EC-Council Certified Security Specialist (ECSS) Quiz Questions and Answers

You are responsible for security at a company that uses a lot of Web applications. You are most concerned about flaws in those applications allowing some attacker to get into your network. What method would be best for finding such flaws?

Answer :
  • Vulnerability scanning

Which of the following types of attacks cannot be prevented by technical measures only?

Answer :
  • Social engineering

Which of the following statements best describes a certification authority?

Answer :
  • A certification authority is an entity that issues digital certificates for use by other parties

Which of the following is used in asymmetric encryption?

Answer :
  • Public key and private key

Which of the following is used to authenticate asymmetric keys?

Answer :
  • Digital signature

Which of the following programs is used for bypassing normal authentication for securing remote access to a computer?

Answer :
  • Backdoor

A firewall is a combination of hardware and software, used to provide security to a network. It is used to protect an internal network or intranet against unauthorized access from the Internet or other outside networks. It restricts inbound and outbound access and can analyze all traffic between an internal network and the Internet. Users can configure a firewall to pass or block packets from specific IP addresses and ports. Which of the following tools works as a firewall for the Linux 2.4 kernel?

Answer :
  • IPTables

John works as an Office Assistant in DataSoft Inc. He has received an e-mail from duesoft_lotterygroup@us.com with the following message: The DueSoft Lottery Incorporation This is to inform you that you have just won a prize of $7,500.00 for this year's Annual Lottery promotion, which was organized by Msn/Yahoo Lottery in conjunction with DueSoft. We collect active online e-mails and select five people every year as our winners through an electronic balloting machine. Please reply within three days of receiving this e-mail with your full details like Name, Address, Sex, Occupation, Age, State, Telephone number, and Country to claim your prize. If John replies to this e-mail, which of the following attacks may he become vulnerable to?

Answer :
  • Phishing attack

Andrew works as a System Administrator for NetPerfect Inc. All client computers on the network run on Mac OS X. The Sales Manager of the company complains that his MacBook is not able to boot. Andrew wants to check the booting process. He suspects that an error persists in the bootloader of Mac OS X. Which of the following is the default bootloader on Mac OS X that he should use to resolve the issue?

Answer :
  • BootX

Which of the following attacks is used to hack simple alphabetical passwords?

Answer :
  • Dictionary-based attack