Black Friday Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Full Access ECCouncil ECSS Tutorials

Page: 6 / 7
Total 100 questions

EC-Council Certified Security Specialist (ECSSv10)Exam Questions and Answers

Question 21

Which of the following techniques is referred to as a messaging feature that originates from a server and enables the delivery of data or a message from an application to a mobile device without any explicit request from the user?

Options:

A.

Geofencing

B.

PIN feature

C.

Containerization

D.

Push notification

Question 22

Melanie, a professional hacker, is attempting to break into a target network through an application server. In this process, she identified a logic flaw in the target web application that provided visibility into the source code. She exploited this vulnerability to launch further attacks on the target web application.

Which of the web application vulnerabilities was identified by Melanie in the above scenario?

Options:

A.

Insecure deserialization

B.

Security misconfiguration

C.

Command injection

D.

Broken authentication

Question 23

Jessica, a user, wanted to access the Internet from her laptop and therefore sends a connection request to the access point. To identify the wireless client, the access point forwarded that request to a RADIUS server. The RADIUS server transmitted authentication keys to both the access point and Jessica's laptop. This key helps the access point identify a particular wireless client.

Identify the authentication method demonstrated in the above scenario.

Options:

A.

Open system authentication

B.

Null authentication

C.

Shared key authentication

D.

Centralized authentication

Question 24

Kevin, an attacker, is attempting to compromise a cloud server. In this process, Kevin intercepted the SOAP messages transmitted between a user and the server, manipulated the body of the message, and then redirected it to the server as a legitimate user to gain access and run malicious code on the cloud server.

Identify the attack initiated by Kevin on the target cloud server.

Options:

A.

Side-channel attack

B.

Wrapping attack

C.

Cross guest VM breaches

D.

DNS spoofing

Page: 6 / 7
Total 100 questions