ECSA ECSAv8 (EC-Council Certified Security Analyst (ECSA)) 시험준비를 하고 계시다면 Pass4Test에서 출시한  ECSA ECSAv8 (EC-Council Certified Security Analyst (ECSA)) 덤프를 제일 먼저 추천해드리고 싶습니다. Pass4Test제품은 여러분들이 제일 간편한 방법으로 시험에서 고득점을 받을수 있도록 도와드리는 시험동반자입니다. ECSA ECSAv8 (EC-Council Certified Security Analyst (ECSA)) 시험패스는 Pass4Test제품으로 고고고!

NO.1 The term social engineering is used to describe the various tricks used to fool people
(employees, business partners, or customers) into voluntarily giving away information that would not
normally be known to the general public.
What is the criminal practice of social engineering where an attacker uses the telephone system in an
attempt to scam the user into surrendering private information?
A. Phishing
B. Spoofing
C. Tapping
D. Vishing
Answer: A

NO.2 Which of the following attacks does a hacker perform in order to obtain UDDI information
such as businessEntity, businesService, bindingTemplate, and tModel?
A. Web Services Footprinting Attack
B. Service Level Configuration Attacks
C. URL Tampering Attacks
D. Inside Attacks
Answer: A

NO.3 Which of the following defines the details of services to be provided for the client's organization
and the list of services required for performing the test in the organization?
A. Draft
B. Report
C. Requirement list
D. Quotation
Answer: D

NO.4 You have compromised a lower-level administrator account on an Active Directory network of a
small company in Dallas, Texas. You discover Domain Controllers through enumeration. You connect
to one of the Domain Controllers on port 389 using Idp.exe. What are you trying to accomplish here?
A. Poison the DNS records with false records
B. Enumerate MX and A records from DNS
C. Establish a remote connection to the Domain Controller
D. Enumerate domain user accounts and built-in groups
Answer: D

NO.5 John, the penetration tester in a pen test firm, was asked to find whether NTP services are
opened on the target network (10.0.0.7) using Nmap tool.
Which one of the following Nmap commands will he use to find it?
A. nmap -sU -p 389 10.0.0.7
B. nmap -sU -p 123 10.0.0.7
C. nmap -sU -p 161 10.0.0.7
D. nmap -sU -p 135 10.0.0.7
Answer: D

NO.6 In which of the following IDS evasion techniques does IDS reject the packets that an end system
accepts?
A. IPS evasion technique
B. IDS evasion technique
C. UDP evasion technique
D. TTL evasion technique
Answer: B

NO.7 From where can clues about the underlying application environment can be collected?
A. From the extension of the file
B. From executable file
C. From file types and directories
D. From source code
Answer: D

NO.8 Application security assessment is one of the activity that a pen tester performs in the attack
phase. It is designed to identify and assess threats to the organization through bespoke, proprietary
applications or systems. It checks the application so that a malicious user cannot access, modify, or
destroy data or services within the system.
Identify the type of application security assessment which analyzes the application-based code to
confirm that it does not contain any sensitive information that an attacker might use to exploit an
application.
A. Web Penetration Testing
B. Functionality Testing
C. Authorization Testing
D. Source Code Review
Answer: D