• Home
  • Articles
  • [Jun 03, 2024] New ECSS Exam Dumps with High Passing Rate [Q29-Q52]

[Jun 03, 2024] New ECSS Exam Dumps with High Passing Rate [Q29-Q52]

Share

[Jun 03, 2024] New ECSS Exam Dumps with High Passing Rate

Get ECSS Braindumps & ECSS Real Exam Questions


EC-COUNCIL ECSS certification exam is designed for professionals who want to demonstrate their expertise in information security. ECSS exam covers a wide range of topics, including the basics of information security, security policies and procedures, network security, cryptography, and secure communications. EC-Council Certified Security Specialist (ECSSv10) certification exam is a vendor-neutral certification, which means that it is not tied to a specific technology or product. This makes it an ideal certification for professionals who want to develop their knowledge and skills in the field of information security.

 

NEW QUESTION # 29
Which of the following is the name given to expert groups that handle computer security incidents?

  • A. CSIRT
  • B. Z-Force
  • C. Software development team
  • D. Computer forensic team

Answer: A


NEW QUESTION # 30
Which of the following terms is used for the process of securing a system or a device on a network infrastructure?

  • A. Sanitization
  • B. Cryptography
  • C. Hardening
  • D. Authentication

Answer: C


NEW QUESTION # 31
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He is using a tool to crack the wireless encryption keys. The description of the tool is as follows:

Which of the following tools is John using to crack the wireless encryption keys?

  • A. Kismet
  • B. AirSnort
  • C. PsPasswd
  • D. Cain

Answer: B


NEW QUESTION # 32
Mark works as a Network Security Administrator for Umbrella Inc. The company has a Windows domain-based network. To provide security to the network, Mark plans to configure IDS. He wants to ensure that attackers are not able to modify or delete the system files. To determine such attacks, the IDS must be able to monitor the file structure of the system. Which of the following intrusion detection technologies can be used to accomplish the task?

  • A. Log File Monitor (LFM)
  • B. Network IDS
  • C. Systems Integrity Verifier (SIV)
  • D. Host-based IDS

Answer: C


NEW QUESTION # 33
John works as a Security Administrator for NetPerfect Inc. The company uses Windows-based
systems. A project has been assigned to John to track malicious hackers and to strengthen the company's security system. John configures a computer system to trick malicious hackers into thinking that it is the company's main server, which in fact is a decoy system to track hackers.
Which system is John using to track the malicious hackers?

  • A. Bastion host
  • B. Honeypot
  • C. Intrusion Detection System (IDS)
  • D. Honeytokens

Answer: B


NEW QUESTION # 34
James is a professional hacker attempting to gain access to an industrial system through a remote control device. In this process, he used a specially designed radio transceiver device to sniff radio commands and inject arbitrary code into the firmware of the remote controllers to maintain persistence.
Which of the following attacks is performed by James in the above scenario?

  • A. Re pairing with a malicious RF controller
  • B. Malicious reprogramming attack
  • C. Command injection
  • D. Abusing reprogramming attack

Answer: B

Explanation:
James is performing a malicious reprogramming attack in the given scenario. He uses a specially designed radio transceiver device to sniff radio commands and inject arbitrary code into the firmware of the remote controllers. This allows him to maintain persistence and potentially gain unauthorized access to the industrial system.
References:
* EC-Council Certified Security Specialist (E|CSS) documents and study guide12.


NEW QUESTION # 35
Peter works as a Technical Representative in a CSIRT for SecureEnet Inc. His team is called to investigate the computer of an employee, who is suspected for classified data theft. Suspect's computer runs on Windows operating system. Peter wants to collect data and evidences for further analysis. He knows that in Windows operating system, the data is searched in pre-defined steps for proper and efficient analysis. Which of the following is the correct order for searching data on a Windows based system?

  • A. Volatile data, file slack, registry, system state backup, internet traces, file system, memory dumps
  • B. Volatile data, file slack, file system, registry, memory dumps, system state backup, interne t traces
  • C. Volatile data, file slack, internet traces, registry, memory dumps, system state backup, file system
  • D. Volatile data, file slack, registry, memory dumps, file system, system state backup, interne t traces

Answer: B


NEW QUESTION # 36
John works as a Professional Ethical Hacker for NetPerfect Inc. The company has a Linux-based network. All client computers are running on Red Hat 7.0 Linux. The Sales Manager of the company complains to John that his system contains an unknown package named as tar.gz and his documents are exploited. To resolve the problem, John uses a Port scanner to enquire about the open ports and finds out that the HTTP server service port on 27374 is open. He suspects that the other computers on the network are also facing the same problem. John discovers that a malicious application is using the synscan tool to randomly generate IP addresses.
Which of the following worms has attacked the computer?

  • A. Ramen
  • B. Code red
  • C. LoveLetter
  • D. Nimda

Answer: A


NEW QUESTION # 37
Which of the following DoS attacks attempts to block service or reduce activity on a host by sending ping requests directly to the victim?

  • A. Teardrop attack
  • B. SYN flood attack
  • C. Ping flood attack
  • D. Land attack

Answer: C


NEW QUESTION # 38
Bob, a network administrator in a company, manages network connectivity to 200 employees in six different rooms. Every employee has their own laptop to connect to the Internet through a wireless network, but the company has only one broadband connection.
Which of the following types of wireless networks allows Bob to provide Internet access to every laptop and bring all the devices to a single network?

  • A. Multiple wireless access points
  • B. Extension to wired network
  • C. 3G/4G hotspot
  • D. LAN to LAN wireless network

Answer: A

Explanation:
To provide Internet access to every laptop and bring all the devices to a single network, Bob should use multiple wireless access points. These access points can be connected to the same wired network and provide wireless connectivity to the laptops in different rooms. By strategically placing these access points, Bob can ensure coverage throughout the company premises.
References:
* EC-Council Certified Security Specialist (E|CSS) documents and study guide.
* EC-Council Certified Security Specialist (E|CSS) course materials12


NEW QUESTION # 39
In which of the following levels of the OSI model does an attacker gain control over the HTTP user session by obtaining the session IDs and create new unauthorized sessions by using the stolen data?

  • A. Network-level
  • B. Presentation level
  • C. Application-level
  • D. Transport level

Answer: C

Explanation:
In the OSI model, the application layer (Layer 7) is closest to users and establishes communication between the user and applications. It deals with user interfaces, protocols, and application-specific data. An attacker who gains control over the HTTP user session by obtaining session IDs and creating new unauthorized sessions operates at the application level. By manipulating session IDs, the attacker can impersonate legitimate users and perform unauthorized actions.
References:
* EC-Council Certified Security Specialist (E|CSS) documents and study guide1.
* EC-Council Certified Security Specialist (E|CSS) course materials2.
The application layer is where HTTP operates, making it the relevant layer for session management and security. Attackers exploit vulnerabilities in web applications to gain unauthorized access, manipulate sessions, and potentially compromise user data. Ensuring secure session management practices is crucial to prevent such attacks.


NEW QUESTION # 40
Cibel.org, an organization, wanted to develop a web application for marketing its products to the public. In this process, they consulted a cloud service provider and requested provision of development tools, configuration management, and deployment platforms for developing customized applications.
Identify the type of cloud service requested by Cibel.org in the above scenario.

  • A. Infrastructure-as-a-service (laaS)
  • B. identity-as-a-service (IDaaS)
  • C. Security-as-a-service (SECaaS)
  • D. Platform-as-a-service

Answer: D

Explanation:
Cibel.org requested a cloud service that provides development tools, configuration management, and deployment platforms for developing customized applications. This aligns with the characteristics of Platform-as-a-service (PaaS), which offers a platform for developers to build, deploy, and manage applications without worrying about infrastructure management. References: EC-Council Certified Security Specialist (E|CSS) course materials12.


NEW QUESTION # 41
Which of the following environmental variables represents the PID value of the last child process?

  • A. $!!
  • B. $$
  • C. $!
  • D. $?

Answer: C


NEW QUESTION # 42
Martin, a hacker, aimed to crash a target system. For this purpose, he spoofed the source IP address with the target's IP address and sent many ICMP ECHO request packets to an IP broadcast network, causing all the hosts to respond to the received ICMP ECHO requests and ultimately crashing the target machine.
Identify the type of attack performed by Martin in the above scenario.

  • A. UDP flood attack
  • B. Fragmentation attack
  • C. Multi vector attack
  • D. Smurf attack

Answer: D

Explanation:
In the scenario described, Martin conducted a Smurf attack. This type of attack involves spoofing the source IP address with the target's IP address and sending ICMP ECHO request packets to an IP broadcast network.
The broadcast network then amplifies the traffic by directing it to all hosts, which respond to the ICMP ECHO requests. This flood of responses is sent back to the spoofed source IP address, which is the target system, leading to its overload and potential crash. The Smurf attack is a type of distributed denial-of-service (DDoS) attack that exploits the vulnerabilities of the Internet Protocol (IP) and the Internet Control Message Protocol (ICMP). References: EC-Council Certified Security Specialist (E|CSS) course materials and documents


NEW QUESTION # 43
Alice wants to prove her identity to Bob. Bob requests her password as proof of identity, which Alice dutifully provides (possibly after some transformation like a hash function); meanwhile, Eve is eavesdropping the conversation and keeps the password. After the interchange is over, Eve connects to Bob posing as Alice; when asked for a proof of identity, Eve sends Alice's password read from the last session, which Bob accepts. Which of the following attacks is being used by Eve?

  • A. Session fixation
  • B. Cross site scripting
  • C. Replay
  • D. Firewalking

Answer: C


NEW QUESTION # 44
Which of the following U.S. Federal laws addresses computer crime activities in communication lines, stations, or systems?

  • A. 18 U.S.C. 1029
  • B. 18 U.S. 1030
  • C. 18 U.S.C. 2510
  • D. 18 U.S.C. 1362
  • E. 18 U.S.C. 2701

Answer: D


NEW QUESTION # 45
A disk drive has 16.384 cylinders, 80 heads, and 63 sectors per track, and each sector can store 512bytes of data. What is the total size of the disk?

  • A. 42.278.584,320 bytes
  • B. 42.278.584,340 bytes
  • C. 43,278,584,320 bytes
  • D. 42.279,584.320 bytes

Answer: A

Explanation:
* Sectors per Cylinder:Multiply heads * sectors per track: 80 * 63 = 5040 sectors/cylinder
* Bytes per Cylinder:Multiply sectors per cylinder * bytes per sector: 5040 * 512 = 2,580,480 bytes/cylinder
* Total Bytes:Multiply bytes per cylinder * total cylinders: 2,580,480 * 16,384 = 42,278,584,320 bytes Explanation:
To find the total disk size, we need to calculate the storage capacity per cylinder and then multiply that by the total number of cylinders.


NEW QUESTION # 46
Which of the following statements explains the dumpster diving hacking technique?

  • A. This is an information gathering technique in which an attacker rummages through all the discarded waste-papers in the victim's trash.
  • B. This is an information gathering technique in which the attacker calls the help center of the organization and asks someone to reset a password.
  • C. This is an information gathering technique in which the attacker injects a Trojan in the victim's computer.
  • D. This is an information gathering technique in which the attacker runs a software program to automatically call thousands of telephone numbers to find out a victim who has attached a modem to the Internet.

Answer: A


NEW QUESTION # 47
Paola, a professional hacker, was hired to break into the target organization's network and extract sensitive data. In this process, Paola found that the target organization has purchased new hardware. She accessed the new hardware while it was in transit and tampered with the hardware to make it vulnerable to attacks.
Identify the class of attack Paola has performed on the target organization.

  • A. insider attack
  • B. Distribution attack
  • C. Passive attack
  • D. Active attack

Answer: B

Explanation:
The scenario describes Paola tampering with new hardware while it was in transit to make it vulnerable to attacks. This type of attack is known as a distribution attack. Distribution attacks involve the interception and manipulation of products during their delivery process1. By accessing and tampering with the hardware before it reaches its final destination, the attacker can introduce vulnerabilities or backdoors that can be exploited later.
This method is distinct from an insider attack, which would involve someone within the organization facilitating the breach. A passive attack refers to monitoring and capturing data without altering the system, and an active attack involves direct engagement with the system to disrupt or manipulate operations. Since Paola's actions involve tampering with hardware during distribution, the correct classification is a distribution attack.


NEW QUESTION # 48
Which of the following statements are true about firewalking?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Firewalking works on the UDP packets.
  • B. In this technique, an attacker sends a crafted packet with a TTL value that is set to expire one hop past the firewall.
  • C. A malicious attacker can use firewalking to determine the types of ports/protocols that can bypass the firewall.
  • D. To use firewalking, the attacker needs the IP address of the last known gateway before the firewall and the IP address of a host located behind the firewall.

Answer: B,C,D


NEW QUESTION # 49
Rick, the Network Administrator of the Fimbry Hardware Inc., wants to design the initial test model for Internet Access. He wants to fulfill the following goals:
*No external traffic should be allowed into the network.
*Administrators should be able to restrict the websites which can be accessed by the internal users.
Which of the following technologies should he use to accomplish the above goals?
(Click the Exhibit button on the toolbar to see the case study.)

  • A. Network Address Translator (NAT)
  • B. Proxy Server
  • C. Firewall
  • D. Internet Connection Sharing (ICS)
  • E. Routing and Remote Access Service (RRAS)

Answer: B


NEW QUESTION # 50
Which of the following layers of the OSI model provides non-repudiation services?

  • A. The application layer
  • B. The presentation layer
  • C. The physical layer
  • D. The data-link layer

Answer: A


NEW QUESTION # 51
You are a professional Computer Hacking forensic investigator. You have been called to collect the evidences of Buffer Overflows or Cookie snooping attack. Which of the following logs will you review to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Event logs
  • B. Web server logs
  • C. Program logs
  • D. System logs

Answer: A,C,D


NEW QUESTION # 52
......

ECSS Dumps To Pass EC-COUNCIL Exam in 24 Hours - ActualCollection: https://examtorrent.actualcollection.com/ECSS-exam-questions.html

Related Articles

more
EC-COUNCIL ECSS Certification Practice Exam

Copyright © 2026 ActualCollection NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy