ECCouncil ECSAv8 - EC-Council Certified Security Analyst (ECSA) Exam
Page: 2 / 40
Total 200 questions
Question #6 (Topic: )
A firewall protects networked computers from intentional hostile intrusion that could
compromise confidentiality or result in data corruption or denial of service. It examines all
traffic routed between the two networks to see if it meets certain criteria. If it does, it is
routed between the networks, otherwise it is stopped.
[ECCouncil-ECSAv8-10.3/ECCouncil-ECSAv8-4_2.png]
Why is an appliance-based firewall is more secure than those implemented on top of the
commercial operating system (Software based)?
compromise confidentiality or result in data corruption or denial of service. It examines all
traffic routed between the two networks to see if it meets certain criteria. If it does, it is
routed between the networks, otherwise it is stopped.
[ECCouncil-ECSAv8-10.3/ECCouncil-ECSAv8-4_2.png]
Why is an appliance-based firewall is more secure than those implemented on top of the
commercial operating system (Software based)?
A. Appliance based firewalls cannot be upgraded
B. Firewalls implemented on a hardware firewall are highly scalable
C. Hardware appliances does not suffer from security vulnerabilities associated with the underlying operating system
D. Operating system firewalls are highly configured
Answer: C
Question #7 (Topic: )
In the context of penetration testing, what does blue teaming mean?
[ECCouncil-ECSAv8-10.3/ECCouncil-ECSAv8-5_2.png]
[ECCouncil-ECSAv8-10.3/ECCouncil-ECSAv8-5_2.png]
A. A penetration test performed with the knowledge and consent of the organization's IT staff
B. It is the most expensive and most widely used
C. It may be conducted with or without warning
D. A penetration test performed without the knowledge of the organization's IT staff but with permission from upper management
Answer: A
Question #8 (Topic: )
Which of the following will not handle routing protocols properly?
A. “Internet-router-firewall-net architecture”
B. “Internet-firewall-router-net architecture”
C. “Internet-firewall -net architecture”
D. “Internet-firewall/router(edge device)-net architecture”
Answer: B
Question #9 (Topic: )
Vulnerability assessment is an examination of the ability of a system or application,
including current security procedures and controls, to withstand assault. It recognizes,
measures, and classifies security vulnerabilities in a computer system, network, and
communication channels.
A vulnerability assessment is used to identify weaknesses that could be exploited and
predict the effectiveness of additional security measures in protecting information
resources from attack.
[ECCouncil-ECSAv8-10.3/ECCouncil-ECSAv8-6_2.png]
Which of the following vulnerability assessment technique is used to test the web server
infrastructure for any misconfiguration and outdated content?
including current security procedures and controls, to withstand assault. It recognizes,
measures, and classifies security vulnerabilities in a computer system, network, and
communication channels.
A vulnerability assessment is used to identify weaknesses that could be exploited and
predict the effectiveness of additional security measures in protecting information
resources from attack.
[ECCouncil-ECSAv8-10.3/ECCouncil-ECSAv8-6_2.png]
Which of the following vulnerability assessment technique is used to test the web server
infrastructure for any misconfiguration and outdated content?
A. Passive Assessment
B. Host-based Assessment
C. External Assessment
D. Application Assessment
Answer: D
Question #10 (Topic: )
Which of the following password hashing algorithms is used in the NTLMv2 authentication
mechanism?
mechanism?
A. AES
B. DES (ECB mode)
C. MD5
D. RC5
Answer: C
