Stuart has successfully cracked the WPA-PSK password during his wireless pen testing assignment.
However, he is unable to connect to the access point using this password.
What could be the probable reason?
A. It is a rogue access point
B. The access point implements another layer of WEP encryption
C. The access point implements a signal jammer to protect from attackers
D. The access point implements MAC filtering
Veronica, a penetration tester at a top MNC company, is trying to breach the company's database as a part of SQLi penetration testing. She began to use the SQLi techniques to test the database security level.
She inserted new database commands into the SQL statement and appended a SQL Server EXECUTE
command to the vulnerable SQL statements.
Which of the following SQLi techniques was used to attack the database?
A. Function call injection
B. File inclusion
C. Buffer Overflow
D. Code injection
As a part of information gathering, you are given a website URL and asked to identify the operating system using passive OS fingerprinting. When you begin to use p0f tool and browse the website URL, the tool captures the header information of all the packets sent and received, and decodes them. Which among the decoded request/response packets hold the operating system information of the remote operating system?
A. SYN
B. SYN-ACK
C. ACK
D. RST
Karen is a Network engineer at ITSec, a reputed MNC based in Philadelphia, USA. She wants to retrieve the DNS records from the publicly available servers. She searched using Google for the providers DNS Information and found the following sites: http://www.dnsstuff.com https://dnsquery.org Through these sites she got the DNS records information as she wished. What information is contained in DNS records?
A. Information about the DNS logs.
B. Information about local MAC addresses.
C. Information such as mail server extensions, IP addresses etc.
D. Information about the database servers and its services.
Edward is a penetration tester hired by the OBC Group. He was asked to gather information on the client's
network. As part of the work assigned, Edward needs to find the range of IP addresses and the subnet
mask used by the target organization.
What does Edward need to do to get the required information?
A. Search for web pages posting patterns and revision numbers
B. Search for an appropriate Regional Internet Registry (RIR)
C. Search for link popularity of the company's website
D. Search for Trade Association Directories
Jack, a network engineer, is working on an IPv6 implementation for one of his clients. He deployed IPv6 on
IPv4 networks using a mechanism where a node can choose from IPv6 or IPv4 based on the DNS value.
This makes the network resources work simpler.
What kind of technique did Jack use?
A. Dual stacks
B. Filtering
C. Translation
D. Tunneling
Arnold is trying to gain access to a database by inserting exploited query statements with a WHERE
clause. He wants to retrieve all the entries from a particular table (e. g. StudName) using the WHERE
clause.
What query does Arnold need to write to retrieve the information?
A. EXTRACT * FROM StudName WHERE roll_number = 1 order by 1000
B. DUMP * FROM StudName WHERE roll_number = 1 AND 1=1-
C. SELECT * FROM StudName WHERE roll_number = " or '1' = '1'
D. RETRIVE * FROM StudName WHERE roll_number = 1'#
Robert is a network admin in XYZ Inc. He deployed a Linux server in his enterprise network and wanted to share some critical and sensitive files that are present in the Linux server with his subordinates. He wants to set the file access permissions using chmod command in such a way that his subordinates can only read/view the files but cannot edit or delete the files. Which of the following chmod commands can Robert use in order to achieve his objective?
A. chmod 666
B. chmod 644
C. chmod 755
D. chmod 777
Tecty Motors Pvt. Ltd. has recently deployed RFID technology in the vehicles which allows the car owner to unlock the car with the exchange of a valid RFID signal between a reader and a tag. Jamie, on the other hand, is a hacker who decided to exploit this technology with the aim of stealing the target vehicle. To perform this attack on the target vehicle, he first used an automated tool to intercept the signals between the reader and the tag to capture a valid RFID signal and then later used the same signal to unlock and steal the victim's car. Which of the following RFID attacks Jamie has performed in the above scenario?
A. RFID cloning
B. Replay attack
C. DoS attack
D. Power analysis attack
You have just completed a database security audit and writing the draft pen testing report.
Which of the following will you include in the recommendation section to enhance the security of the
database server?
A. Allow direct catalog updates
B. Install SQL Server on a domain controller
C. Install a certificate to enable SSL connections
D. Grant permissions to the public database role
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your ECSAV10 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.