ECCouncil Related Exams
ECSS Exam

Kevin, an attacker, is attempting to compromise a cloud server. In this process, Kevin intercepted the SOAP messages transmitted between a user and the server, manipulated the body of the message, and then redirected it to the server as a legitimate user to gain access and run malicious code on the cloud server.
Identify the attack initiated by Kevin on the target cloud server.
Sarah, a forensic investigator, is working on a criminal case. She was provided with all the suspect devices. Sarah employs an imaging software tool for duplicating the original data from the suspect devices. However, the tool she employed failed to image the data as the suspect version of the drive was very old and incompatible with imaging software. Hence, Sarah used an alternative data acquisition technique and succeeded in imaging the data.
Which of the following types of data acquisition techniques did Sarah employ in the above scenario?
Morris, an attacker, targeted an application server to manipulate its services. He succeeded by employing input validation attacks such as XSS that exploited vulnerabilities present in the programming logic of an application. Identify the web application layer in which Morris has manipulated the programming logic.