New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: best70

ECSS EC-Council Certified Security Specialist (ECSSv10)Exam Questions and Answers

Questions 4

An organization decided to strengthen the security of its network by studying and analyzing the behavior of attackers. For this purpose. Steven, a security analyst, was instructed to deploy a device to bait attackers. Steven selected a solution that appears to contain very useful information to lure attackers and find their locationsand techniques.

Identify the type of device deployed by Steven in the above scenario.

Options:

A.

Firewall

B.

Router

C.

Intrusion detection system

D.

Honeypot

Buy Now
Questions 5

Cibel.org, an organization, wanted to develop a web application for marketing its products to the public. In this process, they consulted a cloud service provider and requested provision of development tools, configuration management, and deployment platforms for developing customized applications.

Identify the type of cloud service requested by Cibel.org in the above scenario.

Options:

A.

Security-as-a-service (SECaaS)

B.

Infrastructure-as-a-service (laaS)

C.

identity-as-a-service (IDaaS)

D.

Platform-as-a-service

Buy Now
Questions 6

Mary was surfing the Internet, and she wanted to hide her details and the content she was surfing over the web. She employed a proxy tool that makes his online activity untraceable.

Identify the type of proxy employed by John in the above scenario.

Options:

A.

Reverse proxy

B.

Anonvmous proxy

C.

Explicit proxy

D.

SOCKS proxy

Buy Now
Questions 7

Bob, a security professional, was recruited by an organization to ensure that application services are being delivered as expected without any delay. To achieve this. Bob decided to maintain different backup servers for the same resources so that if one backup system fails, another will serve the purpose.

Identify the IA principle employed by Bob in the above scenario.

Options:

A.

Integrity

B.

Confidentiality

C.

Authentication

D.

Availability

Buy Now
Questions 8

Melissa, an ex-employee of an organization, was fired because of misuse of resources and security violations. She sought revenge against the company and targeted its network, as she is already aware of its network topology.

Which of the following categories of insiders does Melissa belong to?

Options:

A.

Malicious insider

B.

Professional insider

C.

Compromised insider

D.

Negligent insider

Buy Now
Questions 9

A disk drive has 16.384 cylinders, 80 heads, and 63 sectors per track, and each sector can store 512bytes of data. What is the total size of the disk?

Options:

A.

42.278.584,340 bytes

B.

42.278.584,320 bytes

C.

42.279,584.320 bytes

D.

43,278,584,320 bytes

Buy Now
Questions 10

Mark, a network administrator in an organization, was assigned the task of preventing data from falling into the wrong hands. In this process, Mark implemented authentication techniques and performed full memory encryption for the data stored on RAM.

In which of the following states has Steve encrypted the data in the above scenario?

Options:

A.

Data in transit

B.

Data in rest

C.

Data in use

D.

Data inactive

Buy Now
Questions 11

Sam is a hacker who decided to damage the reputation of an organization. He started collecting information about the organization using social engineering techniques. Sam aims to gather critical information such as admin passwords and OS versions to plan for an attack.

Identify the target employee in the organization from whom Sam can gather the required information.

Options:

A.

Helpdesk

B.

Third-party service provider

C.

System administrators

D.

Customer support learn

Buy Now
Questions 12

Jennifer, a forensics investigation team member, was inspecting a compromised system. After gathering all the evidence related to the compromised system, she disconnected the system from the network to stop the spread of the incident to other systems.

Identify the role played by Jennifer in the forensics investigation.

Options:

A.

Evidence manager

B.

Expert witness

C.

Incident responder

D.

Incident analyzer

Buy Now
Questions 13

Bob, a forensic investigator, was instructed to review a Windows machine and identify any anonymous activities performed using it. In this process. Bob used the command “netstat -ano" to view all the active connections in the system and determined that the connections established by the Tor browser were closed. Which of the following states of the connections established by Tor indicates that the Tor browser is closed?

Options:

A.

ESTABLISHED

B.

CLOSE WAIT

C.

TIMEWAIT

D.

LISTENING

Buy Now
Questions 14

Kevin, an attacker, is attempting to compromise a cloud server. In this process, Kevin intercepted the SOAP messages transmitted between a user and the server, manipulated the body of the message, and then redirected it to the server as a legitimate user to gain access and run malicious code on the cloud server.

Identify the attack initiated by Kevin on the target cloud server.

Options:

A.

Side-channel attack

B.

Wrapping attack

C.

Cross guest VM breaches

D.

DNS spoofing

Buy Now
Questions 15

Bruce, a professional hacker, targeted an OT network. He initiated a looping strategy to recover the password of the target system. He started sending one character at a time to check whether the first character entered is correct: If so, he continued the loop for consecutive characters. Using thistechnique. Bruce identified how much time the device takes to finish one complete password authentication process, through which he determined the correct characters in the target password.

Identify the type of attack launched by Bruce on the target OT network.

Options:

A.

Code injection attack

B.

Buller overflow attack

C.

Reconnaissance attack

D.

Side-channel attack

Buy Now
Questions 16

Kalley, a network administrator of an organization, has installed a traffic monitoring system to capture and report suspicious traffic signatures. In this process, she detects traffic containing password cracking, sniffing, and brute-forcing attempts.

Which of the following categories of suspicious traffic signature were identified by Kalley through the installed monitoring system?

Options:

A.

Reconnaissance signatures

B.

Informational signatures

C.

Unauthorized access signatures

D.

Denial of service (DoS) signatures

Buy Now
Questions 17

James is a professional hacker who managed to penetrate the target company’s network and tamper with software by adding a malicious script in the production that holds persistence on the network.

Which of the following phases of hacking is James currently in?

Options:

A.

Clearing tracks

B.

Maintaining access

C.

Gaining access

D.

Scanning

Buy Now
Questions 18

Michael, a forensic expert, was assigned to investigate an incident that involved unauthorized intrusion attempts. In this process, Michael identified all the open ports on a system and disabled them because these open ports can allow attackers to install malicious services and compromise the security of the system or network.

Which of the following commands assisted Michael in identifying open ports in the above scenario?

Options:

A.

nmap -sT localhost

B.

netstat -i

C.

ilconfig promise

D.

netstat rn

Buy Now
Questions 19

Jay, a network administrator, was monitoring traffic flowing through an IDS. Unexpectedly, he received an event triggered as an alarm, although there is no active attack in progress.

Identify the type of IDS alert Jay has received in the above scenario.

Options:

A.

True negative alert

B.

False negative alert

C.

True positive alert

D.

False positive alert

Buy Now
Questions 20

While investigating a web attack on a Windows-based server, Jessy executed the following command on her system:

C:\> net view <10.10.10.11>

What was Jessy’s objective in running the above command?

Options:

A.

Verify the users using open sessions

B.

Check file space usage to look for a sudden decrease in free space

C.

Check whether sessions have been opened with other systems

D.

Review file shares to ensure their purpose

Buy Now
Questions 21

Below is an extracted Apache error log entry.

"(Wed Aug 28 13:35:38.878945 2020] (core:error] (pid 12356:tid 8689896234] (client 10.0.0.8] File not found: /images/folder/pic.jpg"

Identify the element in the Apache error log entry above that represents the IP address from which the request was made.

Options:

A.

10.0.0.8

B.

8689896234

C.

13:35:38.878945

D.

12356

Buy Now
Questions 22

Bob. a security specialist at an organization, extracted the following IIS log from a Windows-based server: “2019-12-12 06:11:41 192.168.0.10 GET /images/content/bg_body_l.jpg - 80 - 192.168.0.27 Mozilla/5.0 (Windows*NT»6.3:*WOW64)*AppleWebKit/537.36*(KHTML.*like»Cecko)*Chrome/48.0.2564.103»Safari/537.36 http://www.movie5cope.com/css/style.c5s 200 0 0 365"

Identify the element in the above IIS log entry that indicates the request was fulfilled without error.

Options:

A.

192

B.

80

C.

200

D.

537

Buy Now
Questions 23

Kevin, a forensic investigator at FinCorp Ltd., was investigating a cybercrime against the company. As part of the investigation process, he needs to recover corrupted and deleted files from a Windows system. Kevin decided to use an automated tool to recover the damaged, corrupted, or deleted files.

Which of the following forensic tools can help Kevin in recovering deleted files?

Options:

A.

Cain & Abel

B.

Rohos Mini Drive

C.

R-Sludio

D.

Ophcrack

Buy Now
Questions 24

Below are the various stages of the virus lifecycle:

1) Replication

2)Detection

3)lncorporation

4)Design

5)Execution of the damage routine

6)Launch

What is the correct sequence of stages involved in the virus lifecycle?

Options:

A.

3->l >2- >6 >5 >4

B.

4 >2 >3 >5 >6- >1

C.

4 >l->6 >2 >3- >5

D.

1>2 >3- >4 >5- >6

Buy Now
Questions 25

Kevin, a security team member, was instructed to share a policy document with the employees. As it was supposed to be shared within the network, he used a simple algorithm to encrypt the document that just rearranges the same characters to produce the ciphertext.

Identify the type of cipher employed by Kevin in the above scenario.

Options:

A.

Transposition cipher

B.

Stream cipher

C.

Block cipher

D.

Substitution cipher

Buy Now
Questions 26

Robert, a security specialist, was appointed to strengthen the security of the organization's network. To prevent multiple login attempts from unknown sources, Robert implemented a security strategy of issuing alerts or warning messages when multiple failed login attempts are made.

Which of the following security risks is addressed by Robert to make attempted break-ins unsuccessful?

Options:

A.

Indefinite session timeout

B.

Absence of account lockout for invalid session IDs

C.

Small session-ID generation

D.

Weak session-ID generation

Buy Now
Questions 27

Melanie, a professional hacker, is attempting to break into a target network through an application server. In this process, she identified a logic flaw in the target web application that provided visibility into the source code. She exploited this vulnerability to launch further attacks on the target web application.

Which of the web application vulnerabilities was identified by Melanie in the above scenario?

Options:

A.

Insecure deserialization

B.

Security misconfiguration

C.

Command injection

D.

Broken authentication

Buy Now
Questions 28

Kalley, a shopping freak, often visits different e commerce websites from her office system. One day, she received a free software on her mail with the claim that it is loaded with new clothing offers. Tempted by this, Kalley downloaded the malicious software onto her system. The software infected Kalley's system and began spreading the infection to other systems connected to the network.

Identify the threat source through which Kalley unintentionally invited the malware into the network?

Options:

A.

File sharing services

B.

Portable hardware media

C.

insecure patch management

D.

Decoy application

Buy Now
Questions 29

Roxanne is a professional hacker hired by an agency to disrupt the business services of their rival company. Roxanne employed a special type of malware that consumes a server's memory and network bandwidth when triggered. Consequently, the target server is overloaded and stops responding.

Identify the type of malware Roxanne has used in the above scenario.

Options:

A.

Rootkit

B.

Armored virus

C.

worm

D.

Spyware

Buy Now
Questions 30

James is a professional hacker attempting to gain access to an industrial system through a remote control device. In this process, he used a specially designed radio transceiver device to sniff radio commands and inject arbitrary code into the firmware of the remote controllers to maintain persistence.

Which of the following attacks is performed by James in the above scenario?

Options:

A.

Malicious reprogramming attack

B.

Re pairing with a malicious RF controller

C.

Command injection

D.

Abusing reprogramming attack

Buy Now
Exam Code: ECSS
Exam Name: EC-Council Certified Security Specialist (ECSSv10)Exam
Last Update: Dec 21, 2024
Questions: 100

PDF + Testing Engine

$134.99

Testing Engine

$99.99

PDF (Q&A)

$84.99