Which type of penetration testing will require you to send the Internal Control Questionnaires (ICQ) to the client?
A. White-box testing
B. Black-box testing
C. Blind testing
D. Unannounced testing
During a DHCP handshake in an IPv4 network, which of the following messages contains the actual IP addressing information for the clients to use?
A. DHCPDISCOVER
B. DHCPACK
C. REPLY
D. SOLICIT
Depp Networks is a leader in providing ethical hacking services. They were tasked to examine the strength
of a client network. After using a wide range of tests, they finally zeroed in on ICMP tunneling to bypass the
firewall.
What factor makes ICMP tunneling appropriate to bypass the firewall?
A. Deep packet inspection
B. Firewalls can not inspect ICMP packets
C. Firewalls can not handle the fragmented packets
D. The payload portion is arbitrary and not examined by most firewalls
Michael, a penetration tester of Rolatac Pvt. Ltd., has completed his initial penetration testing and now he needs to create a penetration testing report for company's client, management, and top officials for their reference. For this, he created a report providing a detailed summary of the complete penetration testing process of the project that he has undergone, its outcomes, and recommendations for future testing and exploitation.
In the above scenario, which type of penetration testing report has Michael prepared?
A. Host report
B. Activity report
C. User report
D. Executive report
John is working as a cloud security analyst in an organization. The management instructed him to
implement a technology in the cloud infrastructure which allows the organization to share the underlying
cloud resources such as server, storage devices, and network.
Which of the following technologies John must employ?
A. VoIP technology
B. Virtualization technology
C. RFID technology
D. Site technology
The security team found the network switch has changed its behavior to learning mode and is functioning like a hub. The CAM table of the switch was filled with unnecessary traffic. Someone tried to penetrate into the network space by attacking the network switches. They wrote a report and submitted to higher authorities. What kind of an attack did the attackers perform against the network switch?
A. DNS Poisoning
B. MITM Attack
C. MAC Flooding
D. ARP Poisoning
Which of the following pre-engagement documents identifies the systems to be tested, types of tests, and the depth of the testing?
A. Draft Report
B. Letter of Intent
C. Rule of Engagement
D. Authorization Letter
George works at 3D-Networks Ltd as a Network Admin. He received an email from one of his clients stating that the client's company website has some flaws and they are receiving continuous emails from customers about the inconveniencies. While checking the web servers, he found loopholes with the DNS servers and he installed DNSSEC-Aware lookups. This made the site functional and the client was happy with the outcome. What problem does a Non-DNSSEC-Aware site face?
A. The users will get more information than they desired.
B. The user's commands will be delayed and the information they requested may be not delivered.
C. The site becomes slow and vulnerable
D. A mischievous Internet user can cut off the request and send back incorrect information by spoofing the response.
As a normal three-way handshake mechanism system A sends an ACK packet to system B. However,
system A does not send an ACK packet to system B. In this case, client B is waiting for an ACK packet
from client A.
What is the status of client B?
A. "Half-open"
B. "Filtered"
C. "Half-closed"
D. "Full-open"
GenSec Inc, a UK-based company, uses Oracle database to store all its data. The company also uses Oracle DataBase Vault to restrict users access to specific areas of their database. GenSec hired a senior penetration tester and security auditor named Victor to check the vulnerabilities of the company's Oracle DataBase Vault. He was asked to find all the possible vulnerabilities that can bypass the company's Oracle DB Vault. Victor tried different kinds of attacks to penetrate into the company's Oracle DB Vault and succeeded. Which of the following attacks can help Victor to bypass GenSec's Oracle DB Vault?
A. Man-in-the-Middle Attack
B. Denial-of-Service Attack
C. Replay Attack
D. SQL Injection
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your ECSAV10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.