New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free and Premium ECCouncil ECSS Dumps Questions Answers

Page: 1 / 7
Total 100 questions

EC-Council Certified Security Specialist (ECSSv10)Exam Questions and Answers

Question 1

Sarah, a forensic investigator, is working on a criminal case. She was provided with all the suspect devices. Sarah employs an imaging software tool for duplicating the original data from the suspect devices. However, the tool she employed failed to image the data as the suspect version of the drive was very old and incompatible with imaging software. Hence, Sarah used an alternative data acquisition technique and succeeded in imaging the data.

Which of the following types of data acquisition techniques did Sarah employ in the above scenario?

Options:

A.

Bit-stream disk-to-disk

B.

Bit-stream disk-to-image file

C.

Sparse acquisition

D.

Logical acquisition

Buy Now
Question 2

Sam is working as a loan agent for a financial institution. He frequently receives a number of emails from clients providing their personal details for loan approval. As these emails contain sensitive data. Sam had set up a feature that directly downloads the emails on his device without storing a copy on the mail server.

Which of the following protocols provides the above-discussed email features?

Options:

A.

SHA-1

B.

ICMP

C.

SNMP

D.

POP3

Question 3

Christian is working as a software developer in a reputed MNC. He received a message from XIM bank that claims to be urgent and requests to call a phone number mentioned in the message. Worried by this, he called the number to check on his account, believing it to be an authentic XIM Bank customer service phone number. A recorded message asks him to provide his credit or debit card number, as well as his password.

Identify the type of social engineering attack being performed on Christian in the above scenario.

Options:

A.

SMiShing

B.

Spam mail

C.

Phishing

D.

Eavesdropping

Question 4

Kevin, a security team member, was instructed to share a policy document with the employees. As it was supposed to be shared within the network, he used a simple algorithm to encrypt the document that just rearranges the same characters to produce the ciphertext.

Identify the type of cipher employed by Kevin in the above scenario.

Options:

A.

Transposition cipher

B.

Stream cipher

C.

Block cipher

D.

Substitution cipher

Question 5

Ben, a computer user, applied for a digital certificate. A component of PKI verifies Ben's identity using the credentials provided and passes that request on behalf of Ben to grant the digital certificate.

Which of the following PKI components verified Ben as being legitimate to receive the certificate?

Options:

A.

Certificate directory

B.

Validation authority (VA)

C.

Certificate authority (CA)

D.

Registration authority (RA)

Question 6

Daniel, a networking specialist, identifies a glitch in a networking tool and fixes it on a priority using a system.

Daniel was authorized to make a copy of computers programs while maintaining or repairing the system.

Which of the following acts was demonstrated in the above scenario?

Options:

A.

Data Protection Act 2018 (DPA)

B.

The Digital Millennium Copyright Act (DMCA)

C.

Sarbanes Oxley Act (SOX)

D.

Gramm Leach Bliley Act (GLBA)

Question 7

Stella, a mobile user, often ignores the messages received from the manufacturer for updates. One day, she found that files in her device are being replaced, she immediately rushed to the nearest service center for inquiry. They tested the device and identified vulnerabilities in it as it ran with an obsolete OS version.

Identify the mobile device security risk raised on Stella's device in the above scenario.

Options:

A.

Network-based risk

B.

Physical security risks

C.

Application-based risk

D.

System-based risk

Question 8

Morris, an attacker, targeted an application server to manipulate its services. He succeeded by employing input validation attacks such as XSS that exploited vulnerabilities present in the programming logic of an application. Identify the web application layer in which Morris has manipulated the programming logic.

Options:

A.

Business layer

B.

Presentation layer

C.

Database layer

D.

Client layer

Question 9

Clark, a security professional, was instructed to monitor and continue the backup functions without interrupting the system or application services. In this process, Clark implemented a backup mechanism that dynamically backups the data even If the system or application resources are being used.

Which of the following types of backup mechanisms has Clark implemented in the above scenario?

Options:

A.

Full backup

B.

Cold backup

C.

Hot backup

D.

Offline backup

Question 10

Below are the various steps involved in an email crime investigation.

1.Acquiring the email data

2.Analyzing email headers

3.Examining email messages

4.Recovering deleted email messages

5.Seizing the computer and email accounts

6.Retrieving email headers

What is the correct sequence of steps involved in the investigation of an email crime?

Options:

A.

5->l->3->6-->2 >4

B.

2->4->3-->6->5-->l

C.

1—>3->4—>2-->5">6

D.

5 -> 1 -> 6 -> 2 -> 3 -> 4

Question 11

Wesley, a fitness freak, purchased a new Apple smartwatch and synced it with a mobile app downloaded from an unauthorized third party. At the end of the day, when Wesley attempted to access his fitness report from the app, it generated an unusual report and asked for some unnecessary permissions to view it.

Which of the following mobile risks is demonstrated in the above scenario?

Options:

A.

Insecure data storage

B.

Improper platform usage

C.

Client code quality

D.

Insecure authentication

Question 12

Identify the backup mechanism that is performed within the organization using external devices such as hard disks and requires human interaction to perform the backup operations, thus, making it suspect able to theft or natural disasters.

Options:

A.

Offsite data backup

B.

Cloud data backup

C.

Online data backup

D.

Onsite data backup

Question 13

Sam is a hacker who decided to damage the reputation of an organization. He started collecting information about the organization using social engineering techniques. Sam aims to gather critical information such as admin passwords and OS versions to plan for an attack.

Identify the target employee in the organization from whom Sam can gather the required information.

Options:

A.

Helpdesk

B.

Third-party service provider

C.

System administrators

D.

Customer support learn

Question 14

Jacob, a network defender in an organization, was instructed to improve the physical security measures to prevent unauthorized intrusion attempts. In this process, Jacob implemented certain physical security controls by using warning messages and signs that notify legal consequences to discourage hackers from making intrusion attempts.

Which of the following type of physical security controls has Jacob implemented in the above scenario?

Options:

A.

Detective control

B.

Preventive controls

C.

Deterrent controls

D.

Recovery controls

Question 15

Bob. a security specialist at an organization, extracted the following IIS log from a Windows-based server: “2019-12-12 06:11:41 192.168.0.10 GET /images/content/bg_body_l.jpg - 80 - 192.168.0.27 Mozilla/5.0 (Windows*NT»6.3:*WOW64)*AppleWebKit/537.36*(KHTML.*like»Cecko)*Chrome/48.0.2564.103»Safari/537.36 200 0 0 365"

Identify the element in the above IIS log entry that indicates the request was fulfilled without error.

Options:

A.

192

B.

80

C.

200

D.

537

Question 16

Williams, a forensic specialist, was tasked with performing a static malware analysis on a suspect system in an organization. For this purpose, Williams used an automated tool to perform a string search and saved all the identified strings in a text file. After analyzing the strings, he determined all the harmful actions that were performed by malware.

Identify the tool employed by Williams in the above scenario.

Options:

A.

ResourcesExlract

B.

Snagit

C.

Ezvid

D.

R-Drive Image

Question 17

Below are the various steps involved in establishing a network connection using the shared key authentication process.

l.The AP sends a challenge text to the station.

2.The station connects to the network.

3.The station encrypts the challenge text using its configured 128-bit key and sends the encrypted text to the AP.

4.The station sends an authentication frame to the AP.

5.The AP uses its configured WEP key to decrypt the encrypted text and compares it with the original challenge text.

What is the correct sequence of steps involved in establishing a network connection using the shared key authentication process?

Options:

A.

2 >4>3

B.

4—>2—>1—>3—>5

C.

4—>1—>3—>5—>2

D.

4-->5->3->2-->1

Question 18

Which of the following MAC forensic data components saves file information and related events using a token with a binary structure?

Options:

A.

Kexts

B.

User account

C.

Command-line inputs

D.

Basic Security Module

Question 19

Which of the following environmental controls options saves the hardware from humidity and heat, increases hardware performance, and maintains consistent room temperature?

Options:

A.

Hot and cold aisles

B.

Lighting system

C.

EMI shielding

D.

Temperature indicator

Question 20

Daniel, a professional hacker, targeted Alice and lured her into downloading a malicious app from a third-party app store. Upon installation, the core malicious code inside the application started infecting other legitimate apps in Alice's mobile device. Daniel overloaded Alice's device with irrelevant and fraudulent advertisements through the infected app for financial gain.

Identify the type of attack Daniel has launched in the above scenario.

Options:

A.

Agent Smith attack

B.

Bluebugging attack

C.

SMiShing attack

D.

SIM card attack

Question 21

Which of the following techniques is referred to as a messaging feature that originates from a server and enables the delivery of data or a message from an application to a mobile device without any explicit request from the user?

Options:

A.

Geofencing

B.

PIN feature

C.

Containerization

D.

Push notification

Question 22

Melanie, a professional hacker, is attempting to break into a target network through an application server. In this process, she identified a logic flaw in the target web application that provided visibility into the source code. She exploited this vulnerability to launch further attacks on the target web application.

Which of the web application vulnerabilities was identified by Melanie in the above scenario?

Options:

A.

Insecure deserialization

B.

Security misconfiguration

C.

Command injection

D.

Broken authentication

Question 23

Jessica, a user, wanted to access the Internet from her laptop and therefore sends a connection request to the access point. To identify the wireless client, the access point forwarded that request to a RADIUS server. The RADIUS server transmitted authentication keys to both the access point and Jessica's laptop. This key helps the access point identify a particular wireless client.

Identify the authentication method demonstrated in the above scenario.

Options:

A.

Open system authentication

B.

Null authentication

C.

Shared key authentication

D.

Centralized authentication

Question 24

Kevin, an attacker, is attempting to compromise a cloud server. In this process, Kevin intercepted the SOAP messages transmitted between a user and the server, manipulated the body of the message, and then redirected it to the server as a legitimate user to gain access and run malicious code on the cloud server.

Identify the attack initiated by Kevin on the target cloud server.

Options:

A.

Side-channel attack

B.

Wrapping attack

C.

Cross guest VM breaches

D.

DNS spoofing

Question 25

Bruce, a professional hacker, targeted an OT network. He initiated a looping strategy to recover the password of the target system. He started sending one character at a time to check whether the first character entered is correct: If so, he continued the loop for consecutive characters. Using thistechnique. Bruce identified how much time the device takes to finish one complete password authentication process, through which he determined the correct characters in the target password.

Identify the type of attack launched by Bruce on the target OT network.

Options:

A.

Code injection attack

B.

Buller overflow attack

C.

Reconnaissance attack

D.

Side-channel attack

Question 26

Finch, a security professional, was instructed to strengthen the security at the entrance. At the doorway, he implemented a security mechanism that allows employees to register their retina scan and a unique six-digit code, using which they can enter the office at any time.

Which of the following combinations of authentication mechanisms is implemented in the above scenario?

Options:

A.

Password and two-factor authentication

B.

Two-factor and smart card authentication

C.

Biometric and password authentication

D.

Smart card and password authentication

Question 27

Which of the following standards and criteria version of SWCDE mandates that any action with the potential to alter, damage, or destroy any aspect of original evidence must be performed by qualified persons in a forensically sound manner?

Options:

A.

Standards and Criteria 11

B.

Standards and Criteria 13

C.

Standards and Criteria 17

D.

Standards and Criteria 15

Question 28

Alice was working on her major project: she saved all her confidential files and locked her laptop. Bob wanted to access Alice’s laptop for his personal use but was unable to access the laptop due to biometric authentication.

Which of the following network defense approaches was employed by Alice on her laptop?

Options:

A.

Reactive approach

B.

Proactive approach

C.

Preventive approach

D.

Retrospective approach

Question 29

Messy, a network defender, was hired to secure an organization's internal network. He deployed an IDS in which the detection process depends on observing and comparing the observed events with the normal behavior and then detecting any deviation from it.

Identify the type of IDS employed by Messy in the above scenario.

Options:

A.

Stateful protocol analysis

B.

Anomaly-based

C.

Signature-based

D.

Application proxy

Page: 1 / 7
Total 100 questions