CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. ECSAV8

Free ECSAV8 Exam Braindumps (page: 13)

Page 12 of 51
PDF with 200 Questions

If a web application sends HTTP cookies as its method for transmitting session tokens, it may be vulnerable which of the following attacks?

  1. Parameter tampering Attack
  2. Sql injection attack
  3. Session Hijacking
  4. Cross-site request attack

Answer(s): D


Reference:

https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)



When you are running a vulnerability scan on a network and the IDS cuts off your connection, what type of IDS is being used?

  1. Passive IDS
  2. Active IDS
  3. Progressive IDS
  4. NIPS

Answer(s): B



Which one of the following log analysis tools is used for analyzing the server’s log files?

  1. Performance Analysis of Logs tool
  2. Network Sniffer Interface Test tool
  3. Ka Log Analyzer tool
  4. Event Log Tracker tool

Answer(s): C



Rules of Engagement (ROE) document provides certain rights and restriction to the test team for performing the test and helps testers to overcome legal, federal, and policy-related restrictions to use different penetration testing tools and techniques.

What is the last step in preparing a Rules of Engagement (ROE) document?

  1. Conduct a brainstorming session with top management and technical teams
  2. Decide the desired depth for penetration testing
  3. Conduct a brainstorming session with top management and technical teams
  4. Have pre-contract discussions with different pen-testers

Answer(s): C






Post your Comments and Discuss EC-Council ECSAV8 exam with other Community members:

ECSAV8 Discussions & Posts