DUMPSBASEEXAM DUMPSEC-COUNCILECSAv1028% OFF Automatically For YouEC-Council Certified Security Analyst1 / 18
1.Irin is a newly joined penetration tester for XYZ Ltd. While joining, as a part of hertraining, she was instructed about various legal policies and information securitiesacts by her trainer. During the training, she was informed about a specific informationsecurity act related to the conducts and activities like it is illegal to perform DoSattacks on any websites or applications, it is illegal to supply and own hacking tools, itis illegal to access unauthorized computer material, etc.To which type of information security act does the above conducts and activities bestsuit?A. Police and Justice Act 2006B. Data Protection Act 1998C. USA Patriot Act 2001D. Human Rights Act 1998Answer: B2.Adam is an IT administrator for Syncan Ltd. He is designated to perform various ITtasks like setting up new user accounts, managing backup/restores, securityauthentications and passwords, etc. Whilst performing his tasks, he was asked toemploy the latest and most secure authentication protocol to encrypt the passwordsof users that are stored in the Microsoft Windows OS-based systems.Which of the following authentication protocols should Adam employ in order toachieve the objective?A. LANMANB. KerberosC. NTLMD. NTLMv2Answer: C3.Michael, a Licensed Penetration Tester, wants to create an exact replica of anoriginal website, so he can browse and spend more time analyzing it.Which of the following tools will Michael use to perform this task?4.A hacker initiates so many invalid requests to a cloud network host that the hostuses all its resources responding to invalid requests and ignores the legitimaterequests. Identify the type of attack2 / 18
5.Thomas is an attacker and he skimmed through the HTML source code of an onlineshopping website for the presence of any vulnerabilities that he can exploit. Healready knows that when a user makes any selection of items in the online shoppingwebpage, the selection is typically stored as form field values and sent to theapplication as an HTTP request (GET or POST) after clicking the Submit button. Healso knows that some fields related to the selected items are modifiable by the user(like quantity, color, etc.) and some are not (like price). While skimming through theHTML code, he identified that the price field values of the items are present in theHTML code. He modified the price field values of certain items from $200 to $2 in theHTML code and submitted the request successfully to the application.
You've reached the end of your free preview.
Want to read all 18 pages?