Month End Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

ECCouncil ECSS EC-Council Certified Security Specialist Exam Practice Test

Demo: 50 questions
Total 337 questions

EC-Council Certified Security Specialist Questions and Answers

Question 1

Which of the following representatives of incident response team takes forensic backups of the systems that are the focus of the incident?

Options:

A.

Lead investigator

B.

Information security representative

C.

Technical representative

D.

Legal representative

Question 2

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He is using dumpster diving to gather information about Weare- secure, Inc. In which of the following steps of malicious hacking does dumpster diving come under?

Options:

A.

Gaining access

B.

Scanning

C.

Maintaining access

D.

Reconnaissance

Question 3

You work as a Network Administrator for Tech Perfect Inc. The company has a Windows Server 2008 network environment. The network is configured as a Windows Active Directory-based single forest domain-based network. The company has recently provided fifty laptops to its sales team members. You are required to configure an 802.11 wireless network for the laptops. The sales team members must be able to use their data placed at a server in a cabled network. The planned network should be able to handle the threat of unauthorized access and data interception by an unauthorized user. You are also required to prevent the sales team members from communicating directly to one another. Which of the following actions will you perform to accomplish the task?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

Implement the open system authentication for the wireless network.

B.

Implement the IEEE 802.1X authentication for the wireless network.

C.

Configure the wireless network to use WEP encryption for the data transmitted over a wireless network.

D.

Using group policies, configure the network to allow the wireless computers to connect to the infrastructure networks only.

E.

Using group policies, configure the network to allow the wireless computers to connect to the ad hoc networks only.

Question 4

John works as an Office Assistant in DataSoft Inc. He has received an e-mail from duesoft_lotterygroup@us.com with the following message:

The DueSoft Lottery Incorporation

This is to inform you that you have just won a prize of $7,500.00 for this year's Annual Lottery promotion, which was organized by Msn/Yahoo Lottery in conjunction with DueSoft. We collect active online e-mails and select five people every year as our winners through an electronic balloting machine. Please reply within three days of receiving this e-mail with your full details like Name, Address, Sex, Occupation, Age, State, Telephone number, and Country to claim your prize.

If John replies to this e-mail, which of the following attacks may he become vulnerable to?

Options:

A.

Salami attack

B.

Man-in-the-Middle attack

C.

Phishing attack

D.

DoS attack

Question 5

Which of the following can be used to perform session hijacking?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

ARP spoofing

B.

Cross-site scripting

C.

Session fixation

D.

Session sidejacking

Question 6

Which of the following security policies will you implement to keep safe your data when you connect your Laptop to the office network over IEEE 802.11 WLANs?

Each correct answer represents a complete solution. Choose two.

Options:

A.

Using a protocol analyzer on your Laptop to monitor for risks.

B.

Using an IPSec enabled VPN for remote connectivity.

C.

Using portscanner like nmap in your network.

D.

Using personal firewall software on your Laptop.

Question 7

An Anti-Virus software is used to prevent, detect, and remove malware from a system, including computer viruses, worms, and Trojan horses. Which of the following companies are the providers of Anti-virus softwares?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

Symantec Corporation

B.

F-Secure Corporation

C.

AVG Technologies

D.

Kaspersky Lab

E.

McAfee Inc.

Question 8

Which of the following is a set of exclusive rights granted by a state to an inventor or his assignee for a fixed period of time in exchange for the disclosure of an invention?

Options:

A.

Snooping

B.

Copyright

C.

Utility model

D.

Patent

Question 9

You are responsible for security at a company that uses a lot of Web applications. You are most concerned about flaws in those applications allowing some attacker to get into your network. What method would be best for finding such flaws?

Options:

A.

Vulnerability scanning

B.

Manual penetration testing

C.

Automated penetration testing

D.

Code review

Question 10

Jason, a cybercriminal, sells illegal articles on the Internet. Which of the following activities is Jason involved in?

Options:

A.

Cyberstalking

B.

Cyberterrorism

C.

Cybertrespass

D.

Internet pharmacies

Question 11

Victor works as a network administrator for DataSecu Inc. He uses a dual firewall Demilitarized Zone (DMZ) to insulate the rest of the network from the portions that is available to the Internet.

Which of the following security threats may occur if DMZ protocol attacks are performed?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

The attacker can exploit any protocol used to go into the internal network or intranet of thecompany.

B.

The attacker can gain access to the Web server in a DMZ and exploit the database.

C.

The attacker can perform a Zero Day attack by delivering a malicious payload that is not a part of the intrusion detection/prevention systems guarding the network.

D.

The attacker managing to break the first firewall defense can access the internal network without breaking the second firewall if it is different.

Question 12

John works as a Network Security Administrator for NetPerfect Inc. The manager of the company has told John that the company's phone bill has increased drastically. John suspects that the company's phone system has been cracked by a malicious hacker. Which attack is used by malicious hackers to crack the phone system?

Options:

A.

Sequence++ attack

B.

Phreaking

C.

Man-in-the-middle attack

D.

War dialing

Question 13

Victor works as a professional Ethical Hacker for SecureEnet Inc. He has been assigned a job to test an image, in which some secret information is hidden, using Steganography. Victor performs the following techniques to accomplish the task:

1. Smoothening and decreasing contrast by averaging the pixels of the area where significant

color transitions occurs.

2. Reducing noise by adjusting color and averaging pixel value.

3. Sharpening, Rotating, Resampling, and Softening the image.

Which of the following Steganography attacks is Victor using?

Options:

A.

Steg-Only Attack

B.

Chosen-Stego Attack

C.

Active Attacks

D.

Stegdetect Attack

Question 14

You work as a Network Administrator for Infonet Inc. The company uses Wired Equivalent Privacy (WEP) for wireless security. Who among the following can authenticate from the access point of the network?

Options:

A.

Only users within the company.

B.

Only users with the correct WEP key.

C.

Only the administrator.

D.

Anyone can authenticate.

Question 15

In a complex network, Router transfers data packets by observing some form of parameters or metrics provided in the routing table. Which of the following metrics is NOT included in the routing table?

Options:

A.

Bandwidth

B.

Delay

C.

Load

D.

Frequency

Question 16

You work as a Network Administrator for ABC Inc. The company uses a secure wireless network.

John complains to you that his computer is not working properly. What type of security audit do you need to conduct to resolve the problem?

Options:

A.

Independent audit

B.

Operational audit

C.

Non-operational audit

D.

Dependent audit

Question 17

Linux traffic monitoring tools are used to monitor and quickly detect faults in the network or a system. Which of the following tools are used to monitor traffic of the Linux operating system?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

PsExec

B.

IPTraf

C.

MRTG

D.

PsLogList

E.

Ntop

Question 18

Which of the following statements is true about a honeyfarm?

Options:

A.

It is a centralized collection of honeypots.

B.

It is a firewall.

C.

It is a computer system used to attract hackers to identify them.

D.

It is a computer system that has no security.

Question 19

Which of the following proxy servers is also referred to as transparent proxies or forced proxies?

Options:

A.

Reverse proxy server

B.

Tunneling proxy server

C.

Intercepting proxy server

D.

Anonymous proxy server

Question 20

Which of the following terms is used for the process of securing a system or a device on a network infrastructure?

Options:

A.

Hardening

B.

Authentication

C.

Cryptography

D.

Sanitization

Question 21

Which of the following is a transport layer circuit-level proxy server?

Options:

A.

Bastion host

B.

UDP proxy

C.

SOCKS

D.

Forced proxy

Question 22

Which of the following attacks is used to hack simple alphabetical passwords?

Options:

A.

Man-in-the-middle attack

B.

Dictionary-based attack

C.

Black hat attack

D.

Sniffing

Question 23

Which of the following is a valid IP address for class B Networks?

Options:

A.

212.136.45.8

B.

172.157.88.3

C.

80.33.5.7

D.

225.128.98.7

Question 24

Which of the following attacks is used to hack simple alphabetical passwords?

Options:

A.

Dictionary-based attack

B.

Black hat attack

C.

Sniffing

D.

Man-in-the-middle attack

Question 25

Which of the following is true for XSS, SQL injection, and RFI?

Options:

A.

These are Trojans.

B.

These are hacking tools.

C.

These are viruses.

D.

These are types of Web application vulnerabilities.

Question 26

Firewalking is a technique that can be used to gather information about a remote network protected by a firewall. This technique can be used effectively to perform information gathering attacks. In this technique, an attacker sends a crafted packet with a TTL value that is set to expire one hop past the firewall. Which of the following are pre-requisites for an attacker to conduct firewalking?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

There should be a backdoor installed on the network.

B.

An attacker should know the IP address of a host located behind the firewall.

C.

An attacker should know the IP address of the last known gateway before the firewall.

D.

ICMP packets leaving the network should be allowed.

Question 27

Which of the following password cracking attacks is implemented by calculating all the possible hashes for a set of characters?

Options:

A.

Rainbow attack

B.

Brute force attack

C.

SQL injection attack

D.

Dictionary attack

Question 28

Which of the following are the two types of reconnaissance?

Options:

A.

Direct and Indirect

B.

Active and passive

C.

Active and Invasive

D.

Preliminary and active

Question 29

Which of the following viruses/worms uses the buffer overflow attack?

Options:

A.

Code red worm

B.

Nimda virus

C.

Chernobyl (CIH) virus

D.

Klez worm

Question 30

Which of the following protocols allows a service to authenticate the identity of a user without needing to see a password?

Options:

A.

SMTP

B.

TCP/IP

C.

ICMP

D.

Kerberos

Question 31

Maria works as the Chief Security Officer for PassGuide Inc. She wants to send secret messages to the CEO of the company. To secure these messages, she uses a technique of hiding a secret message within an ordinary message. The technique provides 'security through obscurity'. What technique is Maria using?

Options:

A.

Encryption

B.

Steganography

C.

RSA algorithm

D.

Public-key cryptography

Question 32

A firewall is a combination of hardware and software, used to provide security to a network. It is used to protect an internal network or intranet against unauthorized access from the Internet or other outside networks. It restricts inbound and outbound access and can analyze all traffic between an internal network and the Internet. Users can configure a firewall to pass or block packets from specific IP addresses and ports. Which of the following tools works as a firewall for the Linux 2.4 kernel?

Options:

A.

Stunnel

B.

IPChains

C.

IPTables

D.

OpenSSH

Question 33

Which of the following algorithms is used by the Advanced Encryption Standard (AES)?

Options:

A.

Rijndael

B.

3 DES

C.

Twofish

D.

Blowfish

Question 34

You work as a Network Administrator for Maverick Inc. The company has a Linux-based network.

You are working on a Linux computer. You want to see the environment variables that are set on your computer. Which of the following commands will you use?

Options:

A.

echo $shell

B.

env

C.

ls

D.

rm

Question 35

John works as a professional Ethical Hacker. He is assigned a project to test the security of www.we-are-secure.com. He is working on the Linux operating system. He wants to sniff the weare- secure network and intercept a conversation between two employees of the company through session hijacking. Which of the following tools will John use to accomplish the task?

Options:

A.

Ethercap

B.

Tripwire

C.

IPChains

D.

Hunt

Question 36

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He has successfully completed the following pre-attack phases while testing the security of the server:

· Footprinting

· Scanning

Now he wants to conduct the enumeration phase. Which of the following tools can John use to conduct it?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

PsFile

B.

UserInfo

C.

PsPasswd

D.

WinSSLMiM

Question 37

Fill in the blank with the appropriate layer name of the OSI model.

Secure Socket Layer (SSL) operates at the________ layer of the OSI model.

Options:

A.

transport

Question 38

Rick works as a Computer Forensic Investigator for BlueWells Inc. He has been informed that some confidential information is being leaked out by an employee of the company. Rick suspects that someone is sending the information through email. He checks the emails sent by some employees to other networks. Rick finds out that Sam, an employee of the Sales department, is continuously sending text files that contain special symbols, graphics, and signs. Rick suspects that Sam is using the Steganography technique to send data in a disguised form. Which of the following techniques is Sam using?

Each correct answer represents a part of the solution. Choose all that apply.

Options:

A.

Text Semagrams

B.

Perceptual masking

C.

Linguistic steganography

D.

Technical steganography

Question 39

Adam, a novice Web user is getting large amount of unsolicited commercial emails on his email address. He suspects that the emails he is receiving are the Spam. Which of the following steps will he take to stop the Spam?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

Forward a copy of the spam to the ISP to make the ISP conscious of the spam.

B.

Send an email to the domain administrator responsible for the initiating IP address.

C.

Close existing email account and open new email account.

D.

Report the incident to the FTC (The U.S. Federal Trade Commission) by sending a copy of the spam message.

Question 40

Which of the following statements are true about Public-key cryptography?

Each correct answer represents a complete solution. Choose two.

Options:

A.

The secret key can encrypt a message, and anyone with the public key can decrypt it.

B.

Data encrypted with the secret key can only be decrypted by another secret key.

C.

The distinguishing technique used in public key-private key cryptography is the use of symmetric key algorithms.

D.

Data encrypted by the public key can only be decrypted by the secret key.

Question 41

Victor is a novice Ethical Hacker. He is learning the hacking process, i.e., the steps taken by malicious hackers to perform hacking. Which of the following steps is NOT included in the hacking process?

Options:

A.

gaining access

B.

Preparation

C.

Reconnaissance

D.

Scanning

Question 42

John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He observes that the We-are-secure server is vulnerable to a special type of DoS attack and he makes the following suggestions to the security authority to protect the server from this DoS attack. The countermeasures against this type of DoS attack are as follows:

l Disabling IP-directed broadcasts at the We-are-secure router

l Configuring local computers so as not to respond to such ICMP packets that are configured to be sent to IP broadcast addresses

Which of the following DoS attacks has John discovered as a vulnerability for the We-are-secure security network?

Options:

A.

Smurf attack

B.

Jolt attack

C.

Fraggle attack

D.

Teardrop attack

Question 43

You work as a Network Security Administrator for NetPerfect Inc. The company has a Windowsbased network. You are incharge of the data and network security of the company. While performing a threat log analysis, you observe that one of the database administrators is pilfering confidential data. What type of threat is this?

Options:

A.

Malware

B.

External threat

C.

Internal threat

D.

Zombie

Question 44

Which of the following tools is used to catch someone installing a rootkit or running a packet sniffer?

Options:

A.

chkrootkit

B.

rkhunter

C.

Blue Pill

D.

OSSEC

Question 45

Which of the following technologies is used to detect unauthorized attempts to access and manipulate computer systems locally or through the Internet or an intranet?

Options:

A.

Demilitarized zone (DMZ)

B.

Intrusion detection system (IDS)

C.

Firewall

D.

Packet filtering

Question 46

Andrew works as a Forensic Investigator for PassGuide Inc. The company has a Windows-based environment. The company's employees use Microsoft Outlook Express as their e-mail client program. E-mails of some employees have been deleted due to a virus attack on the network. Andrew is therefore assigned the task to recover the deleted mails. Which of the following tools can Andrew use to accomplish the task?

Each correct answer represents a complete solution. Choose two.

Options:

A.

EventCombMT

B.

eMailTrackerPro

C.

FINALeMAIL

D.

R-mail

Question 47

Which of the following statutes is enacted in the U.S., which prohibits creditors from collecting data from applicants, such as national origin, caste, religion etc?

Options:

A.

The Equal Credit Opportunity Act (ECOA)

B.

The Fair Credit Reporting Act (FCRA)

C.

The Privacy Act

D.

The Electronic Communications Privacy Act

Question 48

Which of the following statutes is enacted in the U.S., which prohibits creditors from collecting data from applicants, such as national origin, caste, religion etc?

Options:

A.

The Equal Credit Opportunity Act (ECOA)

B.

The Privacy Act

C.

The Fair Credit Reporting Act (FCRA)

D.

The Electronic Communications Privacy Act

Question 49

According to the case study, the departmental stores can dial in to distribution center computers to query their order status. Which protocol should they use to provide the highest level of security?

(Click the Exhibit button on the toolbar to see the case study.)

Options:

A.

EAP

B.

MS-CHAP version 2

C.

MS-CHAP

D.

Basic Authentication

E.

PAP

Question 50

Which of the following proxy servers is placed anonymously between the client and remote server and handles all of the traffic from the client?

Options:

A.

Web proxy server

B.

Caching proxy server

C.

Open proxy server

D.

Forced proxy server

Demo: 50 questions
Total 337 questions