ECSS Exam Questions

You work as a Security Administrator for DataSoft Inc. The company has a Windows-based network. You have been assigned a project to strengthen the system security and also to provi...

You enter the following URL on your Web browser: af../windows/system32/cmd.exe?/c+dir+c:\ What kind of attack are you performing?

Which of the following tools automates the password guessing in NetBIOS sessions and can also be used to perform a manual dictionary attack?

RRD Job World wants to upgrade its network. The company decides to implement a TCP/IP-based network. According to the case study, RRD Job World is concerned about security. Which o...

You work as a security manager in Mariotiss Inc. Your enterprise has been facing network and software security threats since a few months. You want to renew your current security p...

A chkrootkit is a toolkit that checks whether a rootkit is installed in the Linux operating system or not. Which of the following tools are contained in chkrootkit?

Which of the following is the correct order of digital investigations Standard Operating Procedure (SOP)?

Alice wants to prove her identity to Bob. Bob requests her password as proof of identity, which Alice dutifully provides (possibly after some transformation like a hash function);...

According to the Sophos Security Threat Report 2009, which country amongst the following tops in producing spam (unwanted e-mails)?

Which of the following viruses/worms uses the buffer overflow attack?

Which of the following proxy servers is placed anonymously between the client and remote server and handles all of the traffic from the client?

John works as a professional Ethical Hacker for SecureEnet Inc. The company has a Windowsbased network. All client computers run on Windows XP. A project has been assigned to John...

Which of the following attacks is used by attackers to access a company's internal network through its remote access system?

Which of the following Trojans is used by attackers to modify the Web browser settings?

Which of the following user authentications are supported by the SSH-1 protocol but not by the SSH- 2 protocol? Each correct answer represents a complete solution. Choose all that...

Which of the following attacks is a man-in-the-middle exploit where a third party can gain HTTPS cookie data?

Which of the following is an example of a low-interaction production honeypot that is developed and sold by the Swiss company Netsec?

Cola Co. manufactures, markets, sells, and distributes non-alcoholic potables such as Lemcaa and Thunder Up under its brand name Cola and uses green and red logo. Mola Co., a new c...

You work as a Network Security Analyzer. You got a suspicious email while working on a forensic project. Now, you want to know the IP address of the sender so that you can analyze...

Peter works as a Technical Representative in a CSIRT for SecureEnet Inc. His team is called to investigate the computer of an employee, who is suspected for classified data theft....

Which of the following organizations is dedicated to computer security research and information sharing?

Rick works as a Computer Forensic Investigator for BlueWells Inc. He has been informed that some confidential information is being leaked out by an employee of the company. Rick su...

John works as a Desktop Technician for NetPerfect Inc. The company has a Windows-based network. For the last few days, the network of the company has become prone to the Man-in-the...

Which of the following statements correctly defines a script kiddie?

After upgrading the network, as discussed in the case study, the IT manager decides to implement centralized administration between five of its distribution centers and departmenta...

Which of the following is allowed by a company to be addressed directly from the public network and is hardened to screen the rest of its network from security exposure?

Which of the following types of authentication messages are supported by the TACACS+ protocol by default? Each correct answer represents a complete solution. Choose all that apply.

Which of the following malware spread through the Internet and caused a large DoS attack in 1988?

According to the case study, the departmental stores can dial in to distribution center computers to query their order status. Which protocol should they use to provide the highest...

Which of the following DoS attacks attempts to block service or reduce activity on a host by sending ping requests directly to the victim?

Fill in the blank with the appropriate layer name of the OSI model. Secure Socket Layer (SSL) operates at the________ layer of the OSI model.

You have just set up a wireless network for customers at a coffee shop. Which of the following are good security measures to implement? Each correct answer represents a complete so...

Andrew works as a Forensic Investigator for Company Inc. The company has a Windows-based environment. The company's employees use Microsoft Outlook Express as their e-mail client p...

Maria works as a professional Ethical Hacker. She recently has been assigned a project to test the infrastructure of its network: - Network diagrams of the we-are-secure infrastruc...

Which of the following statutes is enacted in the U.S., which prohibits creditors from collecting data from applicants, such as national origin, caste, religion etc?

Who among the following are security experts who specialize in penetration testing and other testing methodologies to ensure that their company's information systems are secure? Ea...

You work as a Network Security Analyzer. You got a suspicious email while working on a forensic project. Now, you want to know the IP address of the sender so that you can analyze...

Which of the following is the first computer virus that was used to infect the boot sector of storage media formatted with the DOS File Allocation Table (FAT) file system?

RRD Job World wants to upgrade its network. The company decides to implement a TCP/IP-based network. According to the case study, RRD Job World is concerned about security. Which o...

You are a professional Computer Hacking forensic investigator. You have been called to collect the evidences of Buffer Overflows or Cookie snooping attack. Which of the following l...

Which two security components should you implement on the sales personnel portable computers to increase security? (Click the Exhibit button on the toolbar to see the case study.)...

You work as a Network Administrator for Infonet Inc. The company's office has a wireless network. Wireless access point on the network works as a router and DHCP server. You want t...

Which of the following Trojans is used by attackers to modify the Web browser settings?

Peter works as a professional Computer Hacking Forensic Investigator for eLaw-Suit law firm. He is working on a case of a cyber crime. Peter knows that the good investigative repor...

You work as a security manager in Mariotiss Inc. Your enterprise has been facing network and software security threats since a few months. You want to renew your current security p...

You work as a Network Administrator for Infonet Inc. The company's network is connected to the keep the Web server separate from other servers on the network. Where will you place...

Which of the following DoS attacks attempts to block service or reduce activity on a host by sending ping requests directly to the victim?

Which of the following parameters are required to be followed on receiving a suspicious mail according to the Department of Justice? Each correct answer represents a part of the so...

Which of the following is a valid IP address for class B Networks?

Which of the following two cryptography methods are used by NTFS Encrypting File System (EFS) to encrypt the data stored on a disk on a file-by-file basis?