ECSAv10 Free Practice Test

Output modules allow Snort to be much more flexible in the formatting and presentation of output to its users. Snort has 9 output plug-ins that push out data in different formats. Which one of the following output plug-ins allows alert data to be written in a format easily importable to a database?

1. A. unified
2. B. csv
3. C. alert_unixsock
4. D. alert_fast

Correct Answer: B

Which of the following methods is used to perform server discovery?

1. A. Banner Grabbing
2. B. Who is Lookup
3. C. SQL Injection
4. D. Session Hijacking

Correct Answer: B

Metasploit framework in an open source platform for vulnerability research, development, and penetration testing. Which one of the following metasploit options is used to exploit multiple systems at once?

1. A. NinjaDontKill
2. B. NinjaHost
3. C. RandomNops
4. D. EnablePython

Correct Answer: A

You work as an IT security auditor hired by a law firm in Boston. You have been assigned the responsibility to audit the client for security risks. When assessing the risk to the clients network, what step should you take first?

1. A. Analyzing, categorizing and prioritizing resources
2. B. Evaluating the existing perimeter and internal security
3. C. Checking for a written security policy
4. D. Analyzing the use of existing management and control architecture

Correct Answer: C

An attacker injects malicious query strings in user input fields to bypass web service authentication mechanisms and to access back-end databases. Which of the following attacks is this?

1. A. Frame Injection Attack
2. B. LDAP Injection Attack
3. C. XPath Injection Attack
4. D. SOAP Injection Attack

Correct Answer: D