EC-Council Certified Security Analyst (ECSA) v8.0 (412-79)

Page:    1 / 16   
Total 238 questions

After passively scanning the network of Department of Defense (DoD), you switch over to active scanning to identify live hosts on their network. DoD is a lage organization and should respond to any number of scans. You start an ICMP ping sweep by sending an IP packet to the broadcast address. Only five hosts responds to your ICMP pings; definitely not the number of hosts you were expecting. Why did this ping sweep only produce a few responses?

  • A. A switched network will not respond to packets sent to the broadcast address
  • B. Only IBM AS/400 will reply to this scan
  • C. Only Unix and Unix-like systems will reply to this scan
  • D. Only Windows systems will reply to this scan


Answer : C

Meyer Electronics Systems just recently had a number of laptops stolen out of their office.
On these laptops contained sensitive corporate information regarding patents and company strategies. A month after the laptops were stolen, a competing company was found to have just developed products that almost exactly duplicated products that Meyer produces. What could have prevented this information from being stolen from the laptops?

  • A. SDW Encryption
  • B. EFS Encryption
  • C. DFS Encryption
  • D. IPS Encryption


Answer : B

How many possible sequence number combinations are there in TCP/IP protocol?

  • A. 320 billion
  • B. 32 million
  • C. 4 billion
  • D. 1 billion


Answer : C

George is the network administrator of a large Internet company on the west coast. Per corporate policy, none of the employees in the company are allowed to use FTP or SFTP programs without obtaining approval from the IT department. Few managers are using
SFTP program on their computers. Before talking to his boss, George wants to have some proof of their activity.
George wants to use Ethereal to monitor network traffic, but only SFTP traffic to and from his network. What filter should George use in Ethereal?

  • A. src port 22 and dst port 22
  • B. src port 23 and dst port 23
  • C. net port 22
  • D. udp port 22 and host 172.16.28.1/24


Answer : A

Software firewalls work at which layer of the OSI model?

  • A. Transport
  • B. Application
  • C. Network
  • D. Data Link


Answer : D

Julia is a senior security analyst for Berber Consulting group. She is currently working on a contract for a small accounting firm in Florida. They have given her permission to perform social engineering attacks on the company to see if their in-house training did any good.
Julia calls the main number for the accounting firm andtalks to the receptionist. Julia says that she is an IT technician from the company's main office in Iowa. She states that she needs the receptionist's network username and password to troubleshoot a problem they are having. Julia says that Bill Hammond, the CEO of the company, requested this information. After hearing the name of the CEO, the receptionist gave Julia all the information she asked for.
What principal of social engineering did Julia use?

  • A. Reciprocation
  • B. Friendship/Liking
  • C. Social Validation
  • D. Scarcity


Answer : A

Jessica works as systems administrator for a large electronics firm. She wants to scan her network quickly to detect live hosts by using ICMP ECHO Requests. What type of scan is
Jessica going to perform?

  • A. Ping trace
  • B. Tracert
  • C. Smurf scan
  • D. ICMP ping sweep


Answer : D

John is using Firewalk to test the security of his Cisco PIX firewall. He is also utilizing a sniffer located on a subnet that resides deep inside his network. After analyzing the sniffer log files, he does not see any of the traffic produced by Firewalk. Why is that?

  • A. Firewalk sets all packets with a TTL of zero
  • B. Firewalk cannot pass through Cisco firewalls
  • C. Firewalk sets all packets with a TTL of one
  • D. Firewalk cannot be detected by network sniffers


Answer : C

When you are running a vulnerability scan on a network and the IDS cuts off your connection, what type of IDS is being used?

  • A. NIPS
  • B. Passive IDS
  • C. Progressive IDS
  • D. Active IDS


Answer : D

As a security analyst you setup a false survey website that will require users to create a username and a strong password. You send the link to all the employees of the company.
What information will you be able to gather?

  • A. The employees network usernames and passwords
  • B. The MAC address of the employees?computers
  • C. The IP address of the employees computers
  • D. Bank account numbers and the corresponding routing numbers


Answer : A

On Linux/Unix based Web servers, what privilege should the daemon service be run under?

  • A. You cannot determine what privilege runs the daemon service
  • B. Guest
  • C. Root
  • D. Something other than root


Answer : D

Terri works for a security consulting firm that is currently performing a penetration test on
First National Bank in Tokyo. Terri's duties include bypassing firewalls and switches to gain access to the network. Terri sends an IP packet to one of the company's switches with
ACK bit and the source address of her machine set. What is Terri trying to accomplish by sending this IP packet?

  • A. Enable tunneling feature on the switch
  • B. Trick the switch into thinking it already has a session with Terri's computer
  • C. Crash the switch with a DoS attack since switches cannot send ACK bits
  • D. Poison the switch's MAC address table by flooding it with ACK bits


Answer : B

You are running through a series of tests on your network to check for any security vulnerabilities. After normal working hours, you initiate a DoS attack against your external firewall. The firewall quickly freezes up and becomes unusable. You then initiate an FTP connection from an external IP into your internal network. The connection is successful even though you have FTP blocked at the external firewall. What has happened?

  • A. The firewall failed-open
  • B. The firewall failed-bypass
  • C. The firewall failed-closed
  • D. The firewall ACL has been purged


Answer : A

Kimberly is studying to be an IT security analyst at a vocational school in her town. The school offers many different programming as well as networking languages. What networking protocol language should she learn that routers utilize?

  • A. OSPF
  • B. BPG
  • C. ATM
  • D. UDP


Answer : A

Paul's company is in the process of undergoing a complete security audit including logical and physical security testing. After all logical tests were performed; it is now time for the physical round to begin. None of the employees are made aware of this round of testing.
The security-auditing firm sends in a technician dressed as an electrician. He waits outside in the lobby for some employees to get to work and follows behind them when they access the restricted areas. After entering the main office, he is able to get into the server room telling the IT manager that there is a problem with the outlets in that room. What type of attack has the technician performed?

  • A. Fuzzing
  • B. Tailgating
  • C. Man trap attack
  • D. Backtrapping


Answer : B

Page:    1 / 16   
Total 238 questions