Leads4pass > EC-COUNCIL > EC-COUNCIL Certifications > ECSAv8 > ECSAv8 Online Practice Questions and Answers

ECSAv8 Online Practice Questions and Answers

Questions 4

Vulnerability assessment is an examination of the ability of a system or application, including the current security procedures and controls, to withstand assault.

What does a vulnerability assessment identify?

A. Disgruntled employees

B. Weaknesses that could be exploited

C. Physical security breaches

D. Organizational structure

Buy Now
Questions 5

A penetration test will show you the vulnerabilities in the target system and the risks associated with it. An educated valuation of the risk will be performed so that the vulnerabilities can be reported as High/ Medium/Low risk issues.

What are the two types of `white-box' penetration testing?

A. Announced testing and blind testing

B. Blind testing and double blind testing

C. Blind testing and unannounced testing

D. Announced testing and unannounced testing

Buy Now
Questions 6

Which of the following is not the SQL injection attack character?

A. $

B. PRINT

C. #

D. @@variable

Buy Now
Questions 7

Which of the following are the default ports used by NetBIOS service?

A. 135, 136, 139, 445

B. 134, 135, 136, 137

C. 137, 138, 139, 140

D. 133, 134, 139, 142

Buy Now
Questions 8

What are the 6 core concepts in IT security?

A. Server management, website domains, firewalls, IDS, IPS, and auditing

B. Authentication, authorization, confidentiality, integrity, availability, and non-repudiation

C. Passwords, logins, access controls, restricted domains, configurations, and tunnels

D. Biometrics, cloud security, social engineering, DoS attack, viruses, and Trojans

Buy Now
Questions 9

Which type of vulnerability assessment tool provides security to the IT system by testing for vulnerabilities in the applications and operation system?

A. Active/Passive Tools

B. Application-layer Vulnerability Assessment Tools

C. Location/Data Examined Tools

D. Scope Assessment Tools

Buy Now
Questions 10

Traceroute is a computer network diagnostic tool for displaying the route (path) and measuring transit delays of packets across an Internet Protocol (IP) network. It sends a sequence of three Internet Control Message Protocol (ICMP) echo request packets addressed to a destination host.

The time-to-live (TTL) value, also known as hop limit, is used in determining the intermediate routers being traversed towards the destination.

During routing, each router reduces packets' TTL value by

A. 3

B. 1

C. 4

D. 2

Buy Now
Questions 11

Packet filtering firewalls are usually a part of a router. In a packet filtering firewall, each packet is compared to a set of criteria before it is forwarded.

Depending on the packet and the criteria, the firewall can: i)Drop the packet ii)Forward it or send a message to the originator

At which level of the OSI model do the packet filtering firewalls work?

A. Application layer

B. Physical layer

C. Transport layer

D. Network layer

Buy Now
Questions 12

In the TCP/IP model, the transport layer is responsible for reliability and flow control from source to the destination. TCP provides the mechanism for flow control by allowing the sending and receiving hosts to communicate. A flow control mechanism avoids the problem with a transmitting host overflowing the buffers in the receiving host.

Which of the following flow control mechanism guarantees reliable delivery of data?

A. Sliding Windows

B. Windowing

C. Positive Acknowledgment with Retransmission (PAR)

D. Synchronization

Buy Now
Questions 13

What threat categories should you use to prioritize vulnerabilities detected in the pen testing report?

A. 1, 2, 3, 4, 5

B. Low, medium, high, serious, critical

C. Urgent, dispute, action, zero, low

D. A, b, c, d, e

Buy Now
Exam Code: ECSAv8
Exam Name: EC-Council Certified Security Analyst (ECSA) v8
Last Update: Jul 03, 2026
Questions: 150
10%OFF Coupon Code: SAVE10

PDF (Q&A)

$49.99

VCE

$55.99

PDF + VCE

$65.99