ECSS Practice Exam Questions and Answers

Bruce, a professional hacker, targeted an OT network. He initiated a looping strategy to recover the password of the target system. He started sending one character at a time to check whether the first character entered is correct: If so, he continued the loop for consecutive characters. Using thistechnique. Bruce identified how much time the device takes to finish one complete password authentication process, through which he determined the correct characters in the target password.

Identify the type of attack launched by Bruce on the target OT network.

Kalley, a network administrator of an organization, has installed a traffic monitoring system to capture and report suspicious traffic signatures. In this process, she detects traffic containing password cracking, sniffing, and brute-forcing attempts.

Which of the following categories of suspicious traffic signature were identified by Kalley through the installed monitoring system?

Daniel, a professional hacker, targeted Alice and lured her into downloading a malicious app from a third-party app store. Upon installation, the core malicious code inside the application started infecting other legitimate apps in Alice's mobile device. Daniel overloaded Alice's device with irrelevant and fraudulent advertisements through the infected app for financial gain.

Identify the type of attack Daniel has launched in the above scenario.

Which of th© following titles of Th© Electronic Communications Privacy Act protects the privacy of the contents of files stored by service providers and records held about the subscriber by service providers, such as subscriber name, billing records, and IP addresses?

Jacob, a network defender in an organization, was instructed to improve the physical security measures to prevent unauthorized intrusion attempts. In this process, Jacob implemented certain physical security controls by using warning messages and signs that notify legal consequences to discourage hackers from making intrusion attempts.

Which of the following type of physical security controls has Jacob implemented in the above scenario?

Alice was working on her major project: she saved all her confidential files and locked her laptop. Bob wanted to access Alice’s laptop for his personal use but was unable to access the laptop due to biometric authentication.

Which of the following network defense approaches was employed by Alice on her laptop?

A system that a cybercriminal was suspected to have used for performing an anti-social activity through the Tor browser. James reviewed the active network connections established using specific ports via Tor.

Which of the following port numbers does Tor use for establishing a connection via Tor nodes?

Clark, a security professional, was instructed to monitor and continue the backup functions without interrupting the system or application services. In this process, Clark implemented a backup mechanism that dynamically backups the data even If the system or application resources are being used.

Which of the following types of backup mechanisms has Clark implemented in the above scenario?

Bob. a network specialist in an organization, is attempting to identify malicious activities in the network. In this process. Bob analyzed specific data that provided him a summary of a conversation between two network devices, including a source IP and source port, a destination IP and destination port, the duration of the conversation, and the information shared during the conversation.

Which of the following types of network-based evidence was collected by Bob in the above scenario?

James is a professional hacker attempting to gain access to an industrial system through a remote control device. In this process, he used a specially designed radio transceiver device to sniff radio commands and inject arbitrary code into the firmware of the remote controllers to maintain persistence.

Which of the following attacks is performed by James in the above scenario?

Johnson is a professional hacker who targeted an organization’s customers and decided to crack their system passwords. In this process, he found a list of valid customers, created a list of possible passwords, ranked the passwords from high to low probability, and started keying in each password in the target system until the correct password is discovered.

Identify the type of attack performed by Johnson in the above scenario.

Which of the following cloud computing threats arises from authentication vulnerabilities, user-provisioning and de-provisioning vulnerabilities, hypervisor vulnerabilities, unclear roles and responsibilities, and misconfigurations?

Kevin, a forensic investigator at FinCorp Ltd., was investigating a cybercrime against the company. As part of the investigation process, he needs to recover corrupted and deleted files from a Windows system. Kevin decided to use an automated tool to recover the damaged, corrupted, or deleted files.

Which of the following forensic tools can help Kevin in recovering deleted files?

Cibel.org, an organization, wanted to develop a web application for marketing its products to the public. In this process, they consulted a cloud service provider and requested provision of development tools, configuration management, and deployment platforms for developing customized applications.

Identify the type of cloud service requested by Cibel.org in the above scenario.

Sarah, a forensic investigator, is working on a criminal case. She was provided with all the suspect devices. Sarah employs an imaging software tool for duplicating the original data from the suspect devices. However, the tool she employed failed to image the data as the suspect version of the drive was very old and incompatible with imaging software. Hence, Sarah used an alternative data acquisition technique and succeeded in imaging the data.

Which of the following types of data acquisition techniques did Sarah employ in the above scenario?

Bob, a network administrator in a company, manages network connectivity to 200 employees in six different rooms. Every employee has their own laptop to connect to the Internet through a wireless network, but the company has only one broadband connection.

Which of the following types of wireless networks allows Bob to provide Internet access to every laptop and bring all the devices to a single network?

Identify the backup mechanism that is performed within the organization using external devices such as hard disks and requires human interaction to perform the backup operations, thus, making it suspect able to theft or natural disasters.

Kalley, a shopping freak, often visits different e commerce websites from her office system. One day, she received a free software on her mail with the claim that it is loaded with new clothing offers. Tempted by this, Kalley downloaded the malicious software onto her system. The software infected Kalley's system and began spreading the infection to other systems connected to the network.

Identify the threat source through which Kalley unintentionally invited the malware into the network?

Carol is a new employee at ApTech Sol Inc., and she has been allocated a laptop to fulfill his job activities. Carol tried to install certain applications on the company’s laptop but could not complete the installation as she requires administrator privileges to initiate the installation process. The administrator imposed an access policy on the company’s laptop that only users with administrator privileges have installation rights.

Identify the access control model demonstrated in the above scenario.

Clark is an unskilled hacker attempting to perform an attack on a target organization to gain popularity. He downloaded and used freely available hacking tools and software developed by other professional hackers for this purpose.

Identify the type of threat actor described in the above scenario.

An organization decided to strengthen the security of its network by studying and analyzing the behavior of attackers. For this purpose. Steven, a security analyst, was instructed to deploy a device to bait attackers. Steven selected a solution that appears to contain very useful information to lure attackers and find their locationsand techniques.

Identify the type of device deployed by Steven in the above scenario.

Jay, a network administrator, was monitoring traffic flowing through an IDS. Unexpectedly, he received an event triggered as an alarm, although there is no active attack in progress.

Identify the type of IDS alert Jay has received in the above scenario.

Which of the following techniques is referred to as a messaging feature that originates from a server and enables the delivery of data or a message from an application to a mobile device without any explicit request from the user?

Clark, a digital forensic expert, was assigned to investigate a malicious activity performed on an organization's network. The organization provided Clark with all the information related to the incident. In this process, he assessed the impact of the incident on the organization, reasons for and source of the incident, steps required to tackle the incident, investigating team required to handle the case, investigative procedures, and possible outcome of the forensic process.

Identify the type of analysis performed by Clark in the above scenario.

Melanie, a professional hacker, is attempting to break into a target network through an application server. In this process, she identified a logic flaw in the target web application that provided visibility into the source code. She exploited this vulnerability to launch further attacks on the target web application.

Which of the web application vulnerabilities was identified by Melanie in the above scenario?

Williams, a forensic specialist, was tasked with performing a static malware analysis on a suspect system in an organization. For this purpose, Williams used an automated tool to perform a string search and saved all the identified strings in a text file. After analyzing the strings, he determined all the harmful actions that were performed by malware.

Identify the tool employed by Williams in the above scenario.

Bob, a professional hacker, targeted an organization to launch attacks. Bob gathered information such as network topology and a list of live hosts. Based on the collected information, he launched further attacks over the organization's network.

Identify the type of network attack Bob initiated on the target organization in the above scenario.

An loT sensor in an organization generated an emergency alarm indicating a security breach. The servers hosted in an loT layer accepted, stored, and processed the sensor data received from loT gateways and created dashboards for monitoring, analyzing, and implementing proactive decisions to tackle the issue.

Which of the following layers in the loT architecture performed the above activities after receiving an alert from the loT sensor?

Robert, a security specialist, was appointed to strengthen the security of the organization's network. To prevent multiple login attempts from unknown sources, Robert implemented a security strategy of issuing alerts or warning messages when multiple failed login attempts are made.

Which of the following security risks is addressed by Robert to make attempted break-ins unsuccessful?