Eccouncil Ecsav10 Ec Council Certified Security Analyst Practice Test - Set 1

Test your knowledge with this Eccouncil Ecsav10 Ec Council Certified Security Analyst mock exam. Get real-world IT questions and prepare for certification success.

ECSAv10: EC-Council Certified Security Analyst (ECSA) - Exam Information

Exam Information

Exam Code

Eccouncil Ecsav10 Ec Council Certified Security Analyst

Exam Title

ECSAv10: EC-Council Certified Security Analyst (ECSA)

Vendor

EC Council

Difficulty

Advanced

Duration

4 Hours

Question Format

Multiple Choice

Last Updated

March 8, 2025

The ECSAv10 exam focuses on advanced penetration testing methodologies.

Practice Test

Shop Best ECSAv10: EC-Council Certified Security Analyst (ECSA) Resources Worldwide Amazon

1. What is the primary goal of penetration testing?

Identifying vulnerabilities
Eliminating malware
Configuring firewalls
Updating software

2. Which phase of penetration testing involves gathering information about the target?

Reconnaissance
Exploitation
Reporting
Enumeration

3. Which tool is commonly used for vulnerability scanning?

Nessus
Metasploit
Wireshark
Nmap

4. What is the purpose of post-exploitation in a penetration test?

To maintain access and escalate privileges
To report findings
To identify security controls
To perform reconnaissance

5. Which type of penetration testing focuses on internal threats?

Internal testing
External testing
Blind testing
Double-blind testing

6. Which attack manipulates DNS resolution to redirect users?

DNS Spoofing
MITM
SQL Injection
Phishing

7. Which framework is commonly used for penetration testing methodologies?

PTES
ISO 27001
COBIT
CISSP

8. What is the purpose of social engineering in penetration testing?

To test human security awareness
To exploit system vulnerabilities
To disable firewalls
To perform network scans

9. Which tool is used to exploit vulnerabilities in a system?

Metasploit
Wireshark
Nmap
Aircrack-ng

10. Which type of penetration test involves no prior knowledge of the target?

Black Box
White Box
Gray Box
Blind

11. Which command is used to check open ports on a target system?

Nmap
Wireshark
Metasploit
Hydra

12. Which phase of penetration testing involves executing attacks?

Exploitation
Reconnaissance
Post-exploitation
Reporting

13. Which encryption algorithm is commonly used for securing passwords?

BCrypt
MD5
SHA-1
Base64

14. Which type of attack exploits memory overflow to execute malicious code?

Buffer Overflow
SQL Injection
MITM
Phishing

15. Which security assessment technique is used to identify weaknesses in web applications?

Web application penetration testing
Social engineering
Wireless auditing
Code review

16. Which testing method provides detailed knowledge of system architecture?

White Box Testing
Black Box Testing
Gray Box Testing
Blind Testing

17. Which technique is used to capture network traffic?

Packet Sniffing
Brute Force
Session Hijacking
DNS Poisoning

18. Which regulatory framework focuses on protecting personal data?

GDPR
NIST
ISO 27001
PCI DSS

19. What does the term "pivoting" mean in penetration testing?

Using a compromised system to attack another system
Scanning a network for vulnerabilities
Bypassing firewall rules
Cracking user passwords

20. Which document provides a summary of penetration test findings?

Penetration Testing Report
Security Compliance Report
Incident Response Plan
Firewall Audit Log

21. Which protocol is commonly used for secure remote login?

SSH
Telnet
FTP
SMTP

22. Which tool is used for wireless network auditing?

Aircrack-ng
Nmap
Burp Suite
Snort

23. What does CVE stand for in cybersecurity?

Common Vulnerabilities and Exposures
Critical Vulnerability Enumeration
Certified Vulnerability Entry
Cybersecurity Vulnerability Exchange

24. What is the purpose of vulnerability scanning?

To identify security weaknesses in systems
To encrypt data
To exploit systems
To monitor user activity

25. Which layer of the OSI model does a switch operate on?

Data Link Layer
Network Layer
Transport Layer
Application Layer

26. What is SQL injection primarily used to exploit?

Databases
Operating Systems
File Systems
Web Browsers

27. Which type of malware locks user files and demands payment?

Ransomware
Spyware
Adware
Worm

28. What does XSS stand for?

Cross-Site Scripting
Extended Security Standard
XML Secure Scan
Execute Site Script

29. Which type of scan is designed to be undetectable by firewalls?

Stealth Scan
Full Scan
UDP Scan
XMAS Scan

30. Which tool is commonly used for web application testing?

Burp Suite
Nessus
Wireshark
Hydra

31. Which type of hacker is considered ethical?

White Hat
Black Hat
Gray Hat
Red Hat

32. Which port is used by HTTPS?

443
80
21
25

33. Which technique is used to bypass authentication?

Brute Force Attack
ARP Spoofing
Packet Sniffing
Port Scanning

34. What does the “S” in HTTPS stand for?

Secure
Socket
Server
Session

35. Which utility is used to trace the path of packets?

Traceroute
Ping
Netstat
IPConfig

36. Which term describes gaining access through weak password practices?

Password Cracking
Phishing
SQL Injection
Session Hijacking

37. Which system detects intrusions on a network?

IDS
IPS
SIEM
WAF

38. What type of malware disguises itself as legitimate software?

Trojan Horse
Worm
Spyware
Adware

39. Which cryptographic protocol secures email communication?

PGP
SSL
TLS
IPSec

40. Which method helps avoid detection during scanning?

Timing options in Nmap
Using a GUI scanner
DNS resolution
Fast scan option

41. Which term refers to a disguised network probe?

Idle Scan
Active Scan
Ping Sweep
Port Forwarding

42. Which attack involves injecting malicious code into a website’s database?

SQL Injection
XSS
CSRF
Phishing

43. Which device connects multiple network segments?

Router
Switch
Hub
Repeater

44. Which protocol is used to transfer files securely?

SFTP
FTP
SMTP
POP3

45. Which framework helps in penetration testing execution?

PTES
OWASP
ISO 27001
NIST

46. Which of the following is NOT a phase of ethical hacking?

Data Recovery
Reconnaissance
Scanning
Gaining Access

47. What is the purpose of a honeypot?

To attract and analyze attackers
To increase bandwidth
To backup data
To scan ports

48. Which HTTP method is typically used to retrieve data?

GET
POST
PUT
DELETE

49. Which protocol does DNS use by default?

UDP
TCP
ICMP
HTTP

50. What is the default port for SMTP?

25
110
443
21

51. What does reconnaissance involve in ethical hacking?

Gathering information
Encrypting data
Modifying code
Scanning ports

52. Which attack involves listening to unencrypted communication?

Eavesdropping
DoS
Ransomware
Pharming

53. Which is an example of passive information gathering?

WHOIS lookup
Port scanning
Social engineering
Banner grabbing

54. Which encryption method uses a single key?

Symmetric
Asymmetric
Hashing
Public Key

55. Which port is used by FTP?

21
22
23
25

56. Which tool can be used for packet sniffing?

Wireshark
Nessus
Hydra
Metasploit

57. Which attack exploits simultaneous login attempts?

Brute Force
Sniffing
Spoofing
Man-in-the-middle

58. Which of the following best defines “buffer overflow”?

Writing data outside the allocated memory
Encrypting too much data
Sending large packets
Reading encrypted memory

59. What is the main function of SIEM?

Security information and event management
Scanning systems
Password cracking
Packet injection

60. Which command checks network connectivity?

Ping
Netcat
Traceroute
ARP

61. What is a rainbow table used for?

Password cracking
Encryption
Firewall testing
Network mapping

62. What type of firewall filters traffic based on state and context?

Stateful firewall
Packet filter
Web application firewall
Next-gen firewall

63. What is a common method for session hijacking?

Session ID prediction
Brute force
ARP poisoning
WEP cracking

64. Which term refers to gaining unauthorized access by pretending to be someone else?

Impersonation
Spoofing
Sniffing
Scanning

65. Which file contains usernames and encrypted passwords in Linux?

/etc/shadow
/etc/passwd
/var/log/auth.log
/etc/group

66. What is the goal of penetration testing?

To find security vulnerabilities before attackers do
To crash systems
To perform phishing attacks
To audit user accounts

67. Which command is used to display IP address info on Linux?

ifconfig
netstat
ipconfig
ping

68. What is the result of a successful DoS attack?

Service unavailability
Privilege escalation
Data encryption
Information disclosure

69. Which tool can brute-force login credentials?

Hydra
Nmap
Wireshark
Nikto

70. What is the purpose of banner grabbing?

To discover service and version info
To scan ports
To encrypt data
To bypass firewalls

71. Which scanning technique uses TCP ACK segments?

ACK scan
SYN scan
FIN scan
NULL scan

72. What is the use of Metasploit?

Exploitation
Traffic monitoring
Encryption
File recovery

73. Which tool can automate web application vulnerability scanning?

Nikto
Hydra
Ettercap
Cain & Abel

74. What is the purpose of a keylogger?

Record keystrokes
Encrypt files
Scan open ports
Flood a network

75. Which term describes testing without knowledge of internal systems?

Black box testing
White box testing
Grey box testing
Red teaming

76. Which technique hides data in other files?

Steganography
Cryptography
Hashing
Tunneling

77. Which of these is NOT a hashing algorithm?

AES
MD5
SHA-1
SHA-256

78. Which tool is used for ARP spoofing?

Ettercap
Aircrack-ng
Nikto
Burp Suite

79. What is one risk of using default passwords?

Easy unauthorized access
Slower performance
Increased bandwidth
Data loss

80. Which of the following is a common Linux privilege escalation method?

SUID file exploitation
Phishing
Cross-site scripting
Port scanning

81. Which tool is used for wireless network auditing?

Aircrack-ng
Metasploit
Nessus
Nikto

82. What is the purpose of the “netstat” command?

Display network connections
Display user sessions
Ping a host
Test DNS resolution

83. Which port does HTTPS use by default?

443
80
22
8080

84. Which of the following attacks modifies ARP tables?

ARP poisoning
DNS poisoning
IP spoofing
Sniffing

85. Which framework is used to classify vulnerabilities?

CVSS
ISO 27001
PCI-DSS
SOX

86. What is the output of a successful SQL injection?

Unauthorized database access
Firewall bypass
Wi-Fi hacking
Keylogging

87. Which command can be used to resolve domain names to IP addresses?

nslookup
netstat
ping
ftp

88. Which tool is used for web application security testing?

Burp Suite
Wireshark
Hydra
Netcat

89. Which type of scan sends a packet with only the FIN flag set?

FIN scan
NULL scan
Xmas scan
SYN scan

90. Which technique uses multiple small packets to overwhelm a target?

Ping flood
Pharming
SQL injection
Phishing

91. Which attack involves injecting scripts into web pages viewed by other users?

Cross-site scripting (XSS)
SQL Injection
Session hijacking
Buffer overflow

92. What does the term "pivoting" refer to in a penetration test?

Using a compromised system to attack other systems
Changing IP addresses frequently
Escaping a sandbox environment
Bypassing a firewall

93. Which file in Linux holds user password hashes?

/etc/shadow
/etc/passwd
/var/log/auth.log
/etc/hosts

94. What does the tool "Hydra" do?

Performs brute-force login attacks
Monitors network traffic
Injects SQL queries
Manages credentials

95. Which port is commonly used for DNS services?

53
25
110
21

96. What is "banner grabbing"?

Capturing service version information
Sniffing login credentials
Overloading a system with traffic
Uploading malicious files

97. What type of malware pretends to be legitimate software?

Trojan horse
Worm
Ransomware
Rootkit

98. Which tool is used for packet crafting?

Hping3
Nessus
Nikto
Netstat

99. Which Linux command lists open files and ports?

lsof
ls
top
cat

100. Which technique attempts to guess a password by trying many combinations?

Brute-force attack
Phishing
Social engineering
Man-in-the-middle

101. What is the purpose of the command "whoami"?

Display current user
List all users
Show process list
Identify network adapter

102. Which type of malware replicates itself to spread?

Worm
Trojan
Spyware
Rootkit

103. What is the main goal of social engineering?

Trick users into giving up sensitive information
Flood the network with traffic
Exploit software vulnerabilities
Modify firewall rules

104. Which file type is commonly used to store malware in phishing emails?

.docm
.png
.csv
.txt

105. Which Linux command displays current processes?

ps
df
ls
chmod

106. What is the use of Netcat in penetration testing?

Establishing reverse shells
Password cracking
Fuzzing web applications
Creating keyloggers

107. What is a "backdoor"?

Hidden method to gain system access
Encrypted communication tool
Firewall bypass method
Malware detection tool

108. Which protocol is used to transfer files securely?

SFTP
FTP
SMTP
POP3

109. What does CVE stand for?

Common Vulnerabilities and Exposures
Critical Version Errors
Cyber Vulnerability Engine
Common Virus Evaluation

110. What does a vulnerability scanner do?

Identifies weaknesses in systems or applications
Encrypts communications
Creates malware
Deletes malicious files

The Eccouncil Ecsav10 Ec Council Certified Security Analyst certification is a globally recognized credential for IT professionals. This practice test helps you prepare by covering key topics like hardware, networking, troubleshooting, and security.

Want more practice? Check out our other mock exams:

Eccouncil Computer Hacking Forensic Investigator
Eccouncil Ecss Ec Council Certified Security Specialist
Eccouncil Ec Council Certified Ciso
Eccouncil Certified Application Security Engineer Java
Eccouncil Ethical Hacking And Countermeasures
Eccouncil Certified Threat Intelligence Analyst

Support

📧 Email Support ❓ FAQ 📞 Contact Us

Legal

📄 Terms & Refund Policy 🔒 Privacy Policy ⚖️ DMCA

Company

👥 About Us 🗺️ Sitemap

Connect With Us

Follow for IT lab tutorials & certification updates

© 2025 ITCertRocket.com - Hands-On IT Lab Exercises & Certification Prep. All rights reserved.