11.11 Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sale65best

Ace the ECCouncil ECSS Exam: Ultimate Preparation Guide

Questions 1

Below are the various steps involved in forensic readiness planning.

l.Keep an incident response team ready to review the incident and preserve the evidence.

2.Create a process for documenting the procedure.

3.ldentify the potential evidence required for an incident.

4.Determine the sources of evidence.

5.Establish a legal advisory board to guide the investigation process.

6.ldentify if the incident requires full or formal investigation.

7.Establish a policy for securely handling and storing the collected evidence.

8.Define a policy that determines the pathway to legally extract electronic evidence with minimal disruption. Identify the correct sequence of steps involved in forensic readiness planning.

Options:

A.

1 >2 >3 >4 -5 >6 >7 >8

B.

2..>3->l->4->6->5->7->8

C.

3 >4 >8 >7 >6 >2 >5 >1

D.

3 >1. >4 >S >8 >2 >6 >7

Buy Now
Questions 2

Jessica, a user, wanted to access the Internet from her laptop and therefore sends a connection request to the access point. To identify the wireless client, the access point forwarded that request to a RADIUS server. The RADIUS server transmitted authentication keys to both the access point and Jessica's laptop. This key helps the access point identify a particular wireless client.

Identify the authentication method demonstrated in the above scenario.

Options:

A.

Open system authentication

B.

Null authentication

C.

Shared key authentication

D.

Centralized authentication

Buy Now
Questions 3

Mary was surfing the Internet, and she wanted to hide her details and the content she was surfing over the web. She employed a proxy tool that makes his online activity untraceable.

Identify the type of proxy employed by John in the above scenario.

Options:

A.

Reverse proxy

B.

Anonvmous proxy

C.

Explicit proxy

D.

SOCKS proxy

Buy Now
Questions 4

Bob has secretly installed smart CCTV devices (loT devices) outside his home and wants to access the recorded data from a remote location. These smart CCTV devices send sensed data to an intermediate device that carries out pre-processing of data online before transmitting it to the cloudfor storage and analysis. The analyzed data is then sent to Bob for initiating actions.

Identify the component of loT architecture that collects data from loT devices and performs data preprocessing.

Options:

A.

Data lakes

B.

Streaming data processor

C.

Gateway

D.

A Machine learning

Buy Now
Questions 5

Stella, a mobile user, often ignores the messages received from the manufacturer for updates. One day, she found that files in her device are being replaced, she immediately rushed to the nearest service center for inquiry. They tested the device and identified vulnerabilities in it as it ran with an obsolete OS version.

Identify the mobile device security risk raised on Stella's device in the above scenario.

Options:

A.

Network-based risk

B.

Physical security risks

C.

Application-based risk

D.

System-based risk

Buy Now
Questions 6

Mark, an attacker, aims to access an organization's internal server, but the local firewall implementation restricted him from achieving this objective. To overcome this issue, he started sending specially crafted requests to the public server, through which he gained access to the local server.

Identify the type of attack initiated by Mark in the above scenario.

Options:

A.

Web cache poisoning attack

B.

SSRF attack

C.

TTP response-splitting attack

D.

SSH brute-force attack

Buy Now
Questions 7

Which of the following practices makes web applications vulnerable to SQL injection attacks?

Options:

A.

Use the most restrictive SQL account types for applications

B.

Never build Transact SQL statements directly from user input

C.

Avoid constructing dynamic SQL with concatenated input values

D.

A Accept entries that contain binary data, escape sequences, and comment characters

Buy Now
Questions 8

Jack, a forensic investigator, was appointed to investigate a Windows-based security incident. In this process, he employed an Autopsy tool to recover the deleted files from unallocated space, which helps in gathering potential evidence.

Which of the following functions of Autopsy helped Jack recover the deleted files?

Options:

A.

Timeline analysis

B.

Web artifacts

C.

Data carving

D.

Multimedia

Buy Now
Questions 9

Below is the syntax of a command-line utility that displays active TCP connections and ports on which the computer is listening.

netstat [ a] [e] [-nJ [-o] [ p Protocol] [-r] [-s] [interval]

Identify the netstat parameter that displays active TCP connections and includes the process ID (PID) for each connection.

Options:

A.

l-S]

B.

[-O]

C.

[-n]

D.

[-r]

Buy Now
Questions 10

Kane, an investigation specialist, was appointed to investigate an incident in an organization’s network. In this process, Kane executed a command and identified that a network interface is running in the promiscuous mode and is allowing all incoming packets without any restriction.

In the above scenario, which of the following commands did Kane use to check whether the network interface is set to the promiscuous mode?

Options:

A.

ipconfig < interface name >

B.

ifconfig < interface name >

C.

nmap -sT localhost

D.

netstat -i

Buy Now