EC-COUNCIL ECSS Online Practice Questions and Exam Preparation

EC-COUNCIL ECSS Online Questions & Answers

• Question 1:

  John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. John notices that the We-are-secure network is vulnerable to a man-in-the-middle attack since the key exchange process of the cryptographic algorithm it is using does not authenticate participants. Which of the following cryptographic algorithms is being used by the We-are-secure server?

  A. RSA
  B. Twofish
  C. Blowfish
  D. Diffie-Hellman
  D. Diffie-Hellman

• Question 2:

  Jason, a cybercriminal, sells illegal articles on the Internet. Which of the following activities is Jason involved in?

  A. Cyberstalking
  B. Cyberterrorism
  C. Cybertrespass
  D. Internet pharmacies
  D. Internet pharmacies

• Question 3:

  An attacker wants to launch an attack on a wired Ethernet. He wants to accomplish the following tasks:

  ꞏ Sniff data frames on a local area network.

  ꞏ Modify the network traffic.

  ꞏ Stop the network traffic frequently.

  Which of the following techniques will the attacker use to accomplish the task?

  A. ARP spoofing
  B. IP spoofing
  C. Eavesdropping
  D. Session hijacking
  A. ARP spoofing

• Question 4:

  You work as a system administrator for BlueSkwer.com. You have just finished installing and configuring a new laptop for the CEO. The laptop has Windows 7 operating system. You have just deployed a secure wireless network in the company. Alex, the CEO, wants you to connect his laptop to the wireless network. What will you open to start the process of connecting to a wireless network?

  A. Network and Sharing Center
  B. Appearance and Personalization
  C. System and Security
  D. Devices and Printers
  A. Network and Sharing Center

• Question 5:

  You have been assigned the job of configuring wireless networks for a large company. The security of these networks is of great importance. One of the tools that you can use for applying security is Wireless Transport Layer Security (WTLS). What are the goals of using this tool?

  Each correct answer represents a complete solution. Choose all that apply.

  A. To provide authentication between the two end points
  B. To provide data integrity
  C. To provide privacy for the two end users
  D. To provide data availability
  A. To provide authentication between the two end points
  B. To provide data integrity
  C. To provide privacy for the two end users

• Question 6:

  You work as a computer operator for BlueWells Inc. The company has a Windows-based network.

  You find out that someone has manipulated your email account, as some of your mails have been deleted. You suspect that your password has been hacked by someone. You inform about this to Mark, who is a Security Administrator. After diagnosing your system, Mark finds a log file that contains lots of text including username and password. Mark tells you that someone has installed software on your system that is recording all the keyboard strokes in a predefined log file. Which of the following software is Mark discussing about?

  A. Spyware
  B. Keylogger
  C. Anti-Virus
  D. Adware
  B. Keylogger

• Question 7:

  Adam, a novice Web user is getting large amount of unsolicited commercial emails on his email address. He suspects that the emails he is receiving are the Spam. Which of the following steps will he take to stop the Spam? Each correct answer represents a complete solution. Choose all that apply.

  A. Forward a copy of the spam to the ISP to make the ISP conscious of the spam.
  B. Send an email to the domain administrator responsible for the initiating IP address.
  C. Close existing email account and open new email account.
  D. Report the incident to the FTC (The U.S. Federal Trade Commission) by sending a copy of the spam message.
  A. Forward a copy of the spam to the ISP to make the ISP conscious of the spam.
  D. Report the incident to the FTC (The U.S. Federal Trade Commission) by sending a copy of the spam message.

• Question 8:

  Which of the following are the types of DOS commands?

  Each correct answer represents a complete solution. Choose all that apply.

  A. Direct commands
  B. Internal commands
  C. Active commands
  D. External commands
  B. Internal commands
  D. External commands

• Question 9:

  Mark has been assigned a project to configure a wireless network for a company. The network should contain a Windows 2003 server and 30 Windows XP client computers. Mark has a single dedicated Internet connection that has to be shared among all the client computers and the server. The configuration needs to be done in a manner that the server should act as a proxy server for the client computers. Which of the following programs can Mark use to fulfill this requirement?

  A. Microsoft Internet Security and Acceleration Server (ISA)
  B. Wingate
  C. SOCKS
  D. Sniffer
  B. Wingate

• Question 10:

  John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He performs Web vulnerability scanning on the We-are-secure server. The output of the scanning test is as follows:

  A. This vulnerability helps in a cross site scripting attack.
  B. 'Printenv' vulnerability maintains a log file of user activities on the Website, which may be useful for the attacker.
  C. With the help of 'printenv' vulnerability, an attacker can input specially crafted links and/or other malicious scripts.
  D. The countermeasure to 'printenv' vulnerability is to remove the CGI script.
  A. This vulnerability helps in a cross site scripting attack.
  C. With the help of 'printenv' vulnerability, an attacker can input specially crafted links and/or other malicious scripts.
  D. The countermeasure to 'printenv' vulnerability is to remove the CGI script.