Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. EC-Council
  3. ECSAv10

EC-Council ECSAv10 Exam (page: 5)
EC-Council Certified Security Analyst (ECSA) v10 : Penetration Testing
Updated on: 24-Mar-2026

Viewing Page 5 of 42
ECSAv10 PDF 203 Questions

The first and foremost step for a penetration test is information gathering. The main objective of this test is to gather information about the target system which can be used in a malicious manner to gain access to the target systems.



Which of the following information gathering terminologies refers to gathering information through social engineering on-site visits, face-to-face interviews, and direct questionnaires?

  1. Active Information Gathering
  2. Pseudonymous Information Gathering
  3. Anonymous Information Gathering
  4. Open Source or Passive Information Gathering

Answer(s): A



Vulnerability assessment is an examination of the ability of a system or application, including current security procedures and controls, to withstand assault. It recognizes, measures, and classifies security vulnerabilities in a computer system, network, and communication channels.
A vulnerability assessment is used to identify weaknesses that could be exploited and predict the effectiveness of additional security measures in protecting information resources from attack.



Which of the following vulnerability assessment technique is used to test the web server infrastructure for any misconfiguration and outdated content?

  1. Passive Assessment
  2. Host-based Assessment
  3. External Assessment
  4. Application Assessment

Answer(s): D



George is the network administrator of a large Internet company on the west coast. Per corporate policy, none of the employees in the company are allowed to use FTP or SFTP programs without obtaining approval from the IT department.
Few managers are using SFTP program on their computers.
Before talking to his boss, George wants to have some proof of their activity. George wants to use Ethereal to monitor network traffic, but only SFTP traffic to and from his network. What filter should George use in Ethereal?

  1. net port 22
  2. udp port 22 and host 172.16.28.1/24
  3. src port 22 and dst port 22
  4. src port 23 and dst port 23

Answer(s): C



Which of the following acts related to information security in the US establish that the management of an organization is responsible for establishing and maintaining an adequate internal control structure and procedures for financial reporting?

  1. USA Patriot Act 2001
  2. Sarbanes-Oxley 2002
  3. Gramm-Leach-Bliley Act (GLBA)
  4. California SB 1386

Answer(s): A



John and Hillary works at the same department in the company. John wants to find out Hillary's network password so he can take a look at her documents on the file server. He enables Lophtcrack program to sniffing mode. John sends Hillary an email with a link to Error! Reference source not found.
What information will he be able to gather from this?

  1. The SID of Hillary's network account
  2. The network shares that Hillary has permissions
  3. The SAM file from Hillary's computer
  4. Hillary's network username and password hash

Answer(s): D



Viewing Page 5 of 42



Share your comments for EC-Council ECSAv10 exam with other users:

shime 10/24/2023 4:23:00 AM

great question with explanation thanks!!
ETHIOPIA


Thembelani 5/30/2023 2:40:00 AM

does this exam have lab sections?
Anonymous


Shin 9/8/2023 5:31:00 AM

please upload
PHILIPPINES


priti kagwade 7/22/2023 5:17:00 AM

please upload the braindump for .net
UNITED STATES


Robe 9/27/2023 8:15:00 PM

i need this exam 1z0-1107-2. please.
Anonymous


Chiranthaka 9/20/2023 11:22:00 AM

very useful!
Anonymous


Not Miguel 11/26/2023 9:43:00 PM

for this question - "which three type of basic patient or member information is displayed on the patient info component? (choose three.)", list of conditions is not displayed (it is displayed in patient card, not patient info). so should be thumbnail of chatter photo
Anonymous


Andrus 12/17/2023 12:09:00 PM

q52 should be d. vm storage controller bandwidth represents the amount of data (in terms of bandwidth) that a vms storage controller is using to read and write data to the storage fabric.
Anonymous


Raj 5/25/2023 8:43:00 AM

nice questions
UNITED STATES


max 12/22/2023 3:45:00 PM

very useful
Anonymous


Muhammad Rawish Siddiqui 12/8/2023 6:12:00 PM

question # 208: failure logs is not an example of operational metadata.
SAUDI ARABIA


Sachin Bedi 1/5/2024 4:47:00 AM

good questions
Anonymous


Kenneth 12/8/2023 7:34:00 AM

thank you for the test materials!
KOREA REPUBLIC OF


Harjinder Singh 8/9/2023 4:16:00 AM

its very helpful
HONG KONG


SD 7/13/2023 12:56:00 AM

good questions
UNITED STATES


kanjoe 7/2/2023 11:40:00 AM

good questons
UNITED STATES


Mahmoud 7/6/2023 4:24:00 AM

i need the dumb of the hcip security v4.0 exam
EGYPT


Wei 8/3/2023 4:18:00 AM

upload the dump please
HONG KONG


Stephen 10/3/2023 6:24:00 PM

yes, iam looking this
AUSTRALIA


Stephen 8/4/2023 9:08:00 PM

please upload cima e2 managing performance dumps
Anonymous


hp 6/16/2023 12:44:00 AM

wonderful questions
Anonymous


Priyo 11/14/2023 2:23:00 AM

i used this site since 2000, still great to support my career
INDONESIA


Jude 8/29/2023 1:56:00 PM

why is the answer to "which of the following is required by scrum?" all of the following stated below since most of them are not mandatory? sprint retrospective. members must be stand up at the daily scrum. sprint burndown chart. release planning.
UNITED STATES


Marc blue 9/15/2023 4:11:00 AM

great job. hope this helps out.
UNITED STATES


Anne 9/13/2023 2:33:00 AM

upload please. many thanks!
Anonymous


pepe el toro 9/12/2023 7:55:00 PM

this is so interesting
Anonymous


Antony 11/28/2023 12:13:00 AM

great material thanks
AUSTRALIA


Thembelani 5/30/2023 2:22:00 AM

anyone who wrote this exam recently
Anonymous


P 9/16/2023 1:27:00 AM

ok they re good
Anonymous


Jorn 7/13/2023 5:05:00 AM

relevant questions
UNITED KINGDOM


AM 6/20/2023 7:54:00 PM

please post
UNITED STATES


Nagendra Pedipina 7/13/2023 2:22:00 AM

q:42 there has to be a image in the question to choose what does it mean from the options
INDIA


BrainDumpee 11/18/2023 1:36:00 PM

looking for cphq dumps, where can i find these for free? please and thank you.
UNITED STATES


sheik 10/14/2023 11:37:00 AM

@aarun , thanks for the information. it would be great help if you share your email
Anonymous