EC-Council Certified Security Analyst (ECSA) ECSAV8 Dumps in PDF

Free EC-Council ECSAV8 Real Questions (page: 18)

Attackers create secret accounts and gain illegal access to resources using backdoor while bypassing the authentication procedures. Creating a backdoor is a where an attacker obtains remote access to a computer on a network.

Which of the following techniques do attackers use to create backdoors to covertly gather critical information about a target machine?

  1. Internal network mapping to map the internal network of the target machine
  2. Port scanning to determine what ports are open or in use on the target machine
  3. Sniffing to monitor all the incoming and outgoing network traffic
  4. Social engineering and spear phishing attacks to install malicious programs on the target machine

Answer(s): D



HTTP protocol specifies that arbitrary binary characters can be passed within the URL by using %xx notation, where 'xx' is the

  1. ASCII value of the character
  2. Binary value of the character
  3. Decimal value of the character
  4. Hex value of the character

Answer(s): D


Reference:

https://books.google.nl/books?id=0RfANAwOUdIC&pg=PA720&lpg=PA720&dq=%22xx+notation%22+binary&source=bl&ots=pGMqass7ti&sig=rnIg1xZ78ScUvuIlTmDY3r7REuc&hl=nl&sa=X&ei=8C4dVYe1NorgasrzgoAL&ved=0CEQQ6AEwBQ#v=onepage&q=%22xx%20n otation%22%20binary&f=false



Which one of the following acts makes reputational risk of poor security a reality because it requires public disclosure of any security breach that involves personal information if it is unencrypted or if it is reasonably believed that the information has been acquired by an unauthorized person?

  1. California SB 1386
  2. Sarbanes-Oxley 2002
  3. Gramm-Leach-Bliley Act (GLBA)
  4. USA Patriot Act 2001

Answer(s): A



Which one of the following is a command line tool used for capturing data from the live network and copying those packets to a file?

  1. Wireshark: Capinfos
  2. Wireshark: Tcpdump
  3. Wireshark: Text2pcap
  4. Wireshark: Dumpcap

Answer(s): D



Which of the following password cracking techniques is used when the attacker has some information about the password?

  1. Hybrid Attack
  2. Dictionary Attack
  3. Syllable Attack
  4. Rule-based Attack

Answer(s): D


Reference:

http://202.154.59.182/mfile/files/Information%20System/Computer%20Forensics%3B%20Hard%20Disk%20and%20Operating%20Systems/CHAPTER%207%20Application%20Pass word%20Crackers.pdf (page 4, rule-based attack)



Share your comments for EC-Council ECSAV8 exam with other users:

S
SAM
12/4/2023 12:56:00 AM

explained answers

A
Andy
12/26/2023 9:35:00 PM

plan to take theaws certified developer - associate dva-c02 in the next few weeks

S
siva
5/17/2023 12:32:00 AM

very helpfull

M
mouna
9/27/2023 8:53:00 AM

good questions

B
Bhavya
9/12/2023 7:18:00 AM

help to practice csa exam

M
Malik
9/28/2023 1:09:00 PM

nice tip and well documented

R
rodrigo
6/22/2023 7:55:00 AM

i need the exam

D
Dan
6/29/2023 1:53:00 PM

please upload

A
Ale M
11/22/2023 6:38:00 PM

prepping for fsc exam

A
ahmad hassan
9/6/2023 3:26:00 AM

pd1 with great experience

Ž
Žarko
9/5/2023 3:35:00 AM

@t it seems like azure service bus message quesues could be the best solution

S
Shiji
10/15/2023 1:08:00 PM

helpful to check your understanding.

D
Da Costa
8/27/2023 11:43:00 AM

question 128 the answer should be static not auto

B
bot
7/26/2023 6:45:00 PM

more comments here

K
Kaleemullah
12/31/2023 1:35:00 AM

great support to appear for exams

B
Bsmaind
8/20/2023 9:26:00 AM

useful dumps

B
Blessious Phiri
8/13/2023 8:37:00 AM

making progress

N
Nabla
9/17/2023 10:20:00 AM

q31 answer should be d i think

V
vladputin
7/20/2023 5:00:00 AM

is this real?

N
Nick W
9/29/2023 7:32:00 AM

q10: c and f are also true. q11: this is outdated. you no longer need ownership on a pipe to operate it

N
Naveed
8/28/2023 2:48:00 AM

good questions with simple explanation

C
cert
9/24/2023 4:53:00 PM

admin guide (windows) respond to malicious causality chains. when the cortex xdr agent identifies a remote network connection that attempts to perform malicious activity—such as encrypting endpoint files—the agent can automatically block the ip address to close all existing communication and block new connections from this ip address to the endpoint. when cortex xdrblocks an ip address per endpoint, that address remains blocked throughout all agent profiles and policies, including any host-firewall policy rules. you can view the list of all blocked ip addresses per endpoint from the action center, as well as unblock them to re-enable communication as appropriate. this module is supported with cortex xdr agent 7.3.0 and later. select the action mode to take when the cortex xdr agent detects remote malicious causality chains: enabled (default)—terminate connection and block ip address of the remote connection. disabled—do not block remote ip addresses. to allow specific and known s

Y
Yves
8/29/2023 8:46:00 PM

very inciting

M
Miguel
10/16/2023 11:18:00 AM

question 5, it seems a instead of d, because: - care plan = case - patient = person account - product = product2;

B
Byset
9/25/2023 12:49:00 AM

it look like real one

D
Debabrata Das
8/28/2023 8:42:00 AM

i am taking oracle fcc certification test next two days, pls share question dumps

N
nITA KALE
8/22/2023 1:57:00 AM

i need dumps

C
CV
9/9/2023 1:54:00 PM

its time to comptia sec+

S
SkepticReader
8/1/2023 8:51:00 AM

question 35 has an answer for a different question. i believe the answer is "a" because it shut off the firewall. "0" in registry data means that its false (aka off).

N
Nabin
10/16/2023 4:58:00 AM

helpful content

B
Blessious Phiri
8/15/2023 3:19:00 PM

oracle 19c is complex db

S
Sreenivas
10/24/2023 12:59:00 AM

helpful for practice

L
Liz
9/11/2022 11:27:00 PM

support team is fast and deeply knowledgeable. i appreciate that a lot.

N
Namrata
7/15/2023 2:22:00 AM

helpful questions

AI Tutor 👋 I’m here to help!