AB Cloud services provide virtual platform services for the users in addition to storage. The company offers users with APIs, core connectivity and delivery, abstraction and hardware as part of the service. What is the name of the service AB Cloud services offer?
A. Web Application Services
B. Platform as a service (PaaS)
C. Infrastructure as a service (IaaS)
D. Software as a service (SaaS)
Moses, a professional hacker, attempts to overwhelm the target victim computer by transmitting TCP connection requests faster than the computer can process them. He started sending multiple SYN packets of size between 800 and 900 bytes with spoofed source addresses and port numbers. The main intention of Moses behind this attack is to exhaust the server resources and saturate the network of the target organization. Identify the type of attack being performed by Moses?
A. VTP attack
B. DoS attack
C. ARP attack
D. HSRP attack
What is the purpose of the Traceroute command?
A. For extracting information about the network topology, trusted routers, and firewall locations
B. For extracting information about closed ports
C. For extracting information about the server functioning
D. For extracting information about opened ports
Which port does DHCP use for client connections?
A. UDP port 67
B. UDP port 68
C. UDP port 69
D. UDP port 66
Rebecca, a security analyst, was auditing the network in her organization. During the scan, she found a
service running on a remote host, which helped her to enumerate information related to user accounts,
network interfaces, network routing and TCP connections.
Which among the following services allowed Rebecca to enumerate the information?
A. NTP
B. SNMP
C. SMPT
D. SMB
In delivering penetration testing report, which of the following steps should NOT be followed?
A. Always send the report by email or CD-ROM
B. Always deliver the report to approved stakeholders in the company in person
C. Always ask for a signed acknowledgment after submitting the report
D. Report must be presented in a PDF format, unless requested otherwise
Frank is performing a wireless pen testing for an organization. Using different wireless attack techniques,
he successfully cracked the WPA-PSK key. He is trying to connect to the wireless network using the WPAPSK key. However, he is unable to connect to the WLAN as the target is using MAC filtering.
What would be the easiest way for Frank to circumvent this and connect to the WLAN?
A. Attempt to crack the WEP key
B. Crack the Wi-Fi router login credentials and disable the ACL
C. Sniff traffic off the WLAN and spoof his MAC address to the one that he has captured
D. Use deauth command from aircrack-ng to deauthenticate a connected user and hijack the session
Christen is a renowned SQL penetration testing specialist in the US. A multinational ecommerce company hired him to check for vulnerabilities in the SQL database. Christen wanted to perform SQL penetration testing on the database by entering a massive amount of data to crash the web application of the company and discover coding errors that may lead to a SQL injection attack. Which of the following testing techniques is Christen using?
A. Fuzz Testing
B. Stored Procedure Injection
C. Union Exploitation
D. Automated Exploitation
Fred, who owns a company called Skyfeit Ltd., wants to test the enterprise network for presence of any vulnerabilities and loopholes. He employed a third-party penetration testing team and asked them to perform the penetration testing over his organizational infrastructure. Fred briefed the team about his network infrastructure and provided them with a set of IP addresses on which they can perform tests. He gave them strict instruction not to perform DDoS attacks or access the domain servers in the company. He also instructed them that they can carry out the penetration tests even when the regular employees are on duty since they lack the clue about the happenings. However, he asked the team to take care that no interruption in business continuity should be caused. He also informed the penetration testing team that they get only 1 month to carry out the test and submit the report. What kind of penetration test did Fred ask the third-party penetration testing team to perform?
A. Announced testing
B. Blind testing
C. Grey-Box testing
D. Unannounced testing
The Finger service displays information such as currently logged-on users, email address, full name, etc. Which among the following ports would you scan to identify this service during a penetration test?
A. Port 89
B. Port 99
C. Port 69
D. Port 79
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your ECSAV10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.