[Free] 2018(Jan) EnsurePass Dumpsleader ECCouncil ECSAv8 Dumps with VCE and PDF 31-40

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released ECSAv8
100% Free Download! 100% Pass Guaranteed!

EC-Council Certified Security Analyst (ECSA)

Question No: 31

DMZ is a network designed to give the public access to the specific internal resources and you might want to do the same thing for guests visiting organizations without compromising the integrity of the internal resources. In general, attacks on the wireless networks fall into four basic categories. Identify the attacks that fall under Passive attacks category.(Select all that apply)

  1. Wardriving

  2. Spoofing

  3. Sniffing

  4. Network Hijacking

Answer: A

Question No: 32

The IP protocol was designed for use on a wide variety of transmission links. Although the maximum length of an IP datagram is 64K, most transmission links enforce a smaller maximum packet length limit, called a MTU.

The value of the MTU depends on the type of the transmission link. The design of IP accommodates MTU differences by allowing routers to fragment IP datagrams as necessary. The receiving station is responsible for reassembling the fragments back into the original full size IP datagram.

IP fragmentation involves breaking a datagram into a number of pieces that can be reassembled later. The IP source, destination, identification, total length, and fragment offset fields in the IP header, are used for IP fragmentation and reassembly.

Ensurepass 2018 PDF and VCE

The fragment offset is 13 bits and indicates where a fragment belongs in the original IP datagram. This value is a:

  1. Multiple of four bytes

  2. Multiple of two bytes

  3. Multiple of eight bytes

  4. Multiple of six bytes

Answer: C

Reference: http://www.freesoft.org/CIE/Course/Section3/7.htm (fragment offset: 13 bits)

Question No: 33

Traffic on which port is unusual for both the TCP and UDP ports?

  1. Port 81

  2. Port 443

  3. Port 0

  4. Port21

Answer: C

Question No: 34

What is a goal of the penetration testing report?

Ensurepass 2018 PDF and VCE

  1. The penetration testing report helps you comply with local laws and regulations related to environmental conditions in the organization.

  2. The penetration testing report allows you to sleep better at night thinking your organization is protected

  3. The pen testing report helps executive management to make decisions on implementing security controls in the organization and helps the security team implement security

    controls and patch any flaws discovered during testing.

  4. The penetration testing report allows you to increase sales performance by effectively communicating with the internal security team.

Answer: C

Question No: 35

A penetration tester performs OS fingerprinting on the target server to identify the operating system used on the target server with the help of ICMP packets.

Ensurepass 2018 PDF and VCE

While performing ICMP scanning using Nmap tool, message received/type displays “3 – Destination Unreachable[5]” and code 3.

Which of the following is an appropriate description of this response?

  1. Destination port unreachable

  2. Destination host unavailable

  3. Destination host unreachable

  4. Destination protocol unreachable

Answer: A

Question No: 36

Which of the following attacks does a hacker perform in order to obtain UDDI information such as businessEntity, businesService, bindingTemplate, and tModel?

  1. Web Services Footprinting Attack

  2. Service Level Configuration Attacks

  3. URL Tampering Attacks

  4. Inside Attacks

Answer: A

Reference: http://www.scribd.com/doc/184891017/CEHv8-Module-13-Hacking-Web- Applications-pdf (page 99)

Question No: 37

The framework primarily designed to fulfill a methodical and organized way of addressing five threat classes to network and that can be used to access, plan, manage, and maintain secure computers and communication networks is:

  1. Nortells Unified Security Framework

  2. The IBM Security Framework

  3. Bell Labs Network Security Framework

  4. Microsoft Internet Security Framework

Answer: C

Question No: 38

In the TCP/IP model, the transport layer is responsible for reliability and flow control from source to the destination. TCP provides the mechanism for flow control by allowing the sending and receiving hosts to communicate. A flow control mechanism avoids the problem with a transmitting host overflowing the buffers in the receiving host.

Ensurepass 2018 PDF and VCE

Which of the following flow control mechanism guarantees reliable delivery of data?

  1. Sliding Windows

  2. Windowing

  3. Positive Acknowledgment with Retransmission (PAR)

  4. Synchronization

Answer: C

Reference: http://condor.depaul.edu/jkristof/technotes/tcp.html (1.1.3 Reliability)

Question No: 39

Which of the following protocols cannot be used to filter VoIP traffic?

  1. Media Gateway Control Protocol (MGCP)

  2. Real-time Transport Control Protocol (RTCP)

  3. Session Description Protocol (SDP)

  4. Real-Time Publish Subscribe (RTPS)

Answer: D

Question No: 40

John, the penetration testing manager in a pen testing firm, needs to prepare a pen testing pricing report for a client.

Which of the following factors does he need to consider while preparing the pen testing pricing report?

Ensurepass 2018 PDF and VCE

  1. Number of employees in the client organization

  2. Complete structure of the organization

  3. Number of client computers to be tested and resources required to perform a pen test

  4. Number of servers available in the client organization

Answer: C

100% Ensurepass Free Download!
Download Free Demo:ECSAv8 Demo PDF
100% Ensurepass Free Guaranteed!
ECSAv8 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.