New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: cramtick70

ECSS EC-Council Certified Security Specialist (ECSSv10)Exam Questions and Answers

Questions 4

Daniel, a networking specialist, identifies a glitch in a networking tool and fixes it on a priority using a system.

Daniel was authorized to make a copy of computers programs while maintaining or repairing the system.

Which of the following acts was demonstrated in the above scenario?

Options:

A.

Data Protection Act 2018 (DPA)

B.

The Digital Millennium Copyright Act (DMCA)

C.

Sarbanes Oxley Act (SOX)

D.

Gramm Leach Bliley Act (GLBA)

Buy Now
Questions 5

Which of the following practices makes web applications vulnerable to SQL injection attacks?

Options:

A.

Use the most restrictive SQL account types for applications

B.

Never build Transact SQL statements directly from user input

C.

Avoid constructing dynamic SQL with concatenated input values

D.

A Accept entries that contain binary data, escape sequences, and comment characters

Buy Now
Questions 6

Sarah, a forensic investigator, is working on a criminal case. She was provided with all the suspect devices. Sarah employs an imaging software tool for duplicating the original data from the suspect devices. However, the tool she employed failed to image the data as the suspect version of the drive was very old and incompatible with imaging software. Hence, Sarah used an alternative data acquisition technique and succeeded in imaging the data.

Which of the following types of data acquisition techniques did Sarah employ in the above scenario?

Options:

A.

Bit-stream disk-to-disk

B.

Bit-stream disk-to-image file

C.

Sparse acquisition

D.

Logical acquisition

Buy Now
Questions 7

Morris, an attacker, targeted an application server to manipulate its services. He succeeded by employing input validation attacks such as XSS that exploited vulnerabilities present in the programming logic of an application. Identify the web application layer in which Morris has manipulated the programming logic.

Options:

A.

Business layer

B.

Presentation layer

C.

Database layer

D.

Client layer

Buy Now
Questions 8

Which of the following MAC forensic data components saves file information and related events using a token with a binary structure?

Options:

A.

Kexts

B.

User account

C.

Command-line inputs

D.

Basic Security Module

Buy Now
Questions 9

Peter, an attacker aiming to disrupt organizational services, targeted a configuration protocol that issues IP addresses to host systems. To disrupt the issuance of IP addresses. Peter flooded the target server with spoofed MAC addresses so that valid users cannot receive IP addresses to access the network.

Identify the type of attack Peter has performed in the above scenario.

Options:

A.

Session hijacking

B.

Ping-of-death attack

C.

ARP spoofing

D.

DHCP starvation attack

Buy Now
Questions 10

Finch, a security professional, was instructed to strengthen the security at the entrance. At the doorway, he implemented a security mechanism that allows employees to register their retina scan and a unique six-digit code, using which they can enter the office at any time.

Which of the following combinations of authentication mechanisms is implemented in the above scenario?

Options:

A.

Password and two-factor authentication

B.

Two-factor and smart card authentication

C.

Biometric and password authentication

D.

Smart card and password authentication

Buy Now
Questions 11

In which of the following levels of the OSI model does an attacker gain control over the HTTP user session by obtaining the session IDs and create new unauthorized sessions by using the stolen data?

Options:

A.

Presentation level

B.

Transport level

C.

Network-level

D.

Application-level

Buy Now
Questions 12

A major fire broke out in the storeroom of CyberSol Inc. It first gutted the equipment in the storeroom and then started spreading to other areas in the company. The officials of the company informed the fire department. The fire rescue team reached the premises and used a distribution piping system to suppress the fire, thereby preventing any human or asset loss.

Identify the type of fire-fighting system used by the rescue team in the above scenario.

Options:

A.

Fire extinguisher

B.

Wet chemical suppressant

C.

Standpipe system

D.

Sprinkler system

Buy Now
Questions 13

James, a forensic specialist, was appointed to investigate an incident in an organization. As part of the investigation, James is attempting to identify whether any external storage devices are connected to the internal systems. For this purpose, he employed a utility to capture the list of all devices connected to the local machine and removed suspicious devices.

Identify the tool employed by James in the above scenario.

Options:

A.

Promise Detect

B.

DriveLetlerView

C.

ESEDatabaseView

D.

ProcDump

Buy Now
Questions 14

Below is the syntax of a command-line utility that displays active TCP connections and ports on which the computer is listening.

netstat [ a] [e] [-nJ [-o] [ p Protocol] [-r] [-s] [interval]

Identify the netstat parameter that displays active TCP connections and includes the process ID (PID) for each connection.

Options:

A.

l-S]

B.

[-O]

C.

[-n]

D.

[-r]

Buy Now
Questions 15

An organization decided to strengthen the security of its network by studying and analyzing the behavior of attackers. For this purpose. Steven, a security analyst, was instructed to deploy a device to bait attackers. Steven selected a solution that appears to contain very useful information to lure attackers and find their locationsand techniques.

Identify the type of device deployed by Steven in the above scenario.

Options:

A.

Firewall

B.

Router

C.

Intrusion detection system

D.

Honeypot

Buy Now
Questions 16

Bob. a network specialist in an organization, is attempting to identify malicious activities in the network. In this process. Bob analyzed specific data that provided him a summary of a conversation between two network devices, including a source IP and source port, a destination IP and destination port, the duration of the conversation, and the information shared during the conversation.

Which of the following types of network-based evidence was collected by Bob in the above scenario?

Options:

A.

Statistical data

B.

Alert data

C.

Session data

D.

Full content data

Buy Now
Questions 17

Bob, a forensic investigator, was instructed to review a Windows machine and identify any anonymous activities performed using it. In this process. Bob used the command “netstat -ano" to view all the active connections in the system and determined that the connections established by the Tor browser were closed. Which of the following states of the connections established by Tor indicates that the Tor browser is closed?

Options:

A.

ESTABLISHED

B.

CLOSE WAIT

C.

TIMEWAIT

D.

LISTENING

Buy Now
Questions 18

Mark, an attacker, aims to access an organization's internal server, but the local firewall implementation restricted him from achieving this objective. To overcome this issue, he started sending specially crafted requests to the public server, through which he gained access to the local server.

Identify the type of attack initiated by Mark in the above scenario.

Options:

A.

Web cache poisoning attack

B.

SSRF attack

C.

TTP response-splitting attack

D.

SSH brute-force attack

Buy Now
Questions 19

While investigating a web attack on a Windows-based server, Jessy executed the following command on her system:

C:\> net view <10.10.10.11>

What was Jessy’s objective in running the above command?

Options:

A.

Verify the users using open sessions

B.

Check file space usage to look for a sudden decrease in free space

C.

Check whether sessions have been opened with other systems

D.

Review file shares to ensure their purpose

Buy Now
Questions 20

Clark, a digital forensic expert, was assigned to investigate a malicious activity performed on an organization's network. The organization provided Clark with all the information related to the incident. In this process, he assessed the impact of the incident on the organization, reasons for and source of the incident, steps required to tackle the incident, investigating team required to handle the case, investigative procedures, and possible outcome of the forensic process.

Identify the type of analysis performed by Clark in the above scenario.

Options:

A.

Data analysis

B.

Log analysis

C.

Traffic analysis

D.

Case analysis

Buy Now
Questions 21

Alice was working on her major project: she saved all her confidential files and locked her laptop. Bob wanted to access Alice’s laptop for his personal use but was unable to access the laptop due to biometric authentication.

Which of the following network defense approaches was employed by Alice on her laptop?

Options:

A.

Reactive approach

B.

Proactive approach

C.

Preventive approach

D.

Retrospective approach

Buy Now
Questions 22

Sam is a hacker who decided to damage the reputation of an organization. He started collecting information about the organization using social engineering techniques. Sam aims to gather critical information such as admin passwords and OS versions to plan for an attack.

Identify the target employee in the organization from whom Sam can gather the required information.

Options:

A.

Helpdesk

B.

Third-party service provider

C.

System administrators

D.

Customer support learn

Buy Now
Questions 23

Carol is a new employee at ApTech Sol Inc., and she has been allocated a laptop to fulfill his job activities. Carol tried to install certain applications on the company’s laptop but could not complete the installation as she requires administrator privileges to initiate the installation process. The administrator imposed an access policy on the company’s laptop that only users with administrator privileges have installation rights.

Identify the access control model demonstrated in the above scenario.

Options:

A.

Mandatory access control {MAC)

B.

Rule based access control (RB-RBAC)

C.

Discretionary access control (DAC)

D.

Role based access control (RBAC)

Buy Now
Questions 24

Peter, a network defender, was instructed to protect the corporate network from unauthorized access. To achieve this, he employed a security solution for wireless communication that uses dragonfly key exchange for authentication, which is the strongest encryption algorithm that protects the network from dictionary and key recovery attacks.

Identify the wireless encryption technology implemented in the security solution selected by Peter in the above scenario.

Options:

A.

WPA

B.

WPA3

C.

WEP

D.

EAP

Buy Now
Questions 25

Wesley, a fitness freak, purchased a new Apple smartwatch and synced it with a mobile app downloaded from an unauthorized third party. At the end of the day, when Wesley attempted to access his fitness report from the app, it generated an unusual report and asked for some unnecessary permissions to view it.

Which of the following mobile risks is demonstrated in the above scenario?

Options:

A.

Insecure data storage

B.

Improper platform usage

C.

Client code quality

D.

Insecure authentication

Buy Now
Questions 26

Daniel, a professional hacker, targeted Alice and lured her into downloading a malicious app from a third-party app store. Upon installation, the core malicious code inside the application started infecting other legitimate apps in Alice's mobile device. Daniel overloaded Alice's device with irrelevant and fraudulent advertisements through the infected app for financial gain.

Identify the type of attack Daniel has launched in the above scenario.

Options:

A.

Agent Smith attack

B.

Bluebugging attack

C.

SMiShing attack

D.

SIM card attack

Buy Now
Questions 27

Wesley, a professional hacker, deleted a confidential file in a compromised system using the "/bin/rm/ command to deny access to forensic specialists.

Identify the operating system on which Don has performed the file carving activity.

Options:

A.

Windows

B.

Mac OS

C.

Linux

D.

Android

Buy Now
Questions 28

Kalley, a shopping freak, often visits different e commerce websites from her office system. One day, she received a free software on her mail with the claim that it is loaded with new clothing offers. Tempted by this, Kalley downloaded the malicious software onto her system. The software infected Kalley's system and began spreading the infection to other systems connected to the network.

Identify the threat source through which Kalley unintentionally invited the malware into the network?

Options:

A.

File sharing services

B.

Portable hardware media

C.

insecure patch management

D.

Decoy application

Buy Now
Questions 29

Kevin, an attacker, is attempting to compromise a cloud server. In this process, Kevin intercepted the SOAP messages transmitted between a user and the server, manipulated the body of the message, and then redirected it to the server as a legitimate user to gain access and run malicious code on the cloud server.

Identify the attack initiated by Kevin on the target cloud server.

Options:

A.

Side-channel attack

B.

Wrapping attack

C.

Cross guest VM breaches

D.

DNS spoofing

Buy Now
Questions 30

Williams, a forensic specialist, was tasked with performing a static malware analysis on a suspect system in an organization. For this purpose, Williams used an automated tool to perform a string search and saved all the identified strings in a text file. After analyzing the strings, he determined all the harmful actions that were performed by malware.

Identify the tool employed by Williams in the above scenario.

Options:

A.

ResourcesExlract

B.

Snagit

C.

Ezvid

D.

R-Drive Image

Buy Now
Exam Code: ECSS
Exam Name: EC-Council Certified Security Specialist (ECSSv10)Exam
Last Update: Dec 26, 2024
Questions: 100
ECSS pdf

ECSS PDF

$25.5  $84.99
ECSS Engine

ECSS Testing Engine

$30  $99.99
ECSS PDF + Engine

ECSS PDF + Testing Engine

$40.5  $134.99