CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. ECSAv10

Free ECSAv10 Exam Braindumps (page: 23)

Page 23 of 52
PDF with 203 Questions

Information gathering is performed to:
i) Collect basic information about the target company and its network ii) Determine the operating system used, platforms running, web server versions, etc.
iii) Find vulnerabilities and exploits



Which of the following pen testing tests yields information about a company's technology infrastructure?

  1. Searching for web page posting patterns
  2. Analyzing the link popularity of the company's website
  3. Searching for trade association directories
  4. Searching for a company's job postings

Answer(s): D



Vulnerability assessment is an examination of the ability of a system or application, including the current security procedures and controls, to withstand assault.



What does a vulnerability assessment identify?

  1. Disgruntled employees
  2. Weaknesses that could be exploited
  3. Physical security breaches
  4. Organizational structure

Answer(s): B



Rules of Engagement (ROE) document provides certain rights and restriction to the test team for performing the test and helps testers to overcome legal, federal, and policy-related restrictions to use different penetration testing tools and techniques.



What is the last step in preparing a Rules of Engagement (ROE) document?

  1. Conduct a brainstorming session with top management and technical teams
  2. Decide the desired depth for penetration testing
  3. Conduct a brainstorming session with top management and technical teams
  4. Have pre-contract discussions with different pen-testers

Answer(s): C



Which of the following methods is used to perform server discovery?

  1. Banner Grabbing
  2. Who is Lookup
  3. SQL Injection
  4. Session Hijacking

Answer(s): B



Page 23 of 52



Post your Comments and Discuss EC-Council ECSAv10 exam with other Community members:

Calisto MF Moniz commented on October 12, 2024
No comment for this form for the time being.
Anonymous
upvote

Calisto MF Moniz commented on October 12, 2024
Good mechanism for Security expertise practices!
Anonymous
upvote

Raymond commented on July 06, 2021
This is my second purchase. I passed first exam already.
MEXICO
upvote