[Free] 2018(Jan) EnsurePass Dumpsleader ECCouncil ECSAv8 Dumps with VCE and PDF 71-80

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released ECSAv8
100% Free Download! 100% Pass Guaranteed!

EC-Council Certified Security Analyst (ECSA)

Question No: 71

The amount of data stored in organizational databases has increased rapidly in recent years due to the rapid advancement of information technologies. A high percentage of these data is sensitive, private and critical to the organizations, their clients and partners.

Therefore, databases are usually installed behind internal firewalls, protected with intrusion detection mechanisms and accessed only by applications. To access a database, users have to connect to one of these applications and submit queries through them to the database. The threat to databases arises when these applications do not behave properly and construct these queries without sanitizing user inputs first.

Identify the injection attack represented in the diagram below:

Ensurepass 2018 PDF and VCE

  1. Frame Injection Attack

  2. LDAP Injection Attack

  3. XPath Injection Attack

  4. SOAP Injection Attack

Answer: B

Reference: e https://www.blackhat.com/presentations/bh-europe-08/Alonso- Parada/Whitepaper/bh-eu-08-alonso-parada-WP.pdf ( page 3 to 5)

Question No: 72

A man enters a PIN number at an ATM machine, being unaware that the person next to him was watching. Which of the following social engineering techniques refers to this type of information theft?

  1. Shoulder surfing

  2. Phishing

  3. Insider Accomplice

  4. Vishing

Answer: A

Question No: 73

James is testing the ability of his routers to withstand DoS attacks. James sends ICMP ECHO requests to the broadcast address of his network. What type of DoS attack is James testing against his network?

  1. Smurf

  2. Trinoo

  3. Fraggle

  4. SYN flood

Answer: A

Question No: 74

Which of the following statements is true about the LM hash?

  1. Disabled in Windows Vista and 7 OSs

  2. Separated into two 8-character strings

  3. Letters are converted to the lowercase

  4. Padded with NULL to 16 characters

Answer: A

Reference: http://www.onlinehashcrack.com/how_to_crack_windows_passwords.php (first paragraph of the page)

Question No: 75

Identify the type of testing that is carried out without giving any information to the employees or administrative head of the organization.

  1. Unannounced Testing

  2. Double Blind Testing

  3. Announced Testing

  4. Blind Testing

Answer: B

Question No: 76

Which of the following statement holds true for TCP Operation?

Ensurepass 2018 PDF and VCE

  1. Port numbers are used to know which application the receiving host should pass the

    data to

  2. Sequence numbers are used to track the number of packets lost in transmission

  3. Flow control shows the trend of a transmitting host overflowing the buffers in the receiving host

  4. Data transfer begins even before the connection is established

Answer: D

Question No: 77

Choose the correct option to define the Prefix Length.

Ensurepass 2018 PDF and VCE

  1. Prefix Length = Subnet Host portions

  2. Prefix Length = Network Host portions

  3. Prefix Length = Network Subnet portions

  4. Prefix Length = Network Subnet Host portions

Answer: C

Question No: 78

An automated electronic mail message from a mail system which indicates that the user does not exist on that server is called as?

  1. SMTP Queue Bouncing

  2. SMTP Message Bouncing

  3. SMTP Server Bouncing

  4. SMTP Mail Bouncing

Answer: D

Reference: http://en.wikipedia.org/wiki/Bounce_message

Question No: 79

John, a penetration tester, was asked for a document that defines the project, specifies goals, objectives, deadlines, the resources required, and the approach of the project.

Which of the following includes all of these requirements?

  1. Penetration testing project plan

  2. Penetration testing software project management plan

  3. Penetration testing project scope report

  4. Penetration testing schedule plan

Answer: A Explanation: Rfere

http://books.google.com.pk/books?id=7dwEAAAAQBAJamp;pg=SA4-PA14amp;lpg=SA4- PA14amp;dq=penetration testing document that defines the project, specifies goals, obje ctives, deadlines, the resources required, and the approach of the projectamp;source=b lamp;ots=SQCLHNtthNamp;sig=kRcccmtDtCdZgB7hASShxSRbfOMamp;hl=enamp;sa=Xamp;ei=hyMfVOKz GYvmarvFgaALamp;ved=0CB0Q6AEwAA#v=onepageamp;q=penetration testing docume nt that defines the project, specifies goals, objectives% 2C deadlines, the resources required, and the approac h of the projectamp;f=false

Question No: 80

Identify the type of firewall represented in the diagram below:

Ensurepass 2018 PDF and VCE

  1. Stateful multilayer inspection firewall

  2. Application level gateway

  3. Packet filter

  4. Circuit level gateway

Answer: A

Reference: http://www.technicolorbroadbandpartner.com/getfile.php?id=4159 (page 13)

100% Ensurepass Free Download!
Download Free Demo:ECSAv8 Demo PDF
100% Ensurepass Free Guaranteed!
ECSAv8 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.