ECSAv10 Free Practice Test

Jim performed a vulnerability analysis on his network and found no potential problems. He runs another utility that executes exploits against his system to verify the results of the vulnerability test. The second utility executes five known exploits against his network in which the vulnerability analysis said were not exploitable.
What kind of results did Jim receive from his vulnerability analysis?

1. A. True negatives
2. B. False negatives
3. C. False positives
4. D. True positives

Correct Answer: B

What will the following URL produce in an unpatched IIS Web Server?

1. A. Execute a buffer flow in the C: drive of the web server
2. B. Insert a Trojan horse into the C: drive of the web server
3. C. Directory listing of the C:\windows\system32 folder on the web server
4. D. Directory listing of C: drive on the web server

Correct Answer: D

Rules of Engagement (ROE) document provides certain rights and restriction to the test team for performing the test and helps testers to overcome legal, federal, and policy-related restrictions to use different penetration testing tools and techniques.

What is the last step in preparing a Rules of Engagement (ROE) document?

1. A. Conduct a brainstorming session with top management and technical teams
2. B. Decide the desired depth for penetration testing
3. C. Conduct a brainstorming session with top management and technical teams
4. D. Have pre-contract discussions with different pen-testers

Correct Answer: C

Which of the following documents helps in creating a confidential relationship between the pen tester and client to protect critical and confidential information or trade secrets?

1. A. Penetration Testing Agreement
2. B. Rules of Behavior Agreement
3. C. Liability Insurance
4. D. Non-Disclosure Agreement

Correct Answer: D

Firewall is an IP packet filter that enforces the filtering and security policies to the flowing network traffic. Using firewalls in IPv6 is still the best way of protection from low level attacks at the network and transport layers.
Which one of the following cannot handle routing protocols properly?

1. A. “Internet-router-firewall-net architecture”
2. B. “Internet-firewall-router-net architecture”
3. C. “Internet-firewall/router(edge device)-net architecture”
4. D. “Internet-firewall -net architecture”

Correct Answer: B