ECSS Exam Details

  • Exam Code
    :ECSS
  • Exam Name
    :EC-Council Certified Security Specialist (ECSS) v10
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :337 Q&As
  • Last Updated
    :Jul 08, 2026

EC-COUNCIL ECSS Online Questions & Answers

  • Question 251:

    John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He has successfully completed the following pre-attack phases while testing the security of the server:

    ꞏ Footprinting

    ꞏ Scanning

    Now he wants to conduct the enumeration phase. Which of the following tools can John use to conduct it?

    Each correct answer represents a complete solution. Choose all that apply.

    A. PsFile
    B. UserInfo
    C. PsPasswd
    D. WinSSLMiM

  • Question 252:

    You enter the following URL on your Web browser:

    http://www.we-are-secure.com/scripts/..%co%af../..%co%

    af../windows/system32/cmd.exe?/c+dir+c:\

    What kind of attack are you performing?

    A. Session hijacking
    B. Directory traversal
    C. URL obfuscating
    D. Replay

  • Question 253:

    Maria works as the Chief Security Officer for PassGuide Inc. She wants to send secret messages to the CEO of the company. To secure these messages, she uses a technique of hiding a secret message within an ordinary message. The technique provides 'security through obscurity'. What technique is Maria using?

    A. Steganography
    B. Public-key cryptography
    C. Encryption
    D. RSA algorithm

  • Question 254:

    You work as a Network Administrator for Tech Perfect Inc. The company has a Windows Active Directory-based single domain single forest network. The functional level of the forest is Windows Server 2003. The company has recently provided fifty laptops to its sales team members. You are required to configure an 802.11 wireless network for the laptops. The sales team members must be able to use their data placed at a server in a cabled network. The planned network should be able to handle the threat of unauthorized access and data interception by an unauthorized user.

    You are also required to prevent the sales team members from communicating directly to one another. Which of the following actions will you take to accomplish the task?

    Each correct answer represents a complete solution. Choose all that apply.

    A. Configure the wireless network to use WEP encryption for the data transmitted over a wireless network.
    B. Using group policies, configure the network to allow the wireless computers to connect to the ad hoc networks only.
    C. Implement the open system authentication for the wireless network.
    D. Using group policies, configure the network to allow the wireless computers to connect to the infrastructure networks only.
    E. Implement the IEEE 802.1X authentication for the wireless network.

  • Question 255:

    Which of the following statements correctly defines a script kiddie?

    A. He is an individual who breaks communication systems to perform hacking.
    B. He is an individual who has lost respect and integrity as an employee in any organization.
    C. He is an individual who uses hacking programs developed by others to attack information systems and spoil websites.
    D. He is an individual who is an expert in various computer fields such as operating systems, networking, hardware, software, etc. and enjoys the mental challenge of decoding computer programs, solving network vulnerabilities and security threats, etc

  • Question 256:

    You work as a Network Administrator for Tech Perfect Inc. The company has a Windows Server 2008 network environment. The network is configured as a Windows Active Directory-based single forest domain-based network. The company has recently provided fifty laptops to its sales team members. You are required to configure an 802.11 wireless network for the laptops. The sales team members must be able to use their data placed at a server in a cabled network. The planned network should be able to handle the threat of unauthorized access and data interception by an unauthorized user. You are also required to prevent the sales team members from communicating directly to one another. Which of the following actions will you perform to accomplish the task?

    Each correct answer represents a complete solution. Choose all that apply.

    A. Implement the open system authentication for the wireless network.
    B. Implement the IEEE 802.1X authentication for the wireless network.
    C. Configure the wireless network to use WEP encryption for the data transmitted over a wireless network.
    D. Using group policies, configure the network to allow the wireless computers to connect to the infrastructure networks only.
    E. Using group policies, configure the network to allow the wireless computers to connect to the ad hoc networks only.

  • Question 257:

    Maria works as a Desktop Technician for PassGuide Inc. She has received an e-mail from the MN

    Compensation Office with the following message:

    If Maria replies to this mail, which of the following attacks may she become vulnerable to?

    Dear Sir/Madam,

    My name is Edgar Rena, the director of compensation here at the MN Compensation Office in

    Chicago. We receive so many complaints about fraudulent activities that have been taking place in your region for the past few years. Due to the high volume loss of money, the MN compensation department has had an agreement with the

    appropriate authority to compensate each victim with a sum of USD$500,000.00.

    You were selected among the list of people to be paid this sum. To avoid any imperative mood by intending scammers, your payment has been transmuted into an International bank draft which can be cashed at any local bank in your

    country.

    Please fill the below details and send it to our secretary for your compensation bank draft.

    Full name: ______

    Address:______

    Tel:______

    Fill and Send to:______

    Dr. Michael Brown

    MN Compensation Office, IL

    Tel: +1-866-233-8434

    Email: [email protected]

    Further instructions shall be given to you by our secretary as soon as you contact him. To avoid losing your compensation, you are requested to pay the sum of $350 for Insurance Premium to our secretary.

    Thanks and God bless.

    Rate now:

    A. Phishing attack
    B. SYN attack
    C. CookieMonster attack
    D. Mail bombing

  • Question 258:

    A chkrootkit is a toolkit that checks whether a rootkit is installed in the Linux operating system or not. Which of the following tools are contained in chkrootkit?

    A. chkproc.c
    B. chklastlog.c
    C. chkdsk
    D. ifpromisc.c
    E. chkwtmp.c

  • Question 259:

    Which two technologies should research groups use for secure VPN access while traveling?

    (Click the Exhibit button on the toolbar to see the case study.)

    Each correct answer represents a complete solution. Choose two.

    A. SSL
    B. Kerberos authentication
    C. PPTP
    D. Smart cards
    E. Encrypting File System (EFS)

  • Question 260:

    Which of the following DOS commands is used to configure network protocols?

    A. netstat
    B. netsvc
    C. netsh
    D. ipconfig

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your ECSS exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.