Eccouncil ECSS EC-Council Certified Security Specialist (ECSSv10) Exam Practice Test

Page: 1 / 14
Total 100 questions
Question 1

Bob. a network specialist in an organization, is attempting to identify malicious activities in the network. In this process. Bob analyzed specific data that provided him a summary of a conversation between two network devices, including a source IP and source port, a destination IP and destination port, the duration of the conversation, and the information shared during the conversation.

Which of the following types of network-based evidence was collected by Bob in the above scenario?



Answer : C

In the scenario described, Bob collected data that summarizes a conversation between two network devices. This type of data typically includes the source and destination IP addresses and ports, the duration of the conversation, and the information exchanged during the session. This aligns with the definition of session data, which is a type of network-based evidence that provides an overview of communication sessions between devices without including the actual content of the data packets.


Question 2

Sam is a hacker who decided to damage the reputation of an organization. He started collecting information about the organization using social engineering techniques. Sam aims to gather critical information such as admin passwords and OS versions to plan for an attack.

Identify the target employee in the organization from whom Sam can gather the required information.



Answer : C

Social engineering attacks exploit human psychology to manipulate individuals into divulging sensitive information or performing actions that compromise security. In Sam's case, he aims to gather critical information about the organization using social engineering techniques.

System administrators are prime targets for social engineering attacks due to their privileged access and knowledge of the organization's infrastructure. They often have access to admin passwords, OS versions, and other critical information. By targeting system administrators, Sam can gather the required details to plan his attack effectively.


EC-Council Certified Security Specialist (E|CSS) course materials and study guide1.

EC-Council's focus on social engineering concepts and techniques in its training programs2.

Question 3

Bob, a security professional, was recruited by an organization to ensure that application services are being delivered as expected without any delay. To achieve this. Bob decided to maintain different backup servers for the same resources so that if one backup system fails, another will serve the purpose.

Identify the IA principle employed by Bob in the above scenario.



Answer : D

In the given scenario, Bob's decision to maintain different backup servers for the same resources demonstrates the principle ofavailability. By having redundant backup systems, Bob ensures that the services remain accessible even if one system fails.


Question 4

Mark, a network administrator in an organization, was assigned the task of preventing data from falling into the wrong hands. In this process, Mark implemented authentication techniques and performed full memory encryption for the data stored on RAM.

In which of the following states has Steve encrypted the data in the above scenario?



Answer : C

Mark implemented full memory encryption for the data stored in RAM. This means that the data is encrypted while it is actively being used by the system (e.g., during processing, execution, or manipulation). Data in use refers to the state when data resides in memory and is accessible by running processes. By encrypting data in use, Mark ensures that even if an attacker gains access to the system's memory, they won't be able to read sensitive information directly.


EC-Council Certified Encryption Specialist (E|CES) documents and study guide1.

EC-Council Certified Encryption Specialist (E|CES) course materials2.

Question 5

Below is the syntax of a command-line utility that displays active TCP connections and ports on which the computer is listening.

netstat [ a] [e] [-nJ [-o] [ p Protocol] [-r] [-s] [interval]

Identify the netstat parameter that displays active TCP connections and includes the process ID (PID) for each connection.



Answer : B

Thenetstatparameter that displays active TCP connections and includes theprocess ID (PID)for each connection is[-O]. When you use this option, netstat will show the associated process ID (PID) for each active connection.


EC-Council Certified Security Specialist (E|CSS) documents and study guide.

EC-Council Certified Security Specialist (E|CSS) course materials12

Question 6

Jacob, a network defender in an organization, was instructed to improve the physical security measures to prevent unauthorized intrusion attempts. In this process, Jacob implemented certain physical security controls by using warning messages and signs that notify legal consequences to discourage hackers from making intrusion attempts.

Which of the following type of physical security controls has Jacob implemented in the above scenario?



Question 7

Which of the following layers of the loT architecture is responsible for delivering services to respective users from different sectors such as building, industrial, manufacturing, automobile, security, and healthcare?



Answer : C

Theapplication layerin IoT architecture is responsible for delivering services to respective users from different sectors such as building, industrial, manufacturing, automobile, security, and healthcare. It provides the user interfaces and applications that interact with IoT devices and systems.


Page:    1 / 14   
Total 100 questions