ECCouncil ECSAv10 - EC-Council Certified Security Analyst Exam
Page: 2 / 30
Total 150 questions
Question #6 (Topic: Topic 1)
Steven is performing a wireless network audit. As part of the engagement, he is trying to crack a WPA-PSK key. Steven has captured enough packets to run
aircrack-ng and discover the key, but aircrack-ng did not yield any result, as there were no authentication packets in the capture.
Which of the following commands should Steven use to generate authentication packets?
aircrack-ng and discover the key, but aircrack-ng did not yield any result, as there were no authentication packets in the capture.
Which of the following commands should Steven use to generate authentication packets?
A. aireplay-ng --deauth 11 -a AA:BB:CC:DD:EE:FF
B. airmon-ng start eth0
C. airodump-ng --write capture eth0
D. aircrack-ng.exe -a 2 -w capture.cap
Answer: A
Question #7 (Topic: Topic 1)
Sam was asked to conduct penetration tests on one of the clientג€™s internal networks. As part of the testing process, Sam performed enumeration to gain
information about computers belonging to a domain, list of shares on the individual hosts in the network, policies and passwords.
Identify the enumeration technique.
information about computers belonging to a domain, list of shares on the individual hosts in the network, policies and passwords.
Identify the enumeration technique.
A. NTP Enumeration
B. NetBIOS Enumeration
C. DNS Enumeration
D. SMTP Enumeration
Answer: B
Question #8 (Topic: Topic 1)
Jason is working on a pen testing assignment. He is sending customized ICMP packets to a host in the target network. However, the ping requests to the target
failed with ג€ICMP Time Exceeded Type = 11ג€ error messages.
What can Jason do to overcome this error?
failed with ג€ICMP Time Exceeded Type = 11ג€ error messages.
What can Jason do to overcome this error?
A. Set a Fragment Offset
B. Increase the Window size in the packets
C. Increase the TTL value in the packets
D. Increase the ICMP header length
Answer: C
Question #9 (Topic: Topic 1)
Joseph, a penetration tester, was hired by Xsecurity Services. Joseph was asked to perform a pen test on a clientג€™s network. He was not provided with any
information about the client organization except the company name.
Identify the type of testing Joseph is going to perform for the client organization?
information about the client organization except the company name.
Identify the type of testing Joseph is going to perform for the client organization?
A. White-box Penetration Testing
B. Black-box Penetration Testing
C. Announced Testing
D. Grey-box Penetration Testing
Answer: B
Question #10 (Topic: Topic 1)
An organization deployed Microsoft Azure cloud services for running their business activities. They appointed Jamie, a security analyst for performing cloud
penetration testing. Microsoft prohibits certain tests to be carried out on their platform.
Which of the following penetration testing activities Jamie cannot perform on the Microsoft Azure cloud service?
penetration testing. Microsoft prohibits certain tests to be carried out on their platform.
Which of the following penetration testing activities Jamie cannot perform on the Microsoft Azure cloud service?
A. Post scanning
B. Denial-of-Service
C. Log monitoring
D. Load testing
Answer: B
