EC-COUNCIL EC-Council Certified Security Analyst (ECSA) v9 - 412-79v9 Exam Practice Test

Page: 1 / 26
Total 205 questions
Get Full Access Now
A penetration tester performs OS fingerprinting on the target server to identify the operating system used on the target server with the help of ICMP packets.

While performing ICMP scanning using Nmap tool, message received/type displays "3 -
Destination Unreachable[5]" and code 3.
Which of the following is an appropriate description of this response?

Correct Answer: A Vote an answer
A firewall's decision to forward or reject traffic in network filtering is dependent upon which of the following?

Correct Answer: A Vote an answer
Explanation: Only visible for Fast2test members. You can sign-up / login (it's free).
External penetration testing is a traditional approach to penetration testing and is more focused on the servers, infrastructure and the underlying software comprising the target. It involves a comprehensive analysis of publicly available information about the target, such as Web servers, Mail servers, Firewalls, and Routers.

Which of the following types of penetration testing is performed with no prior knowledge of the site?

Correct Answer: A Vote an answer
Explanation: Only visible for Fast2test members. You can sign-up / login (it's free).
A directory traversal (or path traversal) consists in exploiting insufficient security validation/sanitization of user-supplied input file names, so that characters representing
"traverse to parent directory" are passed through to the file APIs.
The goal of this attack is to order an application to access a computer file that is not intended to be accessible. This attack exploits a lack of security (the software is acting exactly as it is supposed to) as opposed to exploiting a bug in the code.

To perform a directory traversal attack, which sequence does a pen tester need to follow to manipulate variables of reference files?

Correct Answer: B Vote an answer
Explanation: Only visible for Fast2test members. You can sign-up / login (it's free).
Rule of Engagement (ROE) is the formal permission to conduct a pen-test. It provides top- level guidance for conducting the penetration testing.
Various factors are considered while preparing the scope of ROE which clearly explain the limits associated with the security test.

Which of the following factors is NOT considered while preparing the scope of the Rules of
Engagment (ROE)?

Correct Answer: D Vote an answer
Which of the following attacks does a hacker perform in order to obtain UDDI information such as businessEntity, businesService, bindingTemplate, and tModel?

Correct Answer: C Vote an answer
Explanation: Only visible for Fast2test members. You can sign-up / login (it's free).
Traffic on which port is unusual for both the TCP and UDP ports?

Correct Answer: C Vote an answer
Port numbers are used to keep track of different conversations crossing the network at the same time. Both TCP and UDP use port (socket) numbers to pass information to the upper layers. Port numbers have the assigned ranges.

Port numbers above 1024 are considered which one of the following?

Correct Answer: D Vote an answer
Explanation: Only visible for Fast2test members. You can sign-up / login (it's free).
Page: 1 / 26
Total 205 questions

Contact Us

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Our Working Time: ( GMT 0:00-15:00 ) From Monday to Saturday

Support: Contact now 

日本語 Deutsch 繁体中文 한국어

Useful Links

Latest Updated