Pass ECSAv10 Exam Guide

EC-Council Certified Security Analyst (ECSA) v10 : Penetration Testing Questions and Answers

Question 21

Choose the correct option to define the Prefix Length.

Options:

Prefix Length = Subnet + Host portions

Prefix Length = Network + Host portions

Prefix Length = Network + Subnet portions

Prefix Length = Network + Subnet + Host portions

Question 22

In the process of hacking a web application, attackers manipulate the HTTP requests to subvert the application authorization schemes by modifying input fields that relate to the user ID, username, access group, cost, file names, file identifiers, etc.

They first access the web application using a low privileged account and then escalate privileges to access protected resources. What attack has been carried out?

Options:

XPath Injection Attack

Authorization Attack

Authentication Attack

Frame Injection Attack

Question 23

After passing her CEH exam, Carol wants to ensure that her network is completely secure. She implements a DMZ, statefull firewall, NAT, IPSEC, and a packet filtering firewall. Since all security measures were taken, none of the hosts on her network can reach the Internet.

Why is that?

Options:

IPSEC does not work with packet filtering firewalls

NAT does not work with IPSEC

NAT does not work with statefull firewalls

Statefull firewalls do not work with packet filtering firewalls

Question 24

Which of the following statements is true about Multi-Layer Intrusion Detection Systems (mIDSs)?

Options:

Decreases consumed employee time and increases system uptime

Increases detection and reaction time

Increases response time

Both Decreases consumed employee time and increases system uptime and Increases response time

Labour Day Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

EC-Council Certified Security Analyst (ECSA) v10 : Penetration Testing Questions and Answers

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer: