EC-COUNCIL EC-Council Certified Security Specialist (ECSSv10) - ECSS FREE EXAM DUMPS QUESTIONS & ANSWERS
James is a professional hacker who managed to penetrate the target company's network and tamper with software by adding a malicious script in the production that holds persistence on the network.
Which of the following phases of hacking is James currently in?
Which of the following phases of hacking is James currently in?
Correct Answer: C
Vote an answer
Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).
Ben, a computer user, applied for a digital certificate. A component of PKI verifies Ben's identity using the credentials provided and passes that request on behalf of Ben to grant the digital certificate.
Which of the following PKI components verified Ben as being legitimate to receive the certificate?
Which of the following PKI components verified Ben as being legitimate to receive the certificate?
Correct Answer: C
Vote an answer
Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).
Identify the backup mechanism that is performed within the organization using external devices such as hard disks and requires human interaction to perform the backup operations, thus, making it suspect able to theft or natural disasters.
Correct Answer: A
Vote an answer
Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).
Morris, an attacker, targeted an application server to manipulate its services. He succeeded by employing input validation attacks such as XSS that exploited vulnerabilities present in the programming logic of an application. Identify the web application layer in which Morris has manipulated the programming logic.
Correct Answer: B
Vote an answer
Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).
Bob, a professional hacker, targeted an organization to launch attacks. Bob gathered information such as network topology and a list of live hosts. Based on the collected information, he launched further attacks over the organization's network.
Identify the type of network attack Bob initiated on the target organization in the above scenario.
Identify the type of network attack Bob initiated on the target organization in the above scenario.
Correct Answer: C
Vote an answer
Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).
Johnson is a professional hacker who targeted an organization's customers and decided to crack their system passwords. In this process, he found a list of valid customers, created a list of possible passwords, ranked the passwords from high to low probability, and started keying in each password in the target system until the correct password is discovered.
Identify the type of attack performed by Johnson in the above scenario.
Identify the type of attack performed by Johnson in the above scenario.
Correct Answer: B
Vote an answer
Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).
Melissa, an ex-employee of an organization, was fired because of misuse of resources and security violations.
She sought revenge against the company and targeted its network, as she is already aware of its network topology.
Which of the following categories of insiders does Melissa belong to?
She sought revenge against the company and targeted its network, as she is already aware of its network topology.
Which of the following categories of insiders does Melissa belong to?
Correct Answer: D
Vote an answer
Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).
Daniel, a networking specialist, identifies a glitch in a networking tool and fixes it on a priority using a system.
Daniel was authorized to make a copy of computers programs while maintaining or repairing the system.
Which of the following acts was demonstrated in the above scenario?
Daniel was authorized to make a copy of computers programs while maintaining or repairing the system.
Which of the following acts was demonstrated in the above scenario?
Correct Answer: D
Vote an answer
Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).
Stephen, an attacker, decided to gain access to an organization's server. He identified a user with access to the remote server. He used sniffing programs to gain the user's credentials and captured the authentication tokens transmitted by the user. Then, he transmitted the captured tokens back tothe server to gain unauthorized access.
Identify the technique used by Stephen to gain unauthorized access to the target server.
Identify the technique used by Stephen to gain unauthorized access to the target server.
Correct Answer: A
Vote an answer
Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).
Steve, a professional pen tester, was hired by an organization to assess its cybersecurity. The organization provided Steve with details such as network topology documents, asset inventory, and valuation information.
This information helped Steve complete the penetration test successfully, and he provided a snapshot of the organization's current security posture.
Identify the penetration testing strategy followed by Steve in the above scenario.
This information helped Steve complete the penetration test successfully, and he provided a snapshot of the organization's current security posture.
Identify the penetration testing strategy followed by Steve in the above scenario.
Correct Answer: B
Vote an answer
Explanation: Only visible for FreeCram members. You can sign-up / login (it's free).