Free EC-COUNCIL ECSAv8 Exam Dumps Questions & Answers

John, a penetration tester, was asked for a document that defines the project, specifies goals, objectives, deadlines, the resources required, and the approach of the project. Which of the following includes all of these requirements?

• A.Penetration testing project scope report
• B.Penetration testing schedule plan
• C.Penetration testing software project management plan
• D.Penetration testing project plan

Traffic on which port is unusual for both the TCP and UDP ports?

• A.Port 443
• B.Port 81
• C.Port 0
• D.Port21

External penetration testing is a traditional approach to penetration testing and is more focused on the servers, infrastructure and the underlying software comprising the target. It involves a comprehensive analysis of publicly available information about the target, such as Web servers, Mail servers, Firewalls, and Routers.

Which of the following types of penetration testing is performed with no prior knowledge of the site?

• A.Grey box testing
• B.Black box testing
• C.Blue box testing
• D.White box testing

An automated electronic mail message from a mail system which indicates that the user does not exist on that server is called as?

• A.SMTP Queue Bouncing
• B.SMTP Server Bouncing
• C.SMTP Message Bouncing
• D.SMTP Mail Bouncing

Phishing is an example of social engineering techniques used to deceive users, and exploits the poor usability of current web security technologies. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures.

What characteristics do phishing messages often have that may make them identifiable?

• A.They trigger warning pop-ups
• B.Suspiciously good grammar and capitalization
• C.Suspicious attachments
• D.Invalid email signatures or contact information