ECSAv10 Free Practice Test

Why is a legal agreement important to have before launching a penetration test?

1. A. Guarantees your consultant fees
2. B. Allows you to perform a penetration test without the knowledge and consent of the organization's upper management
3. C. It establishes the legality of the penetration test by documenting the scope of the project and the consent of the company.
4. D. It is important to ensure that the target organization has implemented mandatory security policies

Correct Answer: C

Michael works for Kimball Construction Company as senior security analyst. As part of yearly security audit, Michael scans his network for vulnerabilities. Using Nmap, Michael conducts XMAS scan and most of the ports scanned do not give a response. In what state are these ports?

1. A. Filtered
2. B. Stealth
3. C. Closed
4. D. Open

Correct Answer: D

In the context of penetration testing, what does blue teaming mean?

1. A. A penetration test performed with the knowledge and consent of the organization's IT staff
2. B. It is the most expensive and most widely used
3. C. It may be conducted with or without warning
4. D. A penetration test performed without the knowledge of the organization's IT staff but with permission from upper management

Correct Answer: A

Which of the following password hashing algorithms is used in the NTLMv2 authentication mechanism?

1. A. AES
2. B. DES (ECB mode)
3. C. MD5
4. D. RC5

Correct Answer: C

Mason is footprinting an organization to gather competitive intelligence. He visits the company's website for contact information and telephone numbers but does not find any. He knows the entire staff directory was listed on their website 12 months. How can he find the directory?

1. A. Visit Google’s search engine and view the cached copy
2. B. Crawl and download the entire website using the Surfoffline tool and save them to his computer
3. C. Visit the company's partners’ and customers' website for this information
4. D. Use Way Back Machine in Archive.org web site to retrieve the Internet archive

Correct Answer: D