Online Access Free ECSAv8 Practice Test

Rules of Engagement (ROE) document provides certain rights and restriction to the test team for performing the test and helps testers to overcome legal, federal, and policy-related restrictions to use different penetration testing tools and techniques.

What is the last step in preparing a Rules of Engagement (ROE) document?

• A.Have pre-contract discussions with different pen-testers
• B.Conduct a brainstorming session with top management and technical teams
• C.Conduct a brainstorming session with top management and technical teams
• D.Decide the desired depth for penetration testing

Phishing is an example of social engineering techniques used to deceive users, and exploits the poor usability of current web security technologies. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures.

What characteristics do phishing messages often have that may make them identifiable?

• A.They trigger warning pop-ups
• B.Suspiciously good grammar and capitalization
• C.Suspicious attachments
• D.Invalid email signatures or contact information

The first phase of the penetration testing plan is to develop the scope of the project in consultation with the client. Pen testing test components depend on the client's operating environment, threat perception, security and compliance requirements, ROE, and budget. Various components need to be considered for testing while developing the scope of the project.

Which of the following is NOT a pen testing component to be tested?

• A.Outside Accomplices
• B.System Software Security
• C.Inside Accomplices
• D.Intrusion Detection

Which of the following are the default ports used by NetBIOS service?

• A.135, 136, 139, 445
• B.137, 138, 139, 140
• C.134, 135, 136, 137
• D.133, 134, 139, 142

One of the steps in information gathering is to run searches on a company using complex keywords in Google.

Which search keywords would you use in the Google search engine to find all the
PowerPoint presentations containing information about a target company, ROCHESTON?

• A.ROCHESTON filetype:ppt
• B.ROCHESTON +ppt:filesearch
• C.ROCHESTON fileformat:+ppt
• D.ROCHESTON ppt:filestring