EC-COUNCIL EC-COUNCIL Certifications ECSAV10 Questions & Answers

• Question 81:

  SQL injection attack consists of insertion or "injection" of either a partial or complete SQL query via the data input or transmitted from the client (browser) to the web application. A successful SQL injection attack can: i) Read sensitive data from the database iii) Modify database data (insert/update/delete) iii) Execute administration operations on the database (such as shutdown the DBMS) iV) Recover the content of a given file existing on the DBMS file system or write files into the file system v) Issue commands to the operating system Pen tester needs to perform various tests to detect SQL injection vulnerability. He has to make a list of all input fields whose values could be used in crafting a SQL query, including the hidden fields of POST requests and then test them separately, trying to interfere with the query and to generate an error. In which of the following tests is the source code of the application tested in a non-runtime environment to detect the SQL injection vulnerabilities?

  

  A. Automated Testing

  B. Function Testing

  C. Dynamic Testing

  D. Static Testing

  Correct Answer: D

• Question 82:

  Which type of vulnerability assessment tool provides security to the IT system by testing for vulnerabilities in the applications and operation system?

  A. Active/Passive Tools

  B. Application-layer Vulnerability Assessment Tools

  C. Location/Data Examined Tools

  D. Scope Assessment Tools

  Correct Answer: D

• Question 83:

  The term social engineering is used to describe the various tricks used to fool people (employees, business partners, or customers) into voluntarily giving away information that would not normally be known to the general public.

  

  What is the criminal practice of social engineering where an attacker uses the telephone system in an attempt to scam the user into surrendering private information?

  A. Phishing

  B. Spoofing

  C. Tapping

  D. Vishing

  Correct Answer: D

• Question 84:

  Which one of the following is a useful formatting token that takes an int * as an argument, and writes the number of bytes already written, to that location?

  A. "%n"

  B. "%s"

  C. "%p"

  D. "%w"

  Correct Answer: A

• Question 85:

  You are a security analyst performing a penetration tests for a company in the Midwest. After some initial reconnaissance, you discover the IP addresses of some Cisco routers used by the company. You type in the following URL that includes the IP address of one of the routers: http://172.168.4.131/level/99/exec/show/config After typing in this URL, you are presented with the entire configuration file for that router. What have you discovered?

  A. URL Obfuscation Arbitrary Administrative Access Vulnerability

  B. Cisco IOS Arbitrary Administrative Access Online Vulnerability

  C. HTTP Configuration Arbitrary Administrative Access Vulnerability

  D. HTML Configuration Arbitrary Administrative Access Vulnerability

  Correct Answer: C

• Question 86:

  Which among the following information is not furnished by the Rules of Engagement (ROE) document?

  A. Techniques for data collection from systems upon termination of the test

  B. Techniques for data exclusion from systems upon termination of the test

  C. Details on how data should be transmitted during and after the test

  D. Details on how organizational data is treated throughout and after the test

  Correct Answer: A

• Question 87:

  The first phase of the penetration testing plan is to develop the scope of the project in consultation with the

  client. Pen testing test components depend on the client's operating environment, threat perception,

  security and compliance requirements, ROE, and budget.

  Various components need to be considered for testing while developing the scope of the project.

  

  Which of the following is NOT a pen testing component to be tested?

  A. System Software Security

  B. Intrusion Detection

  C. Outside Accomplices

  D. Inside Accomplices

  Correct Answer: C

• Question 88:

  You work as an IT security auditor hired by a law firm in Boston to test whether you can gain access to sensitive information about the company clients. You have rummaged through their trash and found very little information. You do not want to set off any alarms on their network, so you plan on performing passive foot printing against their Web servers. What tool should you use?

  A. Nmap

  B. Netcraft

  C. Ping sweep

  D. Dig

  Correct Answer: B

• Question 89:

  As a security analyst you setup a false survey website that will require users to create a username and a strong password. You send the link to all the employees of the company. What information will you be able to gather?

  A. The employees network usernames and passwords

  B. The MAC address of the employees' computers

  C. The IP address of the employees computers

  D. Bank account numbers and the corresponding routing numbers

  Correct Answer: C

• Question 90:

  Which of the following pen testing reports provides detailed information about all the tasks performed during penetration testing?

  

  A. Client-Side Test Report

  B. Activity Report

  C. Host Report

  D. Vulnerability Report

  Correct Answer: A