ECSAV10 Online Practice Questions and Answers

Frank is performing a wireless pen testing for an organization. Using different wireless attack techniques,

he successfully cracked the WPA-PSK key. He is trying to connect to the wireless network using the WPAPSK key. However, he is unable to connect to the WLAN as the target is using MAC filtering.

What would be the easiest way for Frank to circumvent this and connect to the WLAN?

A. Attempt to crack the WEP key

B. Crack the Wi-Fi router login credentials and disable the ACL

C. Sniff traffic off the WLAN and spoof his MAC address to the one that he has captured

D. Use deauth command from aircrack-ng to deauthenticate a connected user and hijack the session

William, a penetration tester in a pen test firm, was asked to get the information about the SMTP server on

a target network.

What does William need to do to get the SMTP server information?

A. Send an email message to a non-existing user of the target organization and check for bounced mail header

B. Examine the session variables

C. Examine TCP sequence numbers

D. Look for information available in web page source code

WallSec Inc. has faced several network security issues in the past and hired Williamson, a professional pentester, to audit its information systems. Before starting his work, Williamson, with the help of his legal advisor, signed an agreement with his client. This agreement states that confidential information of the client should not be revealed outside of the engagement. What is the name of the agreement that Williamson and his client signed?

A. Non-disclosure agreement

B. TPOC agreement

C. Engagement letter

D. Authorization letter

John and Hillary works at the same department in the company. John wants to find out Hillary's network password so he can take a look at her documents on the file server. He enables Lophtcrack program to sniffing mode. John sends Hillary an email with a link to Error! Reference source not found. What information will he be able to gather from this?

A. The SID of Hillary's network account

B. The network shares that Hillary has permissions

C. The SAM file from Hillary's computer

D. Hillary's network username and password hash

Which of the following external pen testing tests reveals information on price, usernames and passwords, sessions, URL characters, special instructors, encryption used, and web page behaviors?

A. Check for Directory Consistency and Page Naming Syntax of the Web Pages

B. Examine Server Side Includes (SSI)

C. Examine Hidden Fields

D. Examine E-commerce and Payment Gateways Handled by the Web Server

Identify the type of firewall represented in the diagram below:

A. Stateful multilayer inspection firewall

B. Application level gateway

C. Packet filter

D. Circuit level gateway

In a virtual test environment, Michael is testing the strength and security of BGP using multiple routers to mimic the backbone of the Internet. This project will help him write his doctoral thesis on "bringing down the Internet". Without sniffing the traffic between the routers, Michael sends millions of RESET packets to the routers in an attempt to shut one or all of them down. After a few hours, one of the routers finally shuts itself down. What will the other routers communicate between themselves?

A. More RESET packets to the affected router to get it to power back up

B. RESTART packets to the affected router to get it to power back up

C. The change in the routing fabric to bypass the affected router

D. STOP packets to all other routers warning of where the attack originated

When you are running a vulnerability scan on a network and the IDS cuts off your connection, what type of IDS is being used?

A. Passive IDS

B. Active IDS

C. Progressive IDS

D. NIPS

External penetration testing is a traditional approach to penetration testing and is more focused on the servers, infrastructure and the underlying software comprising the target. It involves a comprehensive analysis of publicly available information about the target, such as Web servers, Mail servers, Firewalls, and Routers.

Which of the following types of penetration testing is performed with no prior knowledge of the site?

A. Blue box testing

B. White box testing

C. Grey box testing

D. Black box testing

SQL injection attacks are becoming significantly more popular amongst hackers and there has been an

estimated 69 percent increase of this attack type.

This exploit is used to great effect by the hacking community since it is the primary way to steal sensitive

data from web applications. It takes advantage of non-validated input vulnerabilities to pass SQL

commands through a web application for execution by a back-end database.

The below diagram shows how attackers launched SQL injection attacks on web applications.

Which of the following can the attacker use to launch an SQL injection attack?

A. Blah' "2=2 -"

B. Blah' and 2=2 -

C. Blah' and 1=1 -

D. Blah' or 1=1 -