ECSA Exam Sample Questions

Free ecsa test questions to pass free ecsa practice test questions. For ecsa exam practice questions you must go through real exam. For that we provide Free EC-Council Security Analyst (ECSA) real test. We discuss in these test questions for ecsa from different topics like ecsa practice exam questions, ecsa exam questions online free .

ecsa questions practice

In this test you have to answer ecsa exam practice questions. To get pass test ecsa you must answers correct. So Enjoy these practice exam questions ecsa to get enough knowledge for ecsa practice test attempt. You will get mock test answers after click submit button at bottom. If any question wrong just click on go back button to correct it. Easy Na!




Disclaimer:-
EC-Council Certified Security Analyst® (ECSA®) trademarks and/or service marks of EC-Council. EC-Council does not endorse and is not affiliated in any way with Test-Questions.com or its products and services.

ECSA Practice Questions

ecsa review ecsa mock test ecsa prep


Q:1-Besides the policy implications of chat rooms, Internet Relay Chat (IRC) is frequented by attackers and used as a command and control mechanism. IRC normally uses which one of the following TCP ports?
Mark one answer:

6566 TCP port
6771 TCP port
6667 TCP port
6257 TCP port



Q:2-A WHERE clause in SQL specifies that a SQL Data Manipulation Language (DML) statement should only affect rows that meet specified criteria. The criteria are expressed in the form of predicates. WHERE clauses are not mandatory clauses of SQL DML statements, but can be used to limit the number of rows affected by a SQL DML statement or returned by a query.
04-02 ec-council ecsa
A pen tester is trying to gain access to a database by inserting exploited query statements with a WHERE clause. The pen tester wants to retrieve all the entries from the database using the WHERE clause from a particular table (e.g. StudentTable).
What query does he need to write to retrieve the information?

Mark one answer:

EXTRACT* FROM StudentTable WHERE roll_number = 1 order by 1000
DUMP * FROM StudentTable WHERE roll_number = 1 AND 1=1—
SELECT * FROM StudentTable WHERE roll_number = '' or '1' = '1'
RETRIVE * FROM StudentTable WHERE roll_number = 1'#


Q:3-Information gathering is performed to:
i) Collect basic information about the target company and its network
ii) Determine the operating system used, platforms running, web server versions, etc.
iii) Find vulnerabilities and exploits
04-03 ec-council ecsa
Which of the following pen testing tests yields information about a company’s technology infrastructure?

Mark one answer:

Searching for web page posting patterns
Analyzing the link popularity of the company’s website
Searching for trade association directories
Searching for a company’s job postings


Q:4-Which of the following defines the details of services to be provided for the client’s organization and the list of services required for performing the test in the organization?
Mark one answer:

Draft
Report
Requirement list
Quotation


Q:5-You work as an IT security auditor hired by a law firm in Boston. You have been assigned the responsibility to audit the client for security risks. When assessing the risk to the clients network, what step should you take first?
Mark one answer:

Analyzing, categorizing and prioritizing resources
Evaluating the existing perimeter and internal security
Checking for a written security policy
Analyzing the use of existing management and control architecture


test-questions.com

Q:6-HTTP protocol specifies that arbitrary binary characters can be passed within the URL by using %xx notation, where 'xx' is the
Mark one answer:

ASCII value of the character
Binary value of the character
Decimal value of the character
Hex value of the character


Q:7-An automated electronic mail message from a mail system which indicates that the user does not exist on that server is called as?
Mark one answer:

SMTP Queue Bouncing
SMTP Message Bouncing
SMTP Server Bouncing
SMTP Mail Bouncing


Q:8-Which of the following appendices gives detailed lists of all the technical terms used in the report?
Mark one answer:

Required Work Efforts
References
Research
Glossary


Q:9-By default, the TFTP server listens on UDP port 69. Which of the following utility reports the port status of target TCP and UDP ports on a local or a remote computer and is used to troubleshoot TCP/IP connectivity issues?
Mark one answer:

PortQry
Netstat
Telnet
Tracert


Q:10-Identify the type of testing that is carried out without giving any information to the employees or administrative head of the organization.
Mark one answer:

Unannounced Testing
Double Blind Testing
Announced Testing
Blind Testing



Free        Premium    


ecsa exam review online ecsa programs best ecsa programs