ECSAv10 Free Practice Test

Identify the person who will lead the penetration-testing project and be the client point of contact.

1. A. Database Penetration Tester
2. B. Policy Penetration Tester
3. C. Chief Penetration Tester
4. D. Application Penetration Tester

Correct Answer: C

Identify the type of firewall represented in the diagram below:

1. A. Stateful multilayer inspection firewall
2. B. Application level gateway
3. C. Packet filter
4. D. Circuit level gateway

Correct Answer: A

As a security analyst you setup a false survey website that will require users to create a username and a strong password. You send the link to all the employees of the company. What information will you be able to gather?

1. A. The employees network usernames and passwords
2. B. The MAC address of the employees' computers
3. C. The IP address of the employees computers
4. D. Bank account numbers and the corresponding routing numbers

Correct Answer: C

Which one of the following tools of trade is an automated, comprehensive penetration testing product for assessing the specific information security threats to an organization?

1. A. Sunbelt Network Security Inspector (SNSI)
2. B. CORE Impact
3. C. Canvas
4. D. Microsoft Baseline Security Analyzer (MBSA)

Correct Answer: C

One needs to run “Scan Server Configuration” tool to allow a remote connection to Nessus from the remote Nessus clients. This tool allows the port and bound interface of the Nessus daemon to be configured.
By default, the Nessus daemon listens to connections on which one of the following?

1. A. Localhost (127.0.0.1) and port 1241
2. B. Localhost (127.0.0.1) and port 1240
3. C. Localhost (127.0.0.1) and port 1246
4. D. Localhost (127.0.0.0) and port 1243

Correct Answer: A