EC-COUNCIL EC-COUNCIL Certifications ECSAV10 Questions & Answers

• Question 41:

  Which of the following acts is a proprietary information security standard for organizations that handle cardholder information for the major debit, credit, prepaid, e-purse, ATM, and POS cards and applies to all entities involved in payment card processing?

  A. PIPEDA

  B. PCI DSS

  C. Human Rights Act 1998

  D. Data Protection Act 1998

  Correct Answer: B

• Question 42:

  ARP spoofing is a technique whereby an attacker sends fake ("spoofed") Address Resolution Protocol (ARP) messages onto a Local Area Network. Generally, the aim is to associate the attacker's MAC address with the IP address of another host (such as the default gateway), causing any traffic meant for that IP address to be sent to the attacker instead. ARP spoofing attack is used as an opening for other attacks.

  

  What type of attack would you launch after successfully deploying ARP spoofing?

  A. Parameter Filtering

  B. Social Engineering

  C. Input Validation

  D. Session Hijacking

  Correct Answer: D

• Question 43:

  The Web parameter tampering attack is based on the manipulation of parameters exchanged between client and server in order to modify application data, such as user credentials and permissions, price and quantity of products, etc. Usually, this information is stored in cookies, hidden form fields, or URL Query Strings, and is used to increase application functionality and control. This attack takes advantage of the fact that many programmers rely on hidden or fixed fields (such as a hidden tag in a form or a parameter in a URL) as the only security measure for certain operations. Attackers can easily modify these parameters to bypass the security mechanisms that rely on them.

  

  What is the best way to protect web applications from parameter tampering attacks?

  A. Validating some parameters of the web application

  B. Minimizing the allowable length of parameters

  C. Using an easily guessable hashing algorithm

  D. Applying effective input field filtering parameters

  Correct Answer: D

• Question 44:

  Internet Control Message Protocol (ICMP) messages occur in many situations, such as whenever a datagram cannot reach the destination or the gateway does not have the buffering capacity to forward a datagram. Each ICMP message contains three fields: type, code, and checksum. Different types of Internet Control Message Protocols (ICMPs) are identified by a TYPE field. If the destination is not reachable, which one of the following are generated?

  A. Type 8 ICMP codes

  B. Type 12 ICMP codes

  C. Type 3 ICMP codes

  D. Type 7 ICMP codes

  Correct Answer: C

• Question 45:

  What will the following URL produce in an unpatched IIS Web Server?

  

  A. Execute a buffer flow in the C: drive of the web server

  B. Insert a Trojan horse into the C: drive of the web server

  C. Directory listing of the C:\windows\system32 folder on the web server

  D. Directory listing of C: drive on the web server

  Correct Answer: D

• Question 46:

  Which one of the following architectures has the drawback of internally considering the hosted services individually?

  A. Weak Screened Subnet Architecture

  B. "Inside Versus Outside" Architecture

  C. "Three-Homed Firewall" DMZ Architecture

  D. Strong Screened-Subnet Architecture

  Correct Answer: C

• Question 47:

  John, the penetration testing manager in a pen testing firm, needs to prepare a pen testing pricing report for a client. Which of the following factors does he need to consider while preparing the pen testing pricing report?

  

  A. Number of employees in the client organization

  B. Complete structure of the organization

  C. Number of client computers to be tested and resources required to perform a pen test

  D. Number of servers available in the client organization

  Correct Answer: C

• Question 48:

  TCP/IP provides a broad range of communication protocols for the various applications on the network. The TCP/IP model has four layers with major protocols included within each layer. Which one of the following protocols is used to collect information from all the network devices?

  A. Simple Network Management Protocol (SNMP)

  B. Network File system (NFS)

  C. Internet Control Message Protocol (ICMP)

  D. Transmission Control Protocol (TCP)

  Correct Answer: A

• Question 49:

  What is kept in the following directory? HKLM\SECURITY\Policy\Secrets

  A. Service account passwords in plain text

  B. Cached password hashes for the past 20 users

  C. IAS account names and passwords

  D. Local store PKI Kerberos certificates

  Correct Answer: A

• Question 50:

  You are working on a thesis for your doctorate degree in Computer Science. Your thesis is based on

  HTML, DHTML, and other web-based languages and how they have evolved over the years. You navigate

  to archive.org and view the HTML code of news.com. You then navigate to the current news.com website

  and copy over the source code. While searching through the code, you come across something abnormal:

  

  What have you found?

  A. Trojan.downloader

  B. Blind bug

  C. Web bug

  D. CGI code

  Correct Answer: C