Eccouncil ECSS EC-Council Certified Security Specialist (ECSSv10) Exam Practice Test

Page: 1 / 14
Total 100 questions
Question 1

Kalley, a network administrator of an organization, has installed a traffic monitoring system to capture and report suspicious traffic signatures. In this process, she detects traffic containing password cracking, sniffing, and brute-forcing attempts.

Which of the following categories of suspicious traffic signature were identified by Kalley through the installed monitoring system?



Answer : C

Kalley identifiedunauthorized access signaturesthrough the installed traffic monitoring system. These signatures correspond to activities such aspassword cracking,sniffing, andbrute-forcing attempts.Unauthorized access attempts are a critical security concern, as they may indicate potential security breaches or malicious activity.Reference: EC-Council Certified Security Specialist (E|CSS) documents and study guide12.


Question 2

Jennifer, a forensics investigation team member, was inspecting a compromised system. After gathering all the evidence related to the compromised system, she disconnected the system from the network to stop the spread of the incident to other systems.

Identify the role played by Jennifer in the forensics investigation.



Answer : C

Jennifer's role as an incident responder involves handling and mitigating security incidents. In this scenario, she inspected the compromised system, gathered evidence, and disconnected it from the network to prevent further spread. Incident responders take immediate action to contain and manage security incidents.


Question 3

A disk drive has 16.384 cylinders, 80 heads, and 63 sectors per track, and each sector can store 512 bytes of data. What is the total size of the disk?



Answer : B

Sectors per Cylinder: Multiply heads * sectors per track: 80 * 63 = 5040 sectors/cylinder

Bytes per Cylinder: Multiply sectors per cylinder * bytes per sector: 5040 * 512 = 2,580,480 bytes/cylinder

Total Bytes: Multiply bytes per cylinder * total cylinders: 2,580,480 * 16,384 = 42,278,584,320 bytes

Explanation

To find the total disk size, we need to calculate the storage capacity per cylinder and then multiply that by the total number of cylinders.


Question 4

James, a forensic specialist, was appointed to investigate an incident in an organization. As part of the investigation, James is attempting to identify whether any external storage devices are connected to the internal systems. For this purpose, he employed a utility to capture the list of all devices connected to the local machine and removed suspicious devices.

Identify the tool employed by James in the above scenario.



Answer : B

In the given scenario, James employed theDriveLetterViewutility to capture the list of all devices connected to the local machine. DriveLetterView is a tool that displays a list of drive letters assigned to drives on a computer, including external storage devices.By using this utility, James can identify any suspicious devices connected to the internal systems.Reference: EC-Council Certified Security Specialist (E|CSS) documents and study guide12.


Question 5

Martin, a hacker, aimed to crash a target system. For this purpose, he spoofed the source IP address with the target's IP address and sent many ICMP ECHO request packets to an IP broadcast network, causing all the hosts to respond to the received ICMP ECHO requests and ultimately crashing the target machine.

Identify the type of attack performed by Martin in the above scenario.



Answer : C

In the scenario described, Martin conducted a Smurf attack. This type of attack involves spoofing the source IP address with the target's IP address and sending ICMP ECHO request packets to an IP broadcast network. The broadcast network then amplifies the traffic by directing it to all hosts, which respond to the ICMP ECHO requests. This flood of responses is sent back to the spoofed source IP address, which is the target system, leading to its overload and potential crash.The Smurf attack is a type of distributed denial-of-service (DDoS) attack that exploits the vulnerabilities of the Internet Protocol (IP) and the Internet Control Message Protocol (ICMP).Reference: EC-Council Certified Security Specialist (E|CSS) course materials and documents


Question 6

An loT sensor in an organization generated an emergency alarm indicating a security breach. The servers hosted in an loT layer accepted, stored, and processed the sensor data received from loT gateways and created dashboards for monitoring, analyzing, and implementing proactive decisions to tackle the issue.

Which of the following layers in the loT architecture performed the above activities after receiving an alert from the loT sensor?



Answer : B

In the Internet of Things (IoT) architecture, theProcess layeris responsible for the activities described in the scenario.This layer employs IoT platforms to accumulate and manage all data streams, including accepting, storing, and processing sensor data received from IoT gateways1. It also involves creating dashboards for monitoring, analyzing, and implementing decisions based on the data received.

The Process layer is a critical component of IoT architecture, as it provides the necessary computing power and data management capabilities required for the effective functioning of IoT systems.It ensures that data collected by sensors is processed in a way that actionable insights can be derived and appropriate responses can be implemented in case of events like security breaches1.

The other options listed pertain to different aspects of IoT architecture:

A . Communication Layer: This layer is responsible for transferring data from devices to the network and vice versa but does not process or analyze the data.

C . Cloud Layer: While the cloud layer may be involved in data storage and processing, it is not the primary layer responsible for the activities mentioned.

D . Device Layer: This layer includes the physical devices and sensors that collect data but does not process or analyze it.

Therefore, the correct answer is B, the Process layer, as it aligns with the responsibilities of managing and processing data within the IoT architecture.


Question 7

Ben, a computer user, applied for a digital certificate. A component of PKI verifies Ben's identity using the credentials provided and passes that request on behalf of Ben to grant the digital certificate.

Which of the following PKI components verified Ben as being legitimate to receive the certificate?



Answer : D

In the context of Public Key Infrastructure (PKI), theRegistration Authority (RA)plays a crucial role in verifying the identity of individuals or entities requesting digital certificates. Here's how it works:

Ben, the computer user, applies for a digital certificate.

TheRAverifies Ben's identity using the credentials provided.

Once verified, theRAforwards the request on behalf of Ben to theCertificate Authority (CA).

TheCAthen issues the digital certificate to Ben.

Therefore, theRAis responsible for ensuring that legitimate individuals receive valid digital certificates by verifying their identity.


EC-Council Certified Security Specialist (E|CSS) documents and study guide1.

EC-Council Certified Security Specialist (E|CSS) course materials2.

Page:    1 / 14   
Total 100 questions