[2021.1] ECCouncil ECSAV10 practice test

Welcome to your [2021.1] ECCouncil ECSAV10 practice test

QUESTION 1The SnortMain () function begins by associating a set of handlers for the signals, Snort receives. It does this using the
signal () function. Which one of the following functions is used as a program-specific signal and the handler for this calls
the DropStats() function to output the current Snort statistics?
QUESTION 2Which of the following policies helps secure data and protects the privacy of organizational information?
QUESTION 3Which one of the following is a command-line tool used for capturing data from the live network and copying those
packets to a file?
QUESTION 4What is a good security method to prevent unauthorized users from “tailgating”?
QUESTION 5Adam is working as a senior penetration tester at Eon Tech Services Ltd. The company asked him to perform
penetration testing on their database. The company informs Adam they use Microsoft SQL Server. As a part of the
penetration
testing, Adam wants to know the complete information about the company\\’s database. He uses the Nmap tool to get
the information.
Which of the following Nmap commands will Adam use to get the information?
QUESTION 6During the process of fingerprinting a web application environment, what do you need to do in order to analyze HTTP
and HTTPS request headers and the HTML source code?
QUESTION 7In the TCP/IP model, the transport layer is responsible for the reliability and flow control from the source to the destination. TCP
provides the mechanism for flow control by allowing the sending and receiving hosts to communicate. A flow control
mechanism avoids the problem with a transmitting host overflowing the buffers in the receiving host.lead4pass ecsav10 practice test q7
QUESTION 8Which of the following password hashing algorithms is used in the NTLMv2 authentication mechanism?
QUESTION 9Which one of the following is a supporting tool for 802.11 (wireless) packet injections, it spoofs 802.11 packets to verify
whether the access point is valid or not?
QUESTION 10A penetration test consists of three phases: pre-attack phase, attack phase, and post-attack phase.
lead4pass ecsav10 practice test q10
Active reconnaissance which includes activities such as network mapping, web profiling, and perimeter mapping is a part of which phase(s)?
QUESTION 11An attacker with a malicious intention decided to hack confidential data from the target organization. For acquiring such
information, he started testing IoT devices that are connected to the target network. He started monitoring the network
traffic passing between the IoT devices and the network to verify whether credentials are being transmitted in cleartext.
Further, he also tried to crack the passwords using well-known keywords across all the interfaces.
Which of the following IoT threats the attacker is trying to exploit?
QUESTION 12Which of the following statements is true about Multi-Layer Intrusion Detection Systems (mIDSs)?
QUESTION 13During the reconnaissance phase of a penetration test, you discovered that the client has deployed a firewall that only
checks the TCP header information. Which of the following techniques would you use to bypass the firewall?