Free ECSAV8 Exam Braindumps (page: 27)

Page 26 of 51

Which of the following attacks is an offline attack?

  1. Pre-Computed Hashes
  2. Hash Injection Attack
  3. Password Guessing
  4. Dumpster Diving

Answer(s): A


Reference:

http://nrupentheking.blogspot.com/2011/02/types-of-password-attack-2.html



Which of the following is the range for assigned ports managed by the Internet Assigned Numbers Authority (IANA)?

  1. 3001-3100
  2. 5000-5099
  3. 6666-6674
  4. 0 – 1023

Answer(s): D


Reference:

https://www.ietf.org/rfc/rfc1700.txt (well known port numbers, 4th para)



Which of the following protocols cannot be used to filter VoIP traffic?

  1. Media Gateway Control Protocol (MGCP)
  2. Real-time Transport Control Protocol (RTCP)
  3. Session Description Protocol (SDP)
  4. Real-Time Publish Subscribe (RTPS)

Answer(s): D



The amount of data stored in organizational databases has increased rapidly in recent years due to the rapid advancement of information technologies. A high percentage of these data is sensitive, private and critical to the organizations, their clients and partners.

Therefore, databases are usually installed behind internal firewalls, protected with intrusion detection mechanisms and accessed only by applications. To access a database, users have to connect to one of these applications and submit queries through them to the database. The threat to databases arises when these applications do not behave properly and construct these queries without sanitizing user inputs first.

Identify the injection attack represented in the diagram below:

  1. Frame Injection Attack
  2. LDAP Injection Attack
  3. XPath Injection Attack
  4. SOAP Injection Attack

Answer(s): B


Reference:

e https://www.blackhat.com/presentations/bh-europe-08/Alonso-Parada/Whitepaper/bh-eu-08-alonso-parada-WP.pdf ( page 3 to 5)






Post your Comments and Discuss EC-Council ECSAV8 exam with other Community members:

ECSAV8 Discussions & Posts