January 7, 2021 by admin [2021.1] ECCouncil ECSAV10 practice test Welcome to your [2021.1] ECCouncil ECSAV10 practice test QUESTION 1The SnortMain () function begins by associating a set of handlers for the signals, Snort receives. It does this using thesignal () function. Which one of the following functions is used as a program-specific signal and the handler for this callsthe DropStats() function to output the current Snort statistics?A. SIGUSR1B. SIGTERMC. SIGINTD. SIGHUP QUESTION 2Which of the following policies helps secure data and protects the privacy of organizational information?A. Special-Access PolicyB. Document retention PolicyC. Cryptography PolicyD. Personal Security Policy QUESTION 3Which one of the following is a command-line tool used for capturing data from the live network and copying thosepackets to a file?A. Wireshark: CapinfosB. Wireshark: TcpdumpC. Wireshark: Text2pcapD. Wireshark: Dumpcap QUESTION 4What is a good security method to prevent unauthorized users from “tailgating”?A. Electronic key systemsB. MantrapC. Pick-resistant locksD. Electronic combination locks QUESTION 5Adam is working as a senior penetration tester at Eon Tech Services Ltd. The company asked him to performpenetration testing on their database. The company informs Adam they use Microsoft SQL Server. As a part of thepenetrationtesting, Adam wants to know the complete information about the company\\’s database. He uses the Nmap tool to getthe information.Which of the following Nmap commands will Adam use to get the information?A. nmap -p2051 –script ms-sql-infoB. nmap -p1801 –script ms-sql-infoC. nmap -p1443 –script ms-sql-infoD. nmap -p1521 –script ms-sql-info QUESTION 6During the process of fingerprinting a web application environment, what do you need to do in order to analyze HTTPand HTTPS request headers and the HTML source code?A. Examine Source of the Available PagesB. Perform Web SpideringC. Perform Banner GrabbingD. Check the HTTP and HTML Processing by the Browser QUESTION 7In the TCP/IP model, the transport layer is responsible for the reliability and flow control from the source to the destination. TCPprovides the mechanism for flow control by allowing the sending and receiving hosts to communicate. A flow controlmechanism avoids the problem with a transmitting host overflowing the buffers in the receiving host.A. Sliding WindowsB. WindowingC. Positive Acknowledgment with Retransmission (PAR)D. Synchronization QUESTION 8Which of the following password hashing algorithms is used in the NTLMv2 authentication mechanism?A. AESB. DES (ECB mode)C. MD5D. RC5 QUESTION 9Which one of the following is a supporting tool for 802.11 (wireless) packet injections, it spoofs 802.11 packets to verifywhether the access point is valid or not?A. AirportB. AircrackC. AirpwnD. WEPCrack QUESTION 10A penetration test consists of three phases: pre-attack phase, attack phase, and post-attack phase.Active reconnaissance which includes activities such as network mapping, web profiling, and perimeter mapping is a part of which phase(s)?A. Post-attack phaseB. Pre-attack phase and attack phaseC. Attack phaseD. pre-attack phase QUESTION 11An attacker with a malicious intention decided to hack confidential data from the target organization. For acquiring suchinformation, he started testing IoT devices that are connected to the target network. He started monitoring the networktraffic passing between the IoT devices and the network to verify whether credentials are being transmitted in cleartext.Further, he also tried to crack the passwords using well-known keywords across all the interfaces.Which of the following IoT threats the attacker is trying to exploit?A. Poor physical securityB. Poor authenticationC. Privacy concernsD. Insecure firmware QUESTION 12Which of the following statements is true about Multi-Layer Intrusion Detection Systems (mIDSs)?A. Decreases consumed employee time and increases system uptimeB. Increases detection and reaction timeC. Increases response timeD. Both Decreases consumed employee time and increases system uptime and Increases response time QUESTION 13During the reconnaissance phase of a penetration test, you discovered that the client has deployed a firewall that onlychecks the TCP header information. Which of the following techniques would you use to bypass the firewall?A. Bypassing the firewall using tiny fragmentsB. Bypassing the firewall by manipulating the IPID sequence numberC. Bypassing the firewall source routingD. Bypassing the firewall using the IP address in place of an URL Time is Up!