Questions for the ECSAV10 were updated on : Sep 08 ,2024
A WHERE clause in SQL specifies that a SQL Data Manipulation Language (DML) statement should
only affect rows that meet specified criteri
a. The criteria are expressed in the form of predicates. WHERE clauses are not mandatory clauses of
SQL DML statements, but can be used to limit the number of rows affected by a SQL DML statement
or returned by a query.
A pen tester is trying to gain access to a database by inserting exploited query statements with a
WHERE clause. The pen tester wants to retrieve all the entries from the database using the WHERE
clause from a particular table (e.g. StudentTable).
What query does he need to write to retrieve the information?
C
Which of the following has an offset field that specifies the length of the header and data?
D
War Driving is the act of moving around a specific area, mapping the population of wireless access
points for statistical purposes. These statistics are then used to raise awareness of the security
problems associated with these types of networks.
Which one of the following is a Linux based program that exploits the weak IV (Initialization Vector)
problem documented with static WEP?
A
Which one of the following tools of trade is an automated, comprehensive penetration testing
product for assessing the specific information security threats to an organization?
C
Which of the following methods is used to perform server discovery?
B
A penetration test will show you the vulnerabilities in the target system and the risks associated with
it. An educated valuation of the risk will be performed so that the vulnerabilities can be reported as
High/Medium/Low risk issues.
What are the two types of white-box penetration testing?
D
The objective of social engineering pen testing is to test the strength of human factors in a security
chain within the organization. It is often used to raise the level of security awareness among
employees.
The tester should demonstrate extreme care and professionalism during a social engineering pen
test as it might involve legal issues such as violation of privacy and may result in an embarrassing
situation for the organization.
Which of the following methods of attempting social engineering is associated with bribing, handing
out gifts, and becoming involved in a personal relationship to befriend someone inside the
company?
A
What are placeholders (or markers) in an HTML document that the web server will dynamically
replace with data just before sending the requested documents to a browser?
A
During the process of fingerprinting a web application environment, what do you need to do in order
to analyze HTTP and HTTPS request headers and the HTML source code?
D
After passively scanning the network of Department of Defense (DoD), you switch over to active
scanning toidentify live hosts on their network. DoD is a large organization and should respond to
any number of scans.You start an ICMP ping sweep by sending an IP packet to the broadcast address.
Only five hosts responds toyour ICMP pings; definitely not the number of hosts you were expecting.
Why did this ping sweep only producea few responses?
C
Which of the following pen testing reports provides detailed information about all the tasks
performed during penetration testing?
A
The IP protocol was designed for use on a wide variety of transmission links. Although the maximum
length of an IP datagram is 64K, most transmission links enforce a smaller maximum packet length
limit, called a MTU.
The value of the MTU depends on the type of the transmission link. The design of IP accommodates
MTU differences by allowing routers to fragment IP datagrams as necessary. The receiving station is
responsible for reassembling the fragments back into the original full size IP datagram.
IP fragmentation involves breaking a datagram into a number of pieces that can be reassembled
later. The IP source, destination, identification, total length, and fragment offset fields in the IP
header, are used for IP fragmentation and reassembly.
The fragment offset is 13 bits and indicates where a fragment belongs in the original IP datagram.
This value is a:
C
The Web parameter tampering attack is based on the manipulation of parameters exchanged
between client and server in order to modify application data, such as user credentials and
permissions, price and quantity of products, etc.
Usually, this information is stored in cookies, hidden form fields, or URL Query Strings, and is used to
increase application functionality and control. This attack takes advantage of the fact that many
programmers rely on hidden or fixed fields (such as a hidden tag in a form or a parameter in a URL) as
the only security measure for certain operations.
Attackers can easily modify these parameters to bypass the security mechanisms that rely on them.
What is the best way to protect web applications from parameter tampering attacks?
D
Which one of the following scans starts, but does not complete the TCP handshake sequence for
each port selected, and it works well for direct scanning and often works well through firewalls?
A
The first and foremost step for a penetration test is information gathering. The main objective of this
test is to gather information about the target system which can be used in a malicious manner to
gain access to the target systems.
Which of the following information gathering terminologies refers to gathering information through
social engineering on-site visits, face-to-face interviews, and direct questionnaires?
A