaranteed, The Easy Way! Exam : ECSAv8 Title : EC-Council Certified Security Analyst (ECSA) Vendor : EC-COUNCIL Version : DEMO 1 IT Certification Guaranteed, The Easy Way! NO.1 You have compromised a lower-level administrator account on an Active Directory network of a small company in Dallas, Texas. You discover Domain Controllers through enumeration. You connect to one of the Domain Controllers on port 389 using Idp.exe. What are you trying to accomplish here? A. Poison the DNS records with false records B. Enumerate MX and A records from DNS C. Establish a remote connection to the Domain Controller D. Enumerate domain user accounts and built-in groups Answer: D NO.2 Which of the following defines the details of services to be provided for the client's organization and the list of services required for performing the test in the organization? A. Draft B. Report C. Requirement list D. Quotation Answer: D NO.3 The term social engineering is used to describe the various tricks used to fool people (employees, business partners, or customers) into voluntarily giving away information that would not normally be known to the general public. What is the criminal practice of social engineering where an attacker uses the telephone system in an attempt to scam the user into surrendering private information? A. Phishing B. Spoofing C. Tapping D. Vishing Answer: A Reference: http://en.wikipedia.org/wiki/Voice_phishing NO.4 In which of the following IDS evasion techniques does IDS reject the packets that an end system accepts? A. IPS evasion technique B. IDS evasion technique 2 IT Certification Guaranteed, The Easy Way! C. UDP evasion technique D. TTL evasion technique Answer: B Reference: http://is.muni.cz/th/172999/fi_m/MT_Bukac.pdf (page 24) NO.5 John, the penetration tester in a pen test firm, was asked to find whether NTP services are opened on the target network (10.0.0.7) using Nmap tool. Which one of the following Nmap commands will he use to find it? A. nmap -sU -p 389 10.0.0.7 B. nmap -sU -p 123 10.0.0.7 C. nmap -sU -p 161 10.0.0.7 D. nmap -sU -p 135 10.0.0.7 Answer: D NO.6 From where can clues about the underlying application environment can be collected? A. From the extension of the file B. From executable file C. From file types and directories D. From source code 3 IT Certification Guaranteed, The Easy Way! Answer: D NO.7 Application security assessment is one of the activity that a pen tester performs in the attack phase. It is designed to identify and assess threats to the organization through bespoke, proprietary applications or systems. It checks the application so that a malicious user cannot access, modify, or destroy data or services within the system. Identify the type of application security assessment which analyzes the application-based code to confirm that it does not contain any sensitive information that an attacker might use to exploit an application. A. Web Penetration Testing B. Functionality Testing C. Authorization Testing D. Source Code Review Answer: D NO.8 An external intrusion test and analysis identify security weaknesses and strengths of the client's systems and networks as they appear from outside the client's security perimeter, usually from the Internet. The goal of an external intrusion test and analysis is to demonstrate the existence of known vulnerabilities that could be exploited by an external attacker. 4 IT Certification Guaranteed, The Easy Way! During external penetration testing, which of the following scanning techniques allow you to determine a port's state without making a full connection to the host? A. XMAS Scan B. SYN scan C. FIN Scan D. NULL Scan Answer: B NO.9 Attackers create secret accounts and gain illegal access to resources using backdoor while bypassing the authentication procedures. Creating a backdoor is a where an attacker obtains remote access to a computer on a network. 5 IT Certification Guaranteed, The Easy Way! Which of the following techniques do attackers use to create backdoors to covertly gather critical information about a target machine? A. Internal network mapping to map the internal network of the target machine B. Port scanning to determine what ports are open or in use on the target machine C. Sniffing to monitor all the incoming and outgoing network traffic D. Social engineering and spear phishing attacks to install malicious programs on the target machine Answer: D NO.10 A firewall's decision to forward or reject traffic in network filtering is dependent upon which of the following? A. Destination address B. Port numbers C. Source address D. Protocol used Answer: D Reference: http://www.vicomsoft.com/learning-center/firewalls/ (what does a firewall do) NO.11 Which of the following attacks does a hacker perform in order to obtain UDDI information 6 IT Certification Guaranteed, The Easy Way! such as businessEntity, businesService, bindingTemplate, and tModel? A. Web Services Footprinting Attack B. Service Level Configuration Attacks C. URL Tampering Attacks D. Inside Attacks Answer: A Reference: http://www.scribd.com/doc/184891017/CEHv8-Module-13-Hacking-Web-Applicationspdf (page 99) NO.12 What information can be collected by dumpster diving? A. Sensitive documents B. Email messages C. Customer contact information D. All the above Answer: A Reference: http://www.spamlaws.com/dumpster-diving.html 7
© Copyright 2024