Exam (elaborations)
Real ECSAv10 ECSA Certification Questions V8.02 Killtest Exam With Complete Solutions
- Course
- Institution
Real ECSAv10 ECSA Certification Questions V8.02 Killtest Exam With Complete Solutions...
[Show more]
Content preview
Real ECSAv10 ECSA Certification Questions V8.02 KilltestExam With Complete Solutions
Irin is a newly joined pentester for XYZ Ltd. While joining, as part of her training, she was
instructed about various legal policies and information securities acts by her trainer.
During the training, she was informed about an information security act, specifically
related to conducts and activities-things like: it is illegal to perform DoS attacks on any
websites or applications, illegal to supply and own hacking tools, and illegal to access
unauthorized computer material, etc.
Above conducts and activities best suit in what kind of information security act?
A. Police and Justice Act 2006
B. Data Protection Act 1998
C. USA Patriot Act 2001
D. Human Rights Act 1998
ANSWER B. Data Protection Act 1998
Adam is an IT administrator at Syncan Ltd. He is entrusted with all types of IT work,
which include, but are not limited to, the creation of new user accounts, managing
backup/restores, security authentications, and passwords. While Adam was on duty, he
received an assignment to implement the most recent, secure authentication protocol
that will encrypt the passwords of users stored in systems running on the Microsoft
Windows OS.
Which of the following authentication protocols should Adam use to do so?
A. LANMAN
B. Kerberos
C. NTLM
D. NTLMv2 - ANSWER C. NTLM
Michael, a Certified Penetration Tester has been tasked with replicating the original
website exactly so he can navigate on it and devote more time to analyzing it.
, Which of the following tools will Michael use to do so?
A. VisualRoute
B. NetInspector
C. BlackWidow
D. Zaproxy - ANSWER C. BlackWidow
A hacker sends so many invalid requests to a cloud network host that the host utilizes all
of its resources responding to invalid requests and does not attend to the valid
requests. Identify the type of attack
A. Denial of Service (DoS) attacks
B. Side Channel attacks
C. Man-in-the-middle cryptographic attacks
D. Authentication attacks - ANSWER A. Denial of Service (DoS) attacks
Thomas is an Attacker, and he skimmed through the HTML source code of an online
shopping website in search of any vulnerabilities that he could use. He has information
from his experience that on an online shopping webpage, whenever any user selects
some items, the choices are normally saved as form field values and submitted to the
application after clicking the Submit button as an HTTP request in the form of GET or
POST. A few fields about the selected items can normally be changed by the user, such
as quantity and color; a few are not, like price. He skimmed through the HTML code and
found that the price of the field values of the items are available in the HTML code. He
then changed some of the item's price field value from $200 to $2 in the HTML code and
was able to submit the request successfully to the application. What type of attack does
Thomas carry out on the online shopping website?
A. Session poisoning attack
B. H - ANSWER C. HTML embedding attack
Steven is performing a wireless network audit. As part of the engagement, he is trying to
crack a WPA¬PSK key. Steven has captured enough packets to run aircrack-ng and
discover the key but aircrack-ng did not yield any result, as there were no
authentication packets in the capture.
Which of the following commands should Steven use to generate authentication
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Easton. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.99. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
77254 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now