EC-COUNCIL ECSS Practice Exam, Provides EC-COUNCIL ECSS Study Guide Is What You Need To Take

Flydumps EC-COUNCIL ECSS exam questions and answers in PDF are prepared by our expert,Moreover,they are based on the recommended syllabus covering all the Adobe exam objectives. You will find them to be very helpful and precise in the subject matter since all the EC-COUNCIL https://www.pass4itsure.com/ECSS.html exam content is regularly updated and has been checked for accuracy by our team of Adobe expert professionals.

QUESTION 26
Jason works as a System Administrator for Passguide Inc. The company has a Windows-based network. Sam, an employee of the company, accidentally changes some of the applications and system settings. He complains to Jason that his system is not working properly. To troubleshoot the problem, Jason diagnoses the internals of his computer and observes that some changes have been made in Sam’s computer registry. To rectify the issue, Jason has to restore the registry.
Which of the following utilities can Jason use to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.
A. Reg.exe
B. Resplendent registrar
C. EventCombMT
D. Regedit.exe

Correct Answer: ABD QUESTION 27
Victor works as a professional Ethical Hacker for SecureEnet Inc. He has been assigned a job to test an image, in which some secret information is hidden, using Steganography. Victor performs the following techniques to accomplish the task:
1.
Smoothening and decreasing contrast by averaging the pixels of the area where significant color transitions occurs.

2.
Reducing noise by adjusting color and averaging pixel value.

3.
Sharpening, Rotating, Resampling, and Softening the image. Which of the following Steganography attacks is Victor using?
A. Steg-Only Attack
B. Chosen-Stego Attack
C. Active Attacks
D. Stegdetect Attack

Correct Answer: C QUESTION 28
What is the major difference between a worm and a Trojan horse?
A. A worm is self replicating, while a Trojan horse is not.
B. A worm is a form of malicious program, while a Trojan horse is a utility.
C. A worm spreads via e-mail, while a Trojan horse does not.
D. A Trojan horse is a malicious program, while a worm is an anti-virus software.

Correct Answer: A QUESTION 29
John works as a Network Security Administrator for NetPerfect Inc. The manager of the company has told John that the company’s phone bill has increased drastically. John suspects that the company’s phone system has been cracked by a malicious hacker. Which attack is used by malicious hackers to crack the phone system?
A. Sequence++ attack
B. Phreaking
C. Man-in-the-middle attack
D. War dialing

Correct Answer: B QUESTION 30
You work as a professional Computer Hacking Forensic Investigator for DataEnet Inc. You want to investigate e-mail information of an employee of the company. The suspected employee is using an online e-mail system such as Hotmail or Yahoo. Which of the following folders on the local computer will you review to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.
A. Download folder
B. History folder
C. Temporary Internet Folder
D. Cookies folder

Correct Answer: BCD QUESTION 31
John works as a Network Security Professional. He is assigned a project to test the security of www.we-are-secure.com. He is working on the Linux operating system and wants to install an Intrusion Detection System on the We-are-secure server so that he can receive alerts about any hacking attempts. Which of the following tools can John use to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.
A. Samhain
B. Tripwire
C. Snort
D. SARA

Correct Answer: AC QUESTION 32
You manage a Windows Server 2008 server named uCert1 in a domain named PassGuide.com.
uCert1 has the Web Server (IIS) role installed and hosts an intranet Web site named
PassGuideInternal.
You want to ensure that all authentication traffic to the Web site is encrypted securely without the use of

SSL. You disable Anonymous Authentication. What else should you do?

A. Enable Windows Authentication and Forms Authentication.
B. Enable Windows Authentication and Digest Authentication.
C. Enable Basic Authentication and Windows Authentication.
D. Enable Digest Authentication and Forms Authentication.

Correct Answer: B QUESTION 33
Which of the following password cracking attacks does not use any software for cracking e-mail passwords?
Each correct answer represents a complete solution. Choose all that apply.
A. Brute force attack
B. Shoulder surfing
C. Social engineering
D. Dictionary attack

Correct Answer: BC
QUESTION 34
You work as a Sales Manager for NetPerfect Inc. The company has a Windows-based network. You have to often send confidential e-mails and make online payments and purchases. You want to protect transmitted information and also to increase the security of e-mail communications. Which of the following programs or services will you use to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.
A. Anonymizer
B. John the Ripper
C. THC Hydra
D. Pretty Good Privacy (PGP)

Correct Answer: AD
QUESTION 35
The IT administrator wants to implement a stronger security policy. What are the four most important security priorities for PassGuide Software Systems Pvt. Ltd.? (Click the Exhibit button on the toolbar to see the case study.)
A. Preventing denial-of-service attacks.
B. Providing two-factor authentication.
C. Ensuring secure authentication.
D. Protecting employee data on portable computers.
E. Implementing Certificate services on Texas office.
F. Preventing unauthorized network access.
G. Providing secure communications between the overseas office and the headquarters.
H. Providing secure communications between Washington and the headquarters office.
Correct Answer: CDFG
QUESTION 36
According to the Internet Crime Report 2009, which of the following complaint categories is on the top?
A. Identity theft
B. Advanced fee fraud
C. Non-delivered merchandise/payment
D. FBI scams

Correct Answer: D
QUESTION 37
Maria works as the Chief Security Officer for PassGuide Inc. She wants to send secret messages to the CEO of the company. To secure these messages, she uses a technique of hiding a secret message within an ordinary message. The technique provides ‘security through obscurity’. What technique is Maria using?
A. Steganography
B. Public-key cryptography
C. Encryption
D. RSA algorithm

Correct Answer: A QUESTION 38
Which of the following is a documentation of guidelines that computer forensics experts use to handle evidences?
A. Incident response policy
B. Chain of custody
C. Chain of evidence
D. Evidence access policy

Correct Answer: B QUESTION 39
Peter works as a System Administrator for TechSoft Inc. The company uses Linux-based systems.
Peter’s manager suspects that someone is trying to log in to his computer in his absence. Which of the following commands will Peter run to show the last unsuccessful login attempts, as well as the users who have last logged in to the manager’s system?
Each correct answer represents a complete solution. Choose two.
A. rwho -a
B. lastb
C. last
D. pwd

Correct Answer: BC QUESTION 40
John works as a Security Administrator for NetPerfect Inc. The company uses Windows-based
systems. A project has been assigned to John to track malicious hackers and to strengthen the company’s security system. John configures a computer system to trick malicious hackers into thinking that it is the company’s main server, which in fact is a decoy system to track hackers.
Which system is John using to track the malicious hackers?
A. Honeypot
B. Intrusion Detection System (IDS)
C. Bastion host
D. Honeytokens

Correct Answer: A QUESTION 41
Which of the following can be used to perform session hijacking?
Each correct answer represents a complete solution. Choose all that apply.

A. ARP spoofing
B. Cross-site scripting
C. Session fixation
D. Session sidejacking Correct Answer: BCD
QUESTION 42
In which of the following techniques does an attacker take network traffic coming towards a host at one port and forward it from that host to another host?
A. Snooping
B. UDP port scanning
C. Port redirection
D. Firewalking

Correct Answer: C
QUESTION 43
Which of the following is used to authenticate asymmetric keys?
A. Digital signature
B. MAC Address
C. Password
D. Demilitarized zone (DMZ)

Correct Answer: A
QUESTION 44
Which of the following programs is used for bypassing normal authentication for securing remote access to a computer?
A. Worm
B. Adware
C. Backdoor
D. Spyware

Correct Answer: C
QUESTION 45
Which of the following is a name, symbol, or slogan with which a product is identified?
A. Copyright B. Trademark C. Trade secret D. Patent

Correct Answer:
QUESTION 46
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He has successfully completed the following steps of the preattack phase:
·Information gathering ·Determining network range ·Identifying active machines ·Finding open ports and applications ·OS fingerprinting ·Fingerprinting services
Now John wants to perform network mapping of the We-are-secure network. Which of the following tools can he use to accomplish his task?
Each correct answer represents a complete solution. Choose all that apply.
A. Traceroute
B. NeoTrace
C. Cheops
D. Ettercap

Correct Answer: ABC
QUESTION 47
John, a malicious hacker, forces a router to stop forwarding packets by flooding it with many open connections simultaneously so that all hosts behind it are effectively disabled. Which of the following attacks is John performing?
A. Replay attack
B. DoS attack
C. ARP spoofing
D. Rainbow attack

Correct Answer: B
QUESTION 48
Which of the following statements are correct about spoofing and session hijacking?
Each correct answer represents a complete solution. Choose all that apply.
A. Spoofing is an attack in which an attacker can spoof the IP address or other identity of the targetand the valid user cannot be active.
B. Session hijacking is an attack in which an attacker takes over the session, and the valid user’ssession is disconnected.
C. Session hijacking is an attack in which an attacker takes over the session, and the valid user’ssession is not disconnected.
D. Spoofing is an attack in which an attacker can spoof the IP address or other identity of the targetbut the valid user can be active.

Correct Answer: CD
QUESTION 49
In which of the following DoS attacks does an attacker send an ICMP packet larger than 65,536 bytes to the target system?
A. Fraggle
B. Jolt
C. Teardrop
D. Ping of death

Correct Answer: D
QUESTION 50
John works as a Professional Ethical Hacker for NetPerfect Inc. The company has a Linux-based network. All client computers are running on Red Hat 7.0 Linux. The Sales Manager of the company complains to John that his system contains an unknown package named as tar.gz and his documents are exploited. To resolve the problem, John uses a Port scanner to enquire about the open ports and finds out that the HTTP server service port on 27374 is open. He suspects that the other computers on the network are also facing the same problem. John discovers that a malicious application is using the synscan tool to randomly generate IP addresses.
Which of the following worms has attacked the computer?
A. Code red
B. Ramen
C. LoveLetter
D. Nimda

Correct Answer: B QUESTION 51
Which two technologies should research groups use for secure VPN access while traveling?
(Click the Exhibit button on the toolbar to see the case study.)
Each correct answer represents a complete solution. Choose two.

A. SSL
B. Kerberos authentication
C. PPTP
D. Smart cards
E. Encrypting File System (EFS)

Correct Answer: CD QUESTION 52
Victor wants to use Wireless Zero Configuration (WZC) to establish a wireless network connection using his computer running on Windows XP operating system. Which of the following are the most likely threats to his computer?
Each correct answer represents a complete solution. Choose two.
A. Information of probing for networks can be viewed using a wireless analyzer and may be used to gain access.
B. Attacker can use the Ping Flood DoS attack if WZC is used.
C. Attacker by creating a fake wireless network with high power antenna cause Victor’s computer to associate with his network to gain access.
D. It will not allow the configuration of encryption and MAC filtering. Sending information is not secure on wireless network.

Correct Answer: AC QUESTION 53
Which of the following uses public key cryptography to encrypt the contents of files?
A. EFS
B. DFS
C. NTFS
D. RFS

Correct Answer: A QUESTION 54
Which of the following softwares is used to perform constant monitoring of the network infrastructure?
A. Logdog
B. THCHydra
C. IPSentry
D. Cain

Correct Answer: C QUESTION 55
You work as a Network Administrator for Tech Perfect Inc. The company has a Windows Server 2008 network environment. The network is configured as a Windows Active Directory-based single forest domain-based network. The company has recently provided fifty laptops to its sales team members. You are required to configure an 802.11 wireless network for the laptops. The sales team members must be able to use their data placed at a server in a cabled network. The planned network should be able to handle the threat of unauthorized access and data interception by an unauthorized user. You are also required to prevent the sales team members from communicating directly to one another. Which of the following actions will you perform to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.
A. Implement the open system authentication for the wireless network.
B. Implement the IEEE 802.1X authentication for the wireless network.
C. Configure the wireless network to use WEP encryption for the data transmitted over a wireless network.
D. Using group policies, configure the network to allow the wireless computers to connect to the infrastructure networks only.
E. Using group policies, configure the network to allow the wireless computers to connect to the ad hoc networks only.

Correct Answer: BCD QUESTION 56
Which of the following statements are true about session hijacking?
Each correct answer represents a complete solution. Choose all that apply.

A. TCP session hijacking is when a hacker takes over a TCP session between two machines.
B. It is used to slow the working of victim’s network resources.
C. Use of a long random number or string as the session key reduces session hijacking.
D. It is the exploitation of a valid computer session to gain unauthorized access to informationor services in a computer system.

Correct Answer: ACD QUESTION 57
Which of the following Linux rootkits allows attackers to hide files, processes, and network connections? Each correct answer represents a complete solution. Choose all that apply.
A. Phalanx2
B. Adore
C. Knark
D. Beastkit

Correct Answer: BC QUESTION 58
Who among the following are security experts who specialize in penetration testing and other testing methodologies to ensure that their company’s information systems are secure?
Each correct answer represents a complete solution. Choose all that apply.
A. Black hat hackers
B. White hat hackers
C. Script Kiddies
D. Ethical hackers

Correct Answer: BD QUESTION 59
You work as a Network Administrator for ABC Inc. The company uses a secure wireless network.
John complains to you that his computer is not working properly. What type of security audit do you need to conduct to resolve the problem?
A. Independent audit
B. Operational audit
C. Non-operational audit
D. Dependent audit

Correct Answer: A QUESTION 60
Fill in the blank with the appropriate word is software that is a subcategory of malware and refers to unwanted software that performs malicious actions on a user’s computer. Some its examples are Trojan, adware, and spyware.

Correct Answer: Crimeware Exam B QUESTION 1
In a complex network, Router transfers data packets by observing some form of parameters or metrics provided in the routing table. Which of the following metrics is NOT included in the routing table?
A. Bandwidth
B. Delay
C. Load
D. Frequency

Correct Answer: D QUESTION 2
A firewall is a combination of hardware and software, used to provide security to a network. It is used to protect an internal network or intranet against unauthorized access from the Internet or other outside networks. It restricts inbound and outbound access and can analyze all traffic between an internal network and the Internet. Users can configure a firewall to pass or block packets from specific IP addresses and ports. Which of the following tools works as a firewall for the Linux 2.4 kernel?
A. Stunnel
B. IPTables
C. OpenSSH
D. IPChains

Correct Answer: B QUESTION 3
Which of the following terms is used for the process of securing a system or a device on a network infrastructure?
A. Hardening
B. Sanitization
C. Authentication
D. Cryptography

Correct Answer: A QUESTION 4
Which of the following Intrusion Detection Systems (IDS) is used to monitor rogue access points and the use of wireless attack tools?
A. Snort 2.1.0
B. WIDS
C. NFR security
D. LogIDS 1.0

Correct Answer: B QUESTION 5
Andrew, a bachelor student of Faulkner University, creates a gmail account. He uses ‘Faulkner’ as the password for the gmail account. After a few days, he starts receiving a lot of e-mails stating that his gmail account has been hacked. He also finds that some of his important mails have been deleted by someone. Which of the following methods has the attacker used to crack Andrew’s password?
Each correct answer represents a complete solution. Choose all that apply.
A. Zero-day attack
B. Social engineering
C. Rainbow attack
D. Buffer-overflow attack
E. Brute force attack
F. Dictionary-based attack
G. Denial-of-service (DoS) attack
H. Password guessing

Correct Answer: BCEFGH QUESTION 6
Which of the following software helps in protecting the computer against pop-ups, slow performance, and security threats caused by spyware and other unwanted software?
Each correct answer represents a complete solution. Choose all that apply.
A. BitDefender
B. Windows Defender
C. John the Ripper
D. THC Hydra

Correct Answer: AB QUESTION 7
A digital signature is a type of public key cryptography. Which of the following statements are true about digital signatures?
Each correct answer represents a complete solution. Choose all that apply.
A. In order to digitally sign an electronic record, a person must use his/her public key.
B. In order to verify a digital signature, the signer’s private key must be used.
C. In order to verify a digital signature, the signer’s public key must be used.
D. In order to digitally sign an electronic record, a person must use his/her private key.

Correct Answer: CD QUESTION 8
Andrew works as a Forensic Investigator for Passguide Inc. The company has a Windows-based environment. The company’s employees use Microsoft Outlook Express as their e-mail client program. E-mails of some employees have been deleted due to a virus attack on the network.
Andrew is therefore assigned the task to recover the deleted mails. Which of the following tools can Andrew use to accomplish the task?
Each correct answer represents a complete solution. Choose two.
A. FINALeMAIL
B. eMailTrackerPro
C. EventCombMT
D. R-mail

Correct Answer: AD QUESTION 9
Which of the following Incident handling process phases is responsible for defining rules, collaborating human workforce, creating a back-up plan, and testing the plans for an enterprise?
A. Eradication phase
B. Preparation phase

This is the reason why this program is highly recommended to all those students who are serious about passing out EC-COUNCIL ECSS. You will find EC-COUNCIL https://www.pass4itsure.com/ECSS.html exam which you will require when EC-COUNCIL ECSS exam you have to test your knowledge and skills. Without them you will not be able to get information about what your areas of expertise are. It has been seen that students are feeling quite at home in presence of EC-COUNCIL ECSS exam as they provide them a chance to take a sigh of relief and they need not to spend hours in their studies for the certification. A great number of candidates for Exam have already been benefited themselves with the amazing study material of questions EC-COUNCIL ECSS study materials.

EC-COUNCIL ECSS Guide Provider, Free EC-COUNCIL ECSS Practice Test Are The Best Materials

Flydumps provides you with the most reliable practice exams to master EC-COUNCIL ECSS Certification. Our Microsoft questions and answers are certified by the senior lecturer and experienced technical experts in the Microsoft field. These EC-COUNCIL https://www.pass4itsure.com/ECSS.html test questions provide you with the experience of taking the actual test.

QUESTION 1
Firewalking is a technique that can be used to gather information about a remote network protected by a firewall. This technique can be used effectively to perform information gathering attacks. In this technique, an attacker sends a crafted packet with a TTL value that is set to expire one hop past the firewall. Which of the following are pre-requisites for an attacker to conduct firewalking?
Each correct answer represents a complete solution. Choose all that apply.
A. ICMP packets leaving the network should be allowed.
B. An attacker should know the IP address of the last known gateway before the firewall.
C. There should be a backdoor installed on the network.
D. An attacker should know the IP address of a host located behind the firewall.

Correct Answer: ABD QUESTION 2
Which of the following security protocols are based on the 802.11i standard? Each correct answer represents a complete solution. Choose all that apply.
A. WEP
B. WPA2
C. WPA
D. WEP2

Correct Answer: BC QUESTION 3
Which of the following OSI layers is responsible for protocol conversion, data encryption/decryption, and data compression?
A. Transport layer
B. Presentation layer
C. Data-link layer
D. Network layer

Correct Answer: B QUESTION 4
You are responsible for security at a company that uses a lot of Web applications. You are most concerned about flaws in those applications allowing some attacker to get into your network. What method would be best for finding such flaws?
A. Vulnerability scanning
B. Manual penetration testing
C. Automated penetration testing
D. Code review

Correct Answer: A QUESTION 5
Which of the following representatives of incident response team takes forensic backups of the systems that are the focus of the incident?
A. Lead investigator
B. Information security representative
C. Technical representative
D. Legal representative

Correct Answer: C QUESTION 6
Which of the following statements are true about routers?
Each correct answer represents a complete solution. Choose all that apply.

A. Routers are responsible for making decisions about which of several paths network (orInternet)traffic will follow.
B. Routers do not limit physical broadcast traffic.
C. Routers organize addresses into classes, which are used to determine how to move packets fromone network to another.
D. Routers act as protocol translators and bind dissimilar networks.

Correct Answer: ACD QUESTION 7
Which of the following types of attacks cannot be prevented by technical measures only?
A. Brute force
B. Ping flood attack
C. Smurf DoS
D. Social engineering

Correct Answer: D QUESTION 8
You work as a Network Administrator for Tech Perfect Inc. The company requires a secure wireless network. To provide security, you are configuring ISA Server 2006 as a firewall. While configuring ISA Server 2006, which of the following is NOT necessary?
A. Defining how ISA Server would cache Web contents
B. Defining ISA Server network configuration
C. Setting up of monitoring on ISA Server
D. Configuration of VPN access

Correct Answer: D QUESTION 9
Which of the following attacks CANNOT be detected by an Intrusion Detection System (IDS)? Each correct answer represents a complete solution. Choose all that apply.
A. Denial-of-Service (DoS) attack
B. E-mail spoofing
C. Port scan attack
D. Shoulder surfing

Correct Answer: BD QUESTION 10
Which of the following statements best describes a certification authority?
A. A certification authority is a type of encryption that uses a public key and a private key pair fordata encryption.
B. A certification authority is an entity that issues digital certificates for use by other parties.
C. A certification authority is a technique to authenticate digital documents by using computercryptography.
D. A certification authority is a type of encryption that uses a single key to encrypt and decryp t data.

Correct Answer: B QUESTION 11
You have just set up a wireless network for customers at a coffee shop. Which of the following are good security measures to implement?
Each correct answer represents a complete solution. Choose two.
A. Using WEP encryption
B. Using WPA encryption
C. Not broadcasting SSID
D. MAC filtering the router

Correct Answer: AB QUESTION 12
Linux traffic monitoring tools are used to monitor and quickly detect faults in the network or a system. Which of the following tools are used to monitor traffic of the Linux operating system? Each correct answer represents a complete solution. Choose all that apply.
A. PsExec
B. IPTraf
C. MRTG
D. PsLogList
E. Ntop

Correct Answer: BCE QUESTION 13
John works as an Office Assistant in DataSoft Inc. He has received an e-mail from [email protected] with the following message:
The DueSoft Lottery Incorporation
This is to inform you that you have just won a prize of $7,500.00 for this year’s Annual Lottery promotion, which was organized by Msn/Yahoo Lottery in conjunction with DueSoft. We collect active online e-mails and select five people every year as our winners through an electronic balloting machine. Please reply within three days of receiving this e-mail with your full details like Name, Address, Sex, Occupation, Age, State, Telephone number, and Country to claim your prize.
If John replies to this e-mail, which of the following attacks may he become vulnerable to?
A. Salami attack
B. Man-in-the-Middle attack
C. Phishing attack
D. DoS attack

Correct Answer: C QUESTION 14
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He is using a tool to crack the wireless encryption keys. The description of the
tool is as follows:
Which of the following tools is John using to crack the wireless encryption keys?
A. AirSnort
B. Kismet
C. PsPasswd
D. Cain

Correct Answer: A
QUESTION 15
Which of the following proxy servers is also referred to as transparent proxies or forced proxies?
A. Intercepting proxy server
B. Anonymous proxy server
C. Reverse proxy server
D. Tunneling proxy server

Correct Answer: A
QUESTION 16
Which of the following security policies will you implement to keep safe your data when you connect your Laptop to the office network over IEEE 802.11 WLANs?
Each correct answer represents a complete solution. Choose two.
A. Using a protocol analyzer on your Laptop to monitor for risks.
B. Using an IPSec enabled VPN for remote connectivity.
C. Using portscanner like nmap in your network.
D. Using personal firewall software on your Laptop.

Correct Answer: BD
QUESTION 17
Which of the following is the first computer virus that was used to infect the boot sector of storage media formatted with the DOS File Allocation Table (FAT) file system?
A. I love you
B. Melissa
C. Tequila
D. Brain
Correct Answer: D
QUESTION 18
Which of the following needs to be documented to preserve evidences for presentation in court?
A. Incident response policy
B. Account lockout policy
C. Separation of duties
D. Chain of custody

Correct Answer: D

QUESTION 19
Kerberos is a computer network authentication protocol that allows individuals communicating over a non-secure network to prove their identity to one another in a secure manner. Which of the following statements are true about the Kerberos authentication scheme?
Each correct answer represents a complete solution. Choose all that apply.
A. Kerberos requires continuous availability of a central server.
B. Kerberos builds on Asymmetric key cryptography and requires a trusted third party.
C. Dictionary and brute force attacks on the initial TGS response to a client may reveal the subject’spasswords.
D. Kerberos requires the clocks of the involved hosts to be synchronized.

Correct Answer: ACD QUESTION 20
Which of the following is used in asymmetric encryption?
A. Public key and user key
B. SSL
C. Public key and private key
D. NTFS

Correct Answer: C QUESTION 21
Sam, a malicious hacker, targets the electric power grid of Umbrella Inc. and gains access to the electronic control systems. Which of the following types of cybercrime has Sam performed?
A. Cyber defamation
B. Cybertrespass
C. Cyberterrorism
D. Cybertheft

Correct Answer: C QUESTION 22
Maria works as a Desktop Technician for PassGuide Inc. She has received an e-mail from the MN
Compensation Office with the following message:
Dear Sir/Madam,
My name is Edgar Rena, the director of compensation here at the MN Compensation Office in Chicago.

We receive so many complaints about fraudulent activities that have been taking place in your region for the past few years. Due to the high volume loss of money, the MN compensation department has had an agreement with the appropriate authority to compensate each victim with a sum of USD$500,000.00.
You were selected among the list of people to be paid this sum. To avoid any imperative mood by intending scammers, your payment has been transmuted into an International bank draft which can be cashed at any local bank in your country.
Please fill the below details and send it to our secretary for your compensation bank draft.
Full name:
Address:

Tel:

Fill & Send to:
Dr. Michael Brown
MN Compensation Office, IL
Tel: +1-866-233-8434
Email: [email protected]
Further instructions shall be given to you by our secretary as soon as you contact him. To avoid losing your

compensation, you are requested to pay the sum of $350 for Insurance Premium to our secretary.
Thanks and God bless.
If Maria replies to this mail, which of the following attacks may she become vulnerable to?

A. Phishing attack
B. SYN attack
C. CookieMonster attack
D. Mail bombing

Correct Answer: A QUESTION 23
Victor works as a network administrator for DataSecu Inc. He uses a dual firewall Demilitarized Zone (DMZ) to insulate the rest of the network from the portions that is available to the Internet.
Which of the following security threats may occur if DMZ protocol attacks are performed? Each correct answer represents a complete solution. Choose all that apply.
A. The attacker can exploit any protocol used to go into the internal network or intranet of thecompany.
B. The attacker can gain access to the Web server in a DMZ and exploit the database.
C. The attacker can perform a Zero Day attack by delivering a malicious payload that is not a part of the intrusion detection/prevention systems guarding the network.
D. The attacker managing to break the first firewall defense can access the internal network without breaking the second firewall if it is different.

Correct Answer: ABC QUESTION 24
Which of the following Linux rootkits is installed via stolen SSH keys?
A. Phalanx2
B. Beastkit
C. Adore
D. Linux.Ramen

Correct Answer: A QUESTION 25
Which of the following is a set of exclusive rights granted by a state to an inventor or his assignee for a fixed period of time in exchange for the disclosure of an invention?
A. Snooping
B. Copyright
C. Utility model
D. Patent

Correct Answer: D

Flydumps.com EC-COUNCIL https://www.pass4itsure.com/ECSS.html practice tests hold the key importance and provide a considerable gain for your knowledge base. You can rely on our products with unwavering confidence; Get the profound knowledge and become a pro with Flydumps.com assistance.

EC-COUNCIL ECSAV8 Certificate, Latest Release EC-COUNCIL ECSAV8 Exam Questions Guaranteed Success

The Flydumps New EC-COUNCIL ECSAV8 practice tests helps the user to keep a check on their learning and understanding and improve for the EC-COUNCIL https://www.pass4itsure.com/ecsav8.html exam. Flydumps makes you pass your exam much easier.

QUESTION 1
Which of the following password cracking techniques is used when the attacker has some information about the password?
A. Hybrid Attack
B. Dictionary Attack
C. Syllable Attack
D. Rule-based Attack
Correct Answer: D Explanation
Explanation/Reference:
Reference:
http://202.154.59.182/mfile/files/Information%20System/Computer%20Forensics%3B%20H ard%20Disk%
20and%20Operating%20Systems/CHAPTER%207%20Application%20Pass word%20Crackers.pdf (page
4, rule-based attack)

QUESTION 2
Which of the following is an application alert returned by a web application that helps an attacker guess a valid username?
A. Invalid username or password
B. Account username was not found
C. Incorrect password
D. Username or password incorrect
Correct Answer: C Explanation
QUESTION 3
A pen tester has extracted a database name by using a blind SQL injection. Now he begins to test the table inside the database using the below query and finds the table:
http://juggyboy.com/page.aspx?id=1; IF (LEN(SELECT TOP 1 NAME from sysobjects where xtype=’U’)=3) WAITFOR DELAY ’00:00:10′–
http://juggyboy.com/page.aspx?id=1; IF (ASCII(lower(substring((SELECT TOP 1 NAME from sysobjects where xtype=char(85)),1,1)))=101) WAITFOR DELAY ’00:00:10′–
http://juggyboy.com/page.aspx?id=1; IF (ASCII(lower(substring((SELECT TOP 1 NAME from sysobjects where xtype=char(85)),2,1)))=109) WAITFOR DELAY ’00:00:10′–
http://juggyboy.com/page.aspx?id=1; IF (ASCII(lower(substring((SELECT TOP 1 NAME from sysobjects where xtype=char(85)),3,1)))=112) WAITFOR DELAY ’00:00:10′–
What is the table name?
A. CTS
B. QRT
C. EMP
D. ABC
Correct Answer: C Explanation
QUESTION 4
When you are running a vulnerability scan on a network and the IDS cuts off your connection, what type of IDS is being used?
A. Passive IDS
B. Active IDS
C. Progressive IDS
D. NIPS
Correct Answer: B Explanation
QUESTION 5
HTTP protocol specifies that arbitrary binary characters can be passed within the URL by using %xx notation, where ‘xx’ is the
A. ASCII value of the character
B. Binary value of the character
C. Decimal value of the character
D. Hex value of the character
Correct Answer: C Explanation
QUESTION 6
Which of the following appendices gives detailed lists of all the technical terms used in the report?
A. Required Work Efforts
B. References
C. Research
D. Glossary
Correct Answer: D Explanation
Explanation/Reference:
Explanation: Refere’ http://en.wikipedia.org/wiki/Glossary
QUESTION 7
An external intrusion test and analysis identify security weaknesses and strengths of the client’s systems and networks as they appear from outside the client’s security perimeter, usually from the Internet. The goal of an external intrusion test and analysis is to demonstrate the existence of known vulnerabilities that could be exploited by an external attacker.

During external penetration testing, which of the following scanning techniques allow you to determine a port’s state without making a full connection to the host?
A. XMAS Scan
B. SYN scan
C. FIN Scan
D. NULL Scan
Correct Answer: B Explanation
QUESTION 8
Passwords protect computer resources and files from unauthorized access by malicious users. Using passwords is the most capable and effective way to protect information and to increase the security level of a company.
Password cracking is the process of recovering passwords from data that have been stored in or transmitted by a computer system to gain unauthorized access to a system.

Which of the following password cracking attacks tries every combination of characters until the password is broken?
A. Brute-force attack
B. Rule-based attack
C. Hybrid attack D. Dictionary attack
Correct Answer: A Explanation
Explanation/Reference:
Reference:
http://books.google.com.pk/books?id=m2qZNW4dcyIC&pg=PA237&lpg=PA237&dq=passw ord+cracking
+attacks+tries+every+combination+of+characters+until+the+password+is+bro
ken&source=bl&ots=RKEUUo6LYj&sig=MPEfFBEpoO0yvOwMxYCoPQuqM5g&hl=en&sa=
X&ei=ZdwdVJm3CoXSaPXsgPgM&ved=0CCEQ6AEwAQ#v=onepage&q=password%20cr acking%
20attacks%20tries%20every%20combination%20of%20characters%20until%20th e%20password%20is%
20broken&f=false

QUESTION 9
Rules of Engagement (ROE) document provides certain rights and restriction to the test team for performing the test and helps testers to overcome legal, federal, and policy-related restrictions to use different penetration testing tools and techniques.

What is the last step in preparing a Rules of Engagement (ROE) document?
A. Conduct a brainstorming session with top management and technical teams
B. Decide the desired depth for penetration testing
C. Conduct a brainstorming session with top management and technical teams
D. Have pre-contract discussions with different pen-testers
Correct Answer: B Explanation
QUESTION 10
Which of the following is a framework of open standards developed by the Internet Engineering Task Force (IETF) that provides secure transmission of the sensitive data over an unprotected medium, such as the Internet?
A. DNSSEC
B. Netsec

C. IKE
D. IPsec
Correct Answer: D Explanation
Explanation/Reference:
Reference: http://www.cisco.com/c/en/us/td/docs/net_mgmt/vpn_solutions_center/2- 0/ip_security/ provisioning/guide/IPsecPG1.html
QUESTION 11
Mason is footprinting an organization to gather competitive intelligence. He visits the company’s website for contact information and telephone numbers but does not find any. He knows the entire staff directory was listed on their website 12 months. How can he find the directory?
A. Visit Google’s search engine and view the cached copy
B. Crawl and download the entire website using the Surfoffline tool and save them to his computer
C. Visit the company’s partners’ and customers’ website for this information
D. Use WayBackMachine in Archive.org web site to retrieve the Internet archive
Correct Answer: D Explanation
QUESTION 12
Application security assessment is one of the activity that a pen tester performs in the attack phase. It is designed to identify and assess threats to the organization through bespoke, proprietary applications or systems. It checks the application so that a malicious user cannot access, modify, or destroy data or services within the system.

Identify the type of application security assessment which analyzes the application-based code to confirm that it does not contain any sensitive information that an attacker might use to exploit an application.
A. Web Penetration Testing
B. Functionality Testing
C. Authorization Testing
D. Source Code Review
Correct Answer: D Explanation
QUESTION 13
Which of the following is not a characteristic of a firewall?
A. Manages public access to private networked resources
B. Routes packets between the networks
C. Examines all traffic routed between the two networks to see if it meets certain criteria
D. Filters only inbound traffic but not outbound traffic
Correct Answer: B Explanation
QUESTION 14
The IP protocol was designed for use on a wide variety of transmission links. Although the maximum length of an IP datagram is 64K, most transmission links enforce a smaller maximum packet length limit, called a MTU.
The value of the MTU depends on the type of the transmission link. The design of IP accommodates MTU differences by allowing routers to fragment IP datagrams as necessary. The receiving station is responsible for reassembling the fragments back into the original full size IP datagram.
IP fragmentation involves breaking a datagram into a number of pieces that can be reassembled later. The IP source, destination, identification, total length, and fragment offset fields in the IP header, are used for IP fragmentation and reassembly.

The fragment offset is 13 bits and indicates where a fragment belongs in the original IP datagram. This value is a:
A. Multiple of four bytes
B. Multiple of two bytes
C. Multiple of eight bytes
D. Multiple of six bytes Correct Answer: C
Explanation Explanation/Reference:
Reference: http://www.freesoft.org/CIE/Course/Section3/7.htm (fragment offset: 13 bits)
QUESTION 15
From where can clues about the underlying application environment can be collected?
A. From the extension of the file
B. From executable file
C. From file types and directories
D. From source code
Correct Answer: D Explanation
QUESTION 16
Which of the following information gathering techniques collects information from an organization’s web-based calendar and email services?
A. Anonymous Information Gathering
B. Private Information Gathering
C. Passive Information Gathering
D. Active Information Gathering
Correct Answer: B Explanation
Explanation/Reference:
Reference: http://luizfirmino.blogspot.com/2011/09/footprinting-terminologies.html
QUESTION 17
Which Wireshark filter displays all the packets where the IP address of the source host is 10.0.0.7?

A. ip.dst==10.0.0.7
B. ip.port==10.0.0.7
C. ip.src==10.0.0.7
D. ip.dstport==10.0.0.7
Correct Answer: C Explanation
QUESTION 18
Which of the following statements is true about the LM hash?
A. Disabled in Windows Vista and 7 OSs
B. Separated into two 8-character strings
C. Letters are converted to the lowercase
D. Padded with NULL to 16 characters
Correct Answer: A Explanation
Explanation/Reference:
Reference: http://www.onlinehashcrack.com/how_to_crack_windows_passwords.php (first paragraph of the page)
QUESTION 19
Which of the following statement holds true for TCP Operation?

A. Port numbers are used to know which application the receiving host should pass the data to
B. Sequence numbers are used to track the number of packets lost in transmission
C. Flow control shows the trend of a transmitting host overflowing the buffers in the receiving host
D. Data transfer begins even before the connection is established
Correct Answer: C Explanation
QUESTION 20
Which of the following will not handle routing protocols properly?
A. “Internet-router-firewall-net architecture”
B. “Internet-firewall-router-net architecture”
C. “Internet-firewall -net architecture”
D. “Internet-firewall/router(edge device)-net architecture”
Correct Answer: A Explanation

Flydumps.com provides you with the most reliable practice exams to master EC-COUNCIL https://www.pass4itsure.com/ecsav8.html Certification. Our Microsoft questions and answers are certified by the senior lecturer and experienced technical experts in the Microsoft field. These test questions provide you with the experience of taking the actual test.