1. Home
  2. EC-COUNCIL
  3. ECSS

EC-Council Certified Security Specialist (ECSS) v10

Exam Details

  • Exam Code
    :ECSS
  • Exam Name
    :EC-Council Certified Security Specialist (ECSS) v10
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :337 Q&As
  • Last Updated
    :Mar 24, 2025

EC-COUNCIL EC-COUNCIL Certifications ECSS Questions & Answers

  • Question 91:

    Victor is a novice Ethical Hacker. He is learning the hacking process, i.e., the steps taken by malicious hackers to perform hacking. Which of the following steps is NOT included in the hacking process?

    A. gaining access

    B. Preparation

    C. Reconnaissance

    D. Scanning

  • Question 92:

    You are a professional Computer Hacking forensic investigator. You have been called to collect the evidences of Buffer Overflows or Cookie snooping attack. Which of the following logs will you review to accomplish the task?

    Each correct answer represents a complete solution. Choose all that apply.

    A. Web server logs

    B. Event logs

    C. Program logs

    D. System logs

  • Question 93:

    Rick, the Network Administrator of the Fimbry Hardware Inc., wants to design the initial test model for Internet Access. He wants to fulfill the following goals:

    ·No external traffic should be allowed into the network.

    ·Administrators should be able to restrict the websites which can be accessed by the internal users.

    Which of the following technologies should he use to accomplish the above goals?

    (Click the Exhibit button on the toolbar to see the case study.)

    A. Firewall

    B. Network Address Translator (NAT)

    C. Proxy Server

    D. Internet Connection Sharing (ICS)

    E. Routing and Remote Access Service (RRAS)

  • Question 94:

    John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He observes that the We-are-secure server is vulnerable to a special type of DoS attack and he makes the following suggestions to the security authority to protect the server from this DoS attack. The countermeasures against this type of DoS attack are as follows:

    l Disabling IP-directed broadcasts at the We-are-secure router

    l Configuring local computers so as not to respond to such ICMP packets that are configured to be sent to IP broadcast addresses

    Which of the following DoS attacks has John discovered as a vulnerability for the We-are-secure security network?

    A. Smurf attack

    B. Jolt attack

    C. Fraggle attack

    D. Teardrop attack

  • Question 95:

    Mark works as a Network Security Administrator for BlueWells Inc. The company has a Windowsbased network. Mark is giving a presentation on Network security threats to the newly recruited employees of the company. His presentation is about the External threats that the company recently faced in the past. Which of the following statements are true about external threats?

    Each correct answer represents a complete solution. Choose three.

    A. These are the threats that originate from within the organization.

    B. These are the threats intended to flood a network with large volumes of access requests.

    C. These threats can be countered by implementing security controls on the perimeters of the network, such as firewalls, which limit user access to the Internet.

    D. These are the threats that originate from outside an organization in which the attacker attempts to gain unauthorized access.

  • Question 96:

    You have made a program secure.c to display which ports are open and what types of services are running on these ports. You want to write the program's output to standard output and simultaneously copy it into a specified file. Which of the following commands will you use to accomplish the task?

    A. cat

    B. less

    C. more

    D. tee

  • Question 97:

    Which of the following are the ways of sending secure e-mail messages over the Internet?

    Each correct answer represents a complete solution. Choose two.

    A. S/MIME

    B. IPSec

    C. PGP

    D. TLS

  • Question 98:

    You are the Administrator for a corporate network. You are concerned about denial of service attacks. Which of the following measures would be most helpful in defending against a Denial-of- Service (DoS) attack?

    A. Implement network based antivirus.

    B. Place a honey pot in the DMZ.

    C. Implement a strong password policy.

    D. Shorten the timeout for connection attempts.

  • Question 99:

    Which method would provide the highest level of protection for all data transmitted on the internal network only?

    (Click the Exhibit button on the toolbar to see the case study.)

    A. IPSec tunnel mode

    B. SSL

    C. PPTP

    D. IPSec transport mode

    E. SMB

  • Question 100:

    Which of the following U.S. Federal laws addresses computer crime activities in communication lines, stations, or systems?

    A. 18 U.S.C. 2510

    B. 18 U.S.C. 1362

    C. 18 U.S.C. 1030

    D. 18 U.S.C. 2701

    E. 18 U.S.C. 1029

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your ECSS exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.