ECCouncil 412-79v8 - EC-Council Certified Security Analyst (ECSA) Exam

Page:    1 / 40   
Total 196 questions

A man enters a PIN number at an ATM machine, being unaware that the person next to him was watching. Which of the following social engineering techniques refers to this type of information theft?

  • A. Shoulder surfing
  • B. Phishing
  • C. Insider Accomplice
  • D. Vishing


Answer : A

Which of the following approaches to vulnerability assessment relies on the administrator providing baseline of system configuration and then scanning continuously without incorporating any information found at the time of scanning?


  • A. Service-based Assessment Solutions
  • B. Product-based Assessment Solutions
  • C. Tree-based Assessment
  • D. Inference-based Assessment


Answer : C

Reference:http://www.netsense.info/downloads/security_wp_mva.pdf(page 12, tree-based assessment technology, second para)

Internet Control Message Protocol (ICMP) messages occur in many situations, such as whenever a datagram cannot reach the destination or the gatewaydoes not have the buffering capacity to forward a datagram. Each ICMP message contains three fields: type, code, and checksum. Different types of Internet Control Message Protocols (ICMPs) are identified by a type and code field.


Which of the following ICMP messages will be generated if the destination port is not reachable?

  • A. ICMP Type 11 code 1
  • B. ICMP Type 5 code 3
  • C. ICMP Type 3 code 2
  • D. ICMP Type 3 code 3


Answer : D

Which of the following attacks is an offline attack?

  • A. Pre-Computed Hashes
  • B. Hash Injection Attack
  • C. Password Guessing
  • D. Dumpster Diving


Answer : A

Reference:http://nrupentheking.blogspot.com/2011/02/types-of-password-attack-2.html

Attackers create secret accounts and gain illegal access to resources using backdoor while bypassing the authentication procedures. Creating a backdoor is a where an attacker obtains remote access to a computer on a network.


Which of the following techniques do attackers use to create backdoors to covertly gather critical information about a target machine?

  • A. Internal network mapping to map the internal network of the target machine
  • B. Port scanning to determine what ports are open or in use on the target machine
  • C. Sniffing to monitor all the incoming and outgoing network traffic
  • D. Social engineering and spear phishing attacks to install malicious programs on the target machine


Answer : D

Page:    1 / 40   
Total 196 questions