ExamGecko
Search Search Login
Home Home / ECCouncil / ECSS

ECCouncil ECSS Practice Test - Questions Answers, Page 5

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A disk drive has 16.384 cylinders, 80 heads, and 63 sectors per track, and each sector can store 512 bytes of data. What is the total size of the disk?
Peter, a network defender, was instructed to protect the corporate network from unauthorized access. To achieve this, he employed a security solution for wireless communication that uses dragonfly key exchange for authentication, which is the strongest encryption algorithm that protects the network from dictionary and key recovery attacks. Identify the wireless encryption technology implemented in the security solution selected by Peter in the above scenario.
Jay, a network administrator, was monitoring traffic flowing through an IDS. Unexpectedly, he received an event triggered as an alarm, although there is no active attack in progress. Identify the type of IDS alert Jay has received in the above scenario.
Bob, a security professional, was recruited by an organization to ensure that application services are being delivered as expected without any delay. To achieve this. Bob decided to maintain different backup servers for the same resources so that if one backup system fails, another will serve the purpose. Identify the IA principle employed by Bob in the above scenario.
Identify the backup mechanism that is performed within the organization using external devices such as hard disks and requires human interaction to perform the backup operations, thus, making it suspect able to theft or natural disasters.
Which of the following MAC forensic data components saves file information and related events using a token with a binary structure?
Below is an extracted Apache error log entry. '(Wed Aug 28 13:35:38.878945 2020] (core:error] (pid 12356:tid 8689896234] (client 10.0.0.8] File not found: /images/folder/pic.jpg' Identify the element in the Apache error log entry above that represents the IP address from which the request was made.
A system that a cybercriminal was suspected to have used for performing an anti-social activity through the Tor browser. James reviewed the active network connections established using specific ports via Tor. Which of the following port numbers does Tor use for establishing a connection via Tor nodes?
Kevin, an attacker, is attempting to compromise a cloud server. In this process, Kevin intercepted the SOAP messages transmitted between a user and the server, manipulated the body of the message, and then redirected it to the server as a legitimate user to gain access and run malicious code on the cloud server. Identify the attack initiated by Kevin on the target cloud server.
Which of the following environmental controls options saves the hardware from humidity and heat, increases hardware performance, and maintains consistent room temperature?

Question 41

Report
Export
Collapse

Jennifer, a forensics investigation team member, was inspecting a compromised system. After gathering all the evidence related to the compromised system, she disconnected the system from the network to stop the spread of the incident to other systems.

Identify the role played by Jennifer in the forensics investigation.

A.

Evidence manager

A.

Evidence manager

Answers
B.

Expert witness

B.

Expert witness

Answers
C.

Incident responder

C.

Incident responder

Answers
D.

Incident analyzer

D.

Incident analyzer

Answers
Suggested answer: C

Explanation:

Jennifer's role as an incident responder involves handling and mitigating security incidents. In this scenario, she inspected the compromised system, gathered evidence, and disconnected it from the network to prevent further spread. Incident responders take immediate action to contain and manage security incidents.

Question 42

Report
Export
Collapse

Mary was surfing the Internet, and she wanted to hide her details and the content she was surfing over the web. She employed a proxy tool that makes his online activity untraceable.

Identify the type of proxy employed by John in the above scenario.

A.

Reverse proxy

A.

Reverse proxy

Answers
B.

Anonvmous proxy

B.

Anonvmous proxy

Answers
C.

Explicit proxy

C.

Explicit proxy

Answers
D.

SOCKS proxy

D.

SOCKS proxy

Answers
Suggested answer: B

Explanation:

Ananonymous proxyis used to hide the user's identity and make their online activity untraceable. When Mary employed this type of proxy, her details and the content she was surfing over the web became anonymous and difficult to track.

Question 43

Report
Export
Collapse

Jacob, an attacker, targeted container technology to destroy the reputation of an organization. To achieve this, he initially compromised a single container exploiting weak network defaults, overloaded the rest of the containers in the local domain, and restricted them from providing services to legitimate users.

Identify the type of attack initiated by Jacob in the above scenario.

A.

Docker registry attack

A.

Docker registry attack

Answers
B.

Cross container attack

B.

Cross container attack

Answers
C.

Container escaping attack

C.

Container escaping attack

Answers
D.

Replay attack

D.

Replay attack

Answers
Suggested answer: B

Explanation:

Jacob's attack involves compromising a single container and then affecting other containers within the local domain. This behavior aligns with across-container attack. In such an attack, an attacker exploits vulnerabilities in one container to gain access to other containers running on the same host. By overloading and restricting legitimate services, Jacob aims to disrupt the organization's operations and reputation.

EC-Council Certified Security Specialist (E|CSS) documents and study guide1.

EC-Council Certified Security Specialist (E|CSS) course materials2.

Question 44

Report
Export
Collapse

Morris, an attacker, targeted an application server to manipulate its services. He succeeded by employing input validation attacks such as XSS that exploited vulnerabilities present in the programming logic of an application. Identify the web application layer in which Morris has manipulated the programming logic.

A.

Business layer

A.

Business layer

Answers
B.

Presentation layer

B.

Presentation layer

Answers
C.

Database layer

C.

Database layer

Answers
D.

Client layer

D.

Client layer

Answers
Suggested answer: B

Explanation:

Morris exploited vulnerabilities in theprogramming logic of an applicationby employinginput validation attackssuch asXSS (Cross-Site Scripting). Thepresentation layeris responsible for handling user interfaces, rendering content, and managing interactions between users and the application. It deals with how data is presented to users and how user input is processed.By manipulating the presentation layer, Morris was able to compromise the application's security.Reference: EC-Council Certified Security Specialist (E|CSS) documents and study guide12.

Question 45

Report
Export
Collapse

Which of the following cloud computing threats arises from authentication vulnerabilities, user-provisioning and de-provisioning vulnerabilities, hypervisor vulnerabilities, unclear roles and responsibilities, and misconfigurations?

A.

Supply-chain failure

A.

Supply-chain failure

Answers
B.

Isolation failure

B.

Isolation failure

Answers
C.

Subpoena and e discovery

C.

Subpoena and e discovery

Answers
D.

Privilege escalation

D.

Privilege escalation

Answers
Suggested answer: D

Explanation:

The cloud computing threat described in the question arises from various vulnerabilities and misconfigurations related to authentication, user provisioning, hypervisors, and roles.Privilege escalationoccurs when an attacker gains more privileges than initially acquired. In this context, it refers to unauthorized elevation of access rights within a cloud environment.The mentioned vulnerabilities contribute to this risk, allowing an attacker to escalate their privileges beyond what is intended.Reference: EC-Council Certified Security Specialist (E|CSS) documents and study guide12.

Question 46

Report
Export
Collapse

John, a professional penetration tester, was hired by an organization for conducting a penetration test on their IT infrastructure. He was assigned the task of identifying risks, rather than finding vulnerabilities. In this process, he defined the goal before initiating the penetration test and performed multiple parallel processes to achieve the goal.

Identify the type of penetration assessment performed by John in the above scenario.

A.

Red team oriented penetration testing approach

A.

Red team oriented penetration testing approach

Answers
B.

Objective-oriented penetration testing approach

B.

Objective-oriented penetration testing approach

Answers
C.

Adversarial goal based assessment

C.

Adversarial goal based assessment

Answers
D.

Compliance oriented penetration testing approach

D.

Compliance oriented penetration testing approach

Answers
Suggested answer: B

Explanation:

In the scenario described, John's approach aligns withobjective-oriented penetration testing. In this method, the tester defines specific goals or objectives before initiating the penetration test. The focus is on identifying risks related to achieving those objectives rather than merely finding vulnerabilities. By performing multiple parallel processes to achieve the defined goal, John is following an objective-oriented approach.

https://www.synopsys.com/glossary/what-is-red-teaming.html

Question 47

Report
Export
Collapse

Steve, a professional pen tester, was hired by an organization to assess its cybersecurity. The organization provided Steve with details such as network topology documents, asset inventory, and valuation information. This information helped Steve complete the penetration test successfully, and he provided a snapshot of the organization's current security posture.

Identify the penetration testing strategy followed by Steve in the above scenario.

A.

White-box testing

A.

White-box testing

Answers
B.

Goal oriented penetration testing

B.

Goal oriented penetration testing

Answers
C.

Black box testing

C.

Black box testing

Answers
D.

Grey box testing

D.

Grey box testing

Answers
Suggested answer: A

Explanation:

In the scenario described, Steve is provided with comprehensive information about the organization's network, including topology documents, asset inventory, and valuation information.This approach is indicative ofwhite-box testing, which is a penetration testing strategy where the tester has full knowledge of the system being tested12.

White-box testing allows for a thorough examination of the internal workings of the system, as the tester has access to all information, including source code, architecture diagrams, and other documentation.This level of access enables the tester to perform a more detailed and complete security assessment, as opposed to black-box testing, where the tester has no prior knowledge of the system, or grey-box testing, which is a combination of both white and black-box testing methods12.

In this case, Steve's ability to provide a snapshot of the organization's current security posture is greatly enhanced by the detailed information provided to him, which is a hallmark of the white-box testing methodology.

Question 48

Report
Export
Collapse

A type of malware allows an attacker to trick the target entity into performing a predefined action, and upon its activation, it grants the attacker unrestricted access to all the data stored on the compromised system.

Which of the following is this type of malware?

A.

Key log ger

A.

Key log ger

Answers
B.

Botnet

B.

Botnet

Answers
C.

Worm

C.

Worm

Answers
D.

Trojan

D.

Trojan

Answers
Suggested answer: D

Explanation:

ATrojan(short for ''Trojan horse'') is one of the most insidious types of malware. Trojans disguise themselves as legitimate software programs, such as a game or utility, while secretly damaging the host device. Unlike viruses and worms, Trojans mainly use social engineering techniques to replicate themselves, fooling victims into downloading and installing them.

EC-Council Certified Security Specialist (E|CSS) course materials and study guide12.

Question 49

Report
Export
Collapse

Michael is an attacker who aims to hack Bob's system. He started collecting data without any active interaction with Bob's system. Using this technique. Michael can extract sensitive information from unencrypted data.

Identify the class of attack Michael has launched in the above scenario.

A.

Ac live attack

A.

Ac live attack

Answers
B.

Insider attack

B.

Insider attack

Answers
C.

Close in attack

C.

Close in attack

Answers
D.

Passive attack

D.

Passive attack

Answers
Suggested answer: D

Explanation:

In apassive attack, the attacker observes or collects information without actively interacting with the target system. Michael's action of collecting data from Bob's system without any active interaction falls under this category. Passive attacks aim to extract sensitive information without altering the system's state or causing any disruption.

Question 50

Report
Export
Collapse

Which of the following layers of the loT architecture is responsible for delivering services to respective users from different sectors such as building, industrial, manufacturing, automobile, security, and healthcare?

A.

Middleware layer

A.

Middleware layer

Answers
B.

Access gateway layer

B.

Access gateway layer

Answers
C.

Application layer

C.

Application layer

Answers
D.

Edge technology layer

D.

Edge technology layer

Answers
Suggested answer: C

Explanation:

Theapplication layerin IoT architecture is responsible for delivering services to respective users from different sectors such as building, industrial, manufacturing, automobile, security, and healthcare. It provides the user interfaces and applications that interact with IoT devices and systems.

Total 100 questions
Go to page: of 10
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms