ECSS Exam Details

  • Exam Code
    :ECSS
  • Exam Name
    :EC-Council Certified Security Specialist (ECSS) v10
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :337 Q&As
  • Last Updated
    :Jul 08, 2026

EC-COUNCIL ECSS Online Questions & Answers

  • Question 91:

    You work as a security manager in Mariotiss Inc. Your enterprise has been facing network and software security threats since a few months. You want to renew your current security policies and management to enhance the safety of your information systems. Which of the following is the best practice to initiate the renewal process from the lowest level with the least managerial effort?

    A. Change the entire security policy.
    B. Switch to a new network infrastructure.
    C. Start the Incident handling process.
    D. Perform an IT audit.

  • Question 92:

    In a complex network, Router transfers data packets by observing some form of parameters or metrics provided in the routing table. Which of the following metrics is NOT included in the routing table?

    A. Bandwidth
    B. Delay
    C. Load
    D. Frequency

  • Question 93:

    You are a professional Computer Hacking forensic investigator. You have been called to collect the evidences of Buffer Overflows or Cookie snooping attack. Which of the following logs will you review to accomplish the task? Each correct answer represents a complete solution. Choose all that apply.

    A. Web server logs
    B. Event logs
    C. System logs
    D. Program logs

  • Question 94:

    Which of the following cryptographic system services ensures that information will not be disclosed to any unauthorized person on a local network?

    A. Confidentiality
    B. Authentication
    C. Integrity
    D. Non-repudiation

  • Question 95:

    According to the Sophos Security Threat Report 2009, which country amongst the following tops in producing spam (unwanted e-mails)?

    A. Russia
    B. United States
    C. China
    D. Turkey

  • Question 96:

    Which of the following statements explains the dumpster diving hacking technique?

    A. This is an information gathering technique in which the attacker runs a software program to automatically call thousands of telephone numbers to find out a victim who has attached a modem to the Internet.
    B. This is an information gathering technique in which an attacker rummages through all the discarded waste-papers in the victim's trash.
    C. This is an information gathering technique in which the attacker calls the help center of the organization and asks someone to reset a password.
    D. This is an information gathering technique in which the attacker injects a Trojan in the victim's computer.

  • Question 97:

    You work as a Network Security Analyzer. You got a suspicious email while working on a forensic project. Now, you want to know the IP address of the sender so that you can analyze various information such as the actual location, domain information, operating system being used, contact information, etc. of the email sender with the help of various tools and resources. You also want to check whether this email is fake or real. You know that analysis of email headers is a good starting point in such cases. The email header of the suspicious email is given below:

    What is the IP address of the sender of this email?

    A. 209.191.91.180
    B. 141.1.1.1
    C. 172.16.10.90
    D. 216.168.54.25

  • Question 98:

    You work as a computer operator for BlueWells Inc. The company has a Windows-based network.

    You find out that someone has manipulated your email account, as some of your mails have been deleted. You suspect that your password has been hacked by someone. You inform about this to Mark, who is a Security Administrator. After diagnosing your system, Mark finds a log file that contains lots of text including username and password. Mark tells you that someone has installed software on your system that is recording all the keyboard strokes in a predefined log file. Which of the following software is Mark discussing about?

    A. Spyware
    B. Keylogger
    C. Anti-Virus
    D. Adware

  • Question 99:

    Which of the following can be used to perform session hijacking?

    Each correct answer represents a complete solution. Choose all that apply.

    A. ARP spoofing
    B. Cross-site scripting
    C. Session fixation
    D. Session sidejacking

  • Question 100:

    John works as a professional Ethical Hacker. He is assigned a project to test the security of www.we-are-secure.com. He is working on the Linux operating system. He wants to sniff the weare- secure network and intercept a conversation between two employees of the company through session hijacking. Which of the following tools will John use to accomplish the task?

    A. Ethercap
    B. Tripwire
    C. IPChains
    D. Hunt

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your ECSS exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.