Eccouncil ECSAv10 ECSA v10 Exam Practice Test Instant Access

Question 1

SQL injection attacks are becoming significantly more popular amongst hackers and there has been an estimated 69 percent increase of this attack type.

This exploit is used to great effect by the hacking community since it is the primary way to steal sensitive data from web applications. It takes advantage of non-validated input vulnerabilities to pass SQL commands through a web application for execution by a back-end database.

The below diagram shows how attackers launched SQL injection attacks on web applications.

Which of the following can the attacker use to launch an SQL injection attack?

ABlah' ''2=2 --''

BBlah' and 2=2 --

CBlah' and 1=1 --

DBlah' or 1=1 --

Answer : D

Question 2

Jim performed a vulnerability analysis on his network and found no potential problems. He runs another utilitythat executes exploits against his system to verify the results of the vulnerability test. The second utilityexecutes five known exploits against his network in which the vulnerability analysis said were not exploitable.

What kind of results did Jim receive from his vulnerability analysis?

ATrue negatives

BFalse negatives

CFalse positives

DTrue positives

Answer : B

Question 3

Windows stores user passwords in the Security Accounts Manager database (SAM), or in the Active Directory database in domains. Passwords are never stored in clear text; passwords are hashed and the results are stored in the SAM.

NTLM and LM authentication protocols are used to securely store a user's password in the SAM database using different hashing methods.

The SAM file in Windows Server 2008 is located in which of the following locations?

Ac:\windows\system32\config\SAM

Bc:\windows\system32\drivers\SAM

Cc:\windows\system32\Setup\SAM

Dc:\windows\system32\Boot\SAM

Answer : D

Question 4

Which among the following information is not furnished by the Rules of Engagement (ROE) document?

ATechniques for data collection from systems upon termination of the test

BTechniques for data exclusion from systems upon termination of the test

CDetails on how data should be transmitted during and after the test

DDetails on how organizational data is treated throughout and after the test

Answer : A

Question 5

You are trying to locate Microsoft Outlook Web Access Default Portal using Google search on the Internet. What search string will you use to locate them?

Aintitle:'exchange server'

Boutlook:'search'

Clocate:'logon page'

Dallinurl:'exchange/logon.asp'

Answer : D

Question 6

John, a penetration tester from a pen test firm, was asked to collect information about the host file in a Windows system directory. Which of the following is the location of the host file in Window system directory?

AC:\Windows\System32\Boot

BC:\WINNT\system32\drivers\etc

CC:\WINDOWS\system32\cmd.exe

DC:\Windows\System32\restore

Answer : B

Question 7

Which of the following statement holds true for TCP Operation?

APort numbers are used to know which application the receiving host should pass the data to

BSequence numbers are used to track the number of packets lost in transmission

CFlow control shows the trend of a transmitting host overflowing the buffers in the receiving host

DData transfer begins even before the connection is established

Answer : D

Eccouncil ECSAv10 Certified Security Analyst (ECSA) v10 ECSA v10 Exam Practice Test