1. Home
  2. EC-COUNCIL
  3. ECSAV10

EC-Council Certified Security Analyst (ECSA) v10

Exam Details

  • Exam Code
    :ECSAV10
  • Exam Name
    :EC-Council Certified Security Analyst (ECSA) v10
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :354 Q&As
  • Last Updated
    :Mar 24, 2025

EC-COUNCIL EC-COUNCIL Certifications ECSAV10 Questions & Answers

  • Question 111:

    Which of the following attributes has a LM and NTLMv1 value as 64bit + 64bit + 64bit and NTLMv2 value as 128 bits?

    A. Hash Key Length

    B. C/R Value Length

    C. C/R Key Length

    D. Hash Value Length

  • Question 112:

    Identify the framework that comprises of five levels to guide agency assessment of their security programs and assist in prioritizing efforts for improvement:

    A. Information System Security Assessment Framework (ISSAF)

    B. Microsoft Internet Security Framework

    C. Nortells Unified Security Framework

    D. Federal Information Technology Security Assessment Framework

  • Question 113:

    Information gathering is performed to:

    i) Collect basic information about the target company and its network ii) Determine the operating system

    used, platforms running, web server versions, etc.

    iii) Find vulnerabilities and exploits

    Which of the following pen testing tests yields information about a company's technology infrastructure?

    A. Searching for web page posting patterns

    B. Analyzing the link popularity of the company's website C. Searching for trade association directories

    D. Searching for a company's job postings

  • Question 114:

    Vulnerability assessment is an examination of the ability of a system or application, including the current security procedures and controls, to withstand assault.

    What does a vulnerability assessment identify?

    A. Disgruntled employees

    B. Weaknesses that could be exploited

    C. Physical security breaches

    D. Organizational structure

  • Question 115:

    Rules of Engagement (ROE) document provides certain rights and restriction to the test team for performing the test and helps testers to overcome legal, federal, and policy-related restrictions to use different penetration testing tools and techniques.

    What is the last step in preparing a Rules of Engagement (ROE) document?

    A. Conduct a brainstorming session with top management and technical teams

    B. Decide the desired depth for penetration testing

    C. Conduct a brainstorming session with top management and technical teams

    D. Have pre-contract discussions with different pen-testers

  • Question 116:

    Which of the following methods is used to perform server discovery?

    A. Banner Grabbing

    B. Who is Lookup

    C. SQL Injection

    D. Session Hijacking

  • Question 117:

    Timing is an element of port-scanning that can catch one unaware. If scans are taking too long to complete or obvious ports are missing from the scan, various time parameters may need to be adjusted. Which one of the following scanned timing options in NMAP's scan is useful across slow WAN links or to hide the scan?

    A. Paranoid

    B. Sneaky

    C. Polite

    D. Normal

  • Question 118:

    You are trying to locate Microsoft Outlook Web Access Default Portal using Google search on the Internet. What search string will you use to locate them?

    A. intitle:"exchange server"

    B. outlook:"search"

    C. locate:"logon page"

    D. allinurl:"exchange/logon.asp"

  • Question 119:

    Which of the following policies states that the relevant application owner must authorize requests for additional access to specific business applications in writing to the IT Department/resource?

    A. Special-Access Policy

    B. User Identification and Password Policy

    C. Personal Computer Acceptable Use Policy

    D. User-Account Policy

  • Question 120:

    After attending a CEH security seminar, you make a list of changes you would like to perform on your network to increase its security. One of the first things you change is to switch the Restrict Anonymous setting from 0 to 1 on your servers. This, as you were told, would prevent anonymous users from establishing a null session on the server. Using User info tool mentioned at the seminar, you succeed in establishing a null session with one of the servers. Why is that?

    A. Restrict Anonymous must be set to "2" for complete security

    B. Restrict Anonymous must be set to "3" for complete security

    C. There is no way to always prevent an anonymous null session from establishing

    D. Restrict Anonymous must be set to "10" for complete security

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your ECSAV10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.