[Free] 2018(Jan) EnsurePass Dumpsleader ECCouncil ECSAv8 Dumps with VCE and PDF 61-70

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released ECSAv8
100% Free Download! 100% Pass Guaranteed!

EC-Council Certified Security Analyst (ECSA)

Question No: 61

ARP spoofing is a technique whereby an attacker sends fake (quot;spoofedquot;) Address Resolution Protocol (ARP) messages onto a Local Area Network. Generally, the aim is to associate the attacker#39;s MAC address with the IP address of another host (such as the default gateway), causing any traffic meant for that IP address to be sent to the attacker instead.

ARP spoofing attack is used as an opening for other attacks.

Ensurepass 2018 PDF and VCE

What type of attack would you launch after successfully deploying ARP spoofing?

  1. Parameter Filtering

  2. Social Engineering

  3. Input Validation

  4. Session Hijacking

Answer: D

ence: http://en.wikipedia.org/wiki/ARP_spoofing

Question No: 62

SQL injection attack consists of insertion or quot;injectionquot; of either a partial or complete SQL query via the data input or transmitted from the client (browser) to the web application.

A successful SQL injection attack can: i)Read sensitive data from the database

iii)Modify database data (insert/update/delete)

iii)Execute administration operations on the database (such as shutdown the DBMS)

iV)Recover the content of a given file existing on the DBMS file system or write files into the file system

v)Issue commands to the operating system

Ensurepass 2018 PDF and VCE

Pen tester needs to perform various tests to detect SQL injection vulnerability. He has to make a list of all input fields whose values could be used in crafting a SQL query, including the hidden fields of POST requests and then test them separately, trying to interfere with the query and to generate an error.

In which of the following tests is the source code of the application tested in a non-runtime environment to detect the SQL injection vulnerabilities?

  1. Automated Testing

  2. Function Testing

  3. Dynamic Testing

  4. Static Testing

Answer: D

Reference: http://ijritcc.org/IJRITCC Vol_2 Issue_5/Removal of Data Vulnerabilities

Using SQL.pdf

Question No: 63

Fuzz testing or fuzzing is a software/application testing technique used to discover coding errors and security loopholes in software, operating systems, or networks by inputting massive amounts of random data, called fuzz, to the system in an attempt to make it crash.

Fuzzers work best for problems that can cause a program to crash, such as buffer overflow, cross-site scripting, denial of service attacks, format bugs, and SQL injection.

Fuzzer helps to generate and submit a large number of inputs supplied to the application for testing it against the inputs. This will help us to identify the SQL inputs that generate malicious output.

Suppose a pen tester knows the underlying structure of the database used by the application (i.e., name, number of columns, etc.) that she is testing.

Which of the following fuzz testing she will perform where she can supply specific data to the application to discover vulnerabilities?

  1. Clever Fuzz Testing

  2. Dumb Fuzz Testing

  3. Complete Fuzz Testing

  4. Smart Fuzz Testing

Answer: D

Question No: 64

Which of the following has an offset field that specifies the length of the header and data?

  1. IP Header

  2. UDP Header

  3. ICMP Header

  4. TCP Header

Answer: D

Question No: 65

What is a difference between host-based intrusion detection systems (HIDS) and network- based intrusion detection systems (NIDS)?

Ensurepass 2018 PDF and VCE

  1. NIDS are usually a more expensive solution to implement compared to HIDS.

  2. Attempts to install Trojans or backdoors cannot be monitored by a HIDS whereas NIDS can monitor and stop such intrusion events.

  3. NIDS are standalone hardware appliances that include network intrusion detection capabilities whereas HIDS consist of software agents installed on individual computers within the system.

  4. HIDS requires less administration and training compared to NIDS.

Answer: C

Question No: 66

What are the scanning techniques that are used to bypass firewall rules and logging mechanisms and disguise themselves as usual network traffic?

  1. Connect Scanning Techniques

  2. SYN Scanning Techniques

  3. Stealth Scanning Techniques

  4. Port Scanning Techniques

Answer: C

Reference: http://wwww.pc- freak.net/tutorials/hacking_info/arkin network scanning techniques.pdf (page 7

Question No: 67

A framework for security analysis is composed of a set of instructions, assumptions, and limitations to analyze and solve security concerns and develop threat free applications. Which of the following frameworks helps an organization in the evaluation of the company’s information security with that of the industrial standards?

  1. Microsoft Internet Security Framework

  2. Information System Security Assessment Framework

  3. The IBM Security Framework

  4. Nortell’s Unified Security Framework

Answer: B

Question No: 68

If a web application sends HTTP cookies as its method for transmitting session tokens, it may be vulnerable which of the following attacks?

  1. Parameter tampering Attack

  2. Sql injection attack

  3. Session Hijacking

  4. Cross-site request attack

Answer: D

Reference: https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)

Question No: 69

Many security and compliance projects begin with a simple idea: assess the organization#39;s

risk, vulnerabilities, and breaches. Implementing an IT security risk assessment is critical to the overall security posture of any organization.

An effective security risk assessment can prevent breaches and reduce the impact of realized breaches.

Ensurepass 2018 PDF and VCE

What is the formula to calculate risk?

  1. Risk = Budget x Time

  2. Risk = Goodwill x Reputation

  3. Risk = Loss x Exposure factor

  4. Risk = Threats x Attacks

Answer: C

Question No: 70

Which one of the following log analysis tools is a Cisco Router Log Format log analyzer and it parses logs, imports them into a SQL database (or its own built-in database), aggregates them, and generates the dynamically filtered reports, all through a web interface?

  1. Event Log Tracker

  2. Sawmill

  3. Syslog Manager

  4. Event Log Explorer

Answer: B

100% Ensurepass Free Download!
Download Free Demo:ECSAv8 Demo PDF
100% Ensurepass Free Guaranteed!
ECSAv8 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.