Summer Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: get65

ECCouncil Updated ECSAv10 Exam Questions and Answers by leonora

Page: 4 / 7

ECCouncil ECSAv10 Exam Overview :

Exam Name: EC-Council Certified Security Analyst (ECSA) v10 : Penetration Testing
Exam Code: ECSAv10 Dumps
Vendor: ECCouncil Certification: ECSA
Questions: 201 Q&A's Shared By: leonora
Question 16

As a security analyst you setup a false survey website that will require users to create a username and a strong password. You send the link to all the employees of the company. What information will you be able to gather?

Options:

A.

The employees network usernames and passwords

B.

The MAC address of the employees' computers

C.

The IP address of the employees computers

D.

Bank account numbers and the corresponding routing numbers

Discussion
Question 17

Which one of the following acts related to the information security in the US fix the responsibility of management for establishing and maintaining an adequate internal control structure and procedures for financial reporting?

Options:

A.

California SB 1386

B.

Sarbanes-Oxley 2002

C.

Gramm-Leach-Bliley Act (GLBA)

D.

USA Patriot Act 2001

Discussion
Billy
It was like deja vu! I was confident going into the exam because I had already seen those questions before.
Vincent (not set)
Definitely. And the best part is, I passed! I feel like all that hard work and preparation paid off. Cramkey is the best resource for all students!!!
Pippa
I was so happy to see that almost all the questions on the exam were exactly what I found in their Dumps.
Anastasia (not set)
You are right…It was amazing! The Cramkey Dumps were so comprehensive and well-organized, it made studying for the exam a breeze.
Kylo
What makes Cramkey Dumps so reliable? Please guide.
Sami (not set)
Well, for starters, they have a team of experts who are constantly updating their material to reflect the latest changes in the industry. Plus, they have a huge database of questions and answers, which makes it easy to study and prepare for the exam.
Miriam
Highly recommended Dumps. 100% authentic and reliable. Passed my exam with wonderful score.
Milan (not set)
I see. Thanks for the information. I'll definitely keep Cramkey in mind for my next exam.
Yusra
I passed my exam. Cramkey Dumps provides detailed explanations for each question and answer, so you can understand the concepts better.
Alisha (not set)
I recently used their dumps for the certification exam I took and I have to say, I was really impressed.
Question 18

The IP protocol was designed for use on a wide variety of transmission links. Although the maximum length of an IP datagram is 64K, most transmission links enforce a smaller maximum packet length limit, called a MTU.

The value of the MTU depends on the type of the transmission link. The design of IP accommodates MTU differences by allowing routers to fragment IP datagrams as necessary. The receiving station is responsible for reassembling the fragments back into the original full size IP datagram.

IP fragmentation involves breaking a datagram into a number of pieces that can be reassembled later. The IP source, destination, identification, total length, and fragment offset fields in the IP header, are used for IP fragmentation and reassembly.

Questions 18

The fragment offset is 13 bits and indicates where a fragment belongs in the original IP datagram. This value is a:

Options:

A.

Multiple of four bytes

B.

Multiple of two bytes

C.

Multiple of eight bytes

D.

Multiple of six bytes

Discussion
Question 19

Today, most organizations would agree that their most valuable IT assets reside within applications and databases. Most would probably also agree that these are areas that have the weakest levels of security, thus making them the prime target for malicious activity from system administrators, DBAs, contractors, consultants, partners, and customers.

Questions 19

Which of the following flaws refers to an application using poorly written encryption code to securely encrypt and store sensitive data in the database and allows an attacker to steal or modify weakly protected data such as credit card numbers, SSNs, and other authentication credentials?

Options:

A.

SSI injection attack

B.

Insecure cryptographic storage attack

C.

Hidden field manipulation attack

D.

Man-in-the-Middle attack

Discussion
Page: 4 / 7

ECSAv10
PDF

$35  $99.99

ECSAv10 Testing Engine

$42  $119.99

ECSAv10 PDF + Testing Engine

$56  $159.99