ECSAv8 Online Practice Questions and Answers

Which Wireshark filter displays all the packets where the IP address of the source host is 10.0.0.7?

A. ip.dst==10.0.0.7

B. ip.port==10.0.0.7

C. ip.src==10.0.0.7

D. ip.dstport==10.0.0.7

Which of the following statements is true about the LM hash?

A. Disabled in Windows Vista and 7 OSs

B. Separated into two 8-character strings

C. Letters are converted to the lowercase

D. Padded with NULL to 16 characters

Amazon Consulting Corporation provides penetration testing and managed security services to companies. Legality and regulatory compliance is one of the important components in conducting a successful security audit. Before starting a test, one of the agreements both the parties need to sign relates to limitations, constraints, liabilities, code of conduct, and indemnification considerations between the parties.

Which agreement requires a signature from both the parties (the penetration tester and the company)?

A. Non-disclosure agreement

B. Client fees agreement

C. Rules of engagement agreement

D. Confidentiality agreement

John, a penetration tester, was asked for a document that defines the project, specifies goals, objectives, deadlines, the resources required, and the approach of the project. Which of the following includes all of these requirements?

A. Penetration testing project plan

B. Penetration testing software project management plan

C. Penetration testing project scope report

D. Penetration testing schedule plan

Which type of vulnerability assessment tool provides security to the IT system by testing for vulnerabilities in the applications and operation system?

A. Active/Passive Tools

B. Application-layer Vulnerability Assessment Tools

C. Location/Data Examined Tools

D. Scope Assessment Tools

Traffic on which port is unusual for both the TCP and UDP ports?

A. Port 81

B. Port 443

C. Port 0

D. Port21

Which of the following attacks is an offline attack?

A. Pre-Computed Hashes

B. Hash Injection Attack

C. Password Guessing

D. Dumpster Diving

SQL injection attack consists of insertion or "injection" of either a partial or complete SQL query via the

data input or transmitted from the client (browser) to the web application.

A successful SQL injection attack can:

i)Read sensitive data from the database

iii)Modify database data (insert/update/delete)

iii)Execute administration operations on the database (such as shutdown the DBMS)

iV)Recover the content of a given file existing on the DBMS file system or write files into the file system

v)Issue commands to the operating system

Pen tester needs to perform various tests to detect SQL injection vulnerability. He has to make a list of all input fields whose values could be used in crafting a SQL query, including the hidden fields of POST requests and then test them separately, trying to interfere with the query and to generate an error.

In which of the following tests is the source code of the application tested in a non-runtime environment to detect the SQL injection vulnerabilities?

A. Automated Testing

B. Function Testing

C. Dynamic Testing

D. Static Testing

Identify the type of authentication mechanism represented below: A. NTLMv1

B. NTLMv2

C. LAN Manager Hash

D. Kerberos

The objective of social engineering pen testing is to test the strength of human factors in a security chain within the organization. It is often used to raise the level of security awareness among employees.

The tester should demonstrate extreme care and professionalism during a social engineering pen test as it might involve legal issues such as violation of privacy and may result in an embarrassing situation for the organization.

Which of the following methods of attempting social engineering is associated with bribing, handing out gifts, and becoming involved in a personal relationship to befriend someone inside the company?

A. Accomplice social engineering technique

B. Identity theft

C. Dumpster diving

D. Phishing social engineering technique