EC-Council Certified Security Specialist Practice Test 1
Which of the following password cracking attacks is implemented by calculating all the possible hashes for a set of characters?
Jason, a Malicious Hacker, is a student of Baker university. He wants to perform remote hacking on the server of DataSoft Inc. to hone his hacking skills. The company has a Windows-based network. Jason successfully enters the target system remotely by using the advantage of vulnerability. He places a Trojan to maintain future access and then disconnects the remote session. The employees of the company complain to Mark, who works as a Professional Ethical Hacker for DataSoft Inc., that some computers are very slow. Mark diagnoses the network and finds that some irrelevant log files and signs of Trojans are present on the computers. He suspects that a malicious hacker has accessed the network. Mark takes the help from Forensic Investigators and catches Jason. Which of the following mistakes made by Jason helped the Forensic Investigators catch him?
Which of the following functions does the RSA Digital Signature combine with public key algorithm to create a more secure signature?
Maria works as a Desktop Technician for PassGuide Inc. She has received an e-mail from the MN Compensation Office with the following message: If Maria replies to this mail, which of the following attacks may she become vulnerable to? Dear Sir/Madam, My name is Edgar Rena, the director of compensation here at the MN Compensation Office in Chicago. We receive so many complaints about fraudulent activities that have been taking place in your region for the past few years. Due to the high volume loss of money, the MN compensation department has had an agreement with the appropriate authority to compensate each victim with a sum of USD$500,000.00. You were selected among the list of people to be paid this sum. To avoid any imperative mood by intending scammers, your payment has been transmuted into an International bank draft which can be cashed at any local bank in your country. Please fill the below details and send it to our secretary for your compensation bank draft. Full name: ______ Address: ________ Tel: ____________ Fill & Send to: Dr. Michael Brown MN Compensation Office, IL Tel: +1-866-233-8434 Email: [email protected] Further instructions shall be given to you by our secretary as soon as you contact him. To avoid losing your compensation, you are requested to pay the sum of $350 for Insurance Premium to our secretary. Thanks and God bless. Rate now:
John works as a Security Administrator for NetPerfect Inc. The company uses Windows-based systems. A project has been assigned to John to track malicious hackers and to strengthen the company's security system. John configures a computer system to trick malicious hackers into thinking that it is the company's main server, which in fact is a decoy system to track hackers. Which system is John using to track the malicious hackers?
Andrew, a bachelor student of Faulkner University, creates a gmail account. He uses 'Faulkner' as the password for the gmail account. After a few days, he starts receiving a lot of e-mails stating that his gmail account has been hacked. He also finds that some of his important mails have been deleted by someone. Which of the following methods has the attacker used to crack Andrew's password? Each correct answer represents a complete solution. Choose all that apply. A. Brute force attack B. Dictionary-based attack C. Rainbow attack D. Zero-day attack E. Password guessing F. Social engineering G. Denial-of-service (DoS) attack H. Buffer-overflow attack
What does CSIRT stand for?
Adam works as a Security Analyst for Umbrella Inc. He is retrieving large amount of log data from various resources such as Apache log files, IIS logs, streaming servers, and some FTP servers. He is facing difficulty in analyzing the logs that he has retrieved. To solve this problem, Adam decides to use AWStats application. Which of the following statements are true about AWStats? Each correct answer represents a complete solution. Choose all that apply. A. It can analyze log files server tools such as Apache log files, WebStar, IIS and other Web, proxy, and some ftp servers. B. It generates advanced Web, streaming, mail server statistics graphically. C. It can work with all Web hosting providers, which allow Perl, CGI and log access. D. It works only as a CGI and shows all possible information contained in log.
Which of the following protocols is used the most by web servers?
Which of the following Trojans is used by attackers to modify the Web browser settings?
Cola Co. manufactures, markets, sells, and distributes non-alcoholic potables such as Lemcaa and Thunder Up under its brand name Cola and uses green and red logo. Mola Co., a new company, starts manufacturing, marketing, selling, and distributing non-alcoholic potables like Lumca and Cloud Up under its brand name Mola and uses green and red logo. Which of the following violations has been committed by Mola Co.?
Mark has been assigned a project to configure a wireless network for a company. The network should contain a Windows 2003 server and 30 Windows XP client computers. Mark has a single dedicated Internet connection that has to be shared among all the client computers and the server. The configuration needs to be done in a manner that the server should act as a proxy server for the client computers. Which of the following programs can Mark use to fulfill this requirement?
Firewalking is a technique that can be used to gather information about a remote network protected by a firewall. This technique can be used effectively to perform information gathering attacks. In this technique, an attacker sends a crafted packet with a TTL value that is set to expire one hop past the firewall. Which of the following are pre-requisites for an attacker to conduct firewalking? Each correct answer represents a complete solution. Choose all that apply. A. There should be a backdoor installed on the network. B. An attacker should know the IP address of a host located behind the firewall. C. An attacker should know the IP address of the last known gateway before the firewall. D. ICMP packets leaving the network should be allowed.
What is the size of Master Boot Record (MBR)?
Which of the following is an example of a social engineering attack?
Which of the following is the most important resource associated with any digital forensic investigations process?
Which of the following is an example of a low-interaction production honeypot that is developed and sold by the Swiss company Netsec?
A firewall is a combination of hardware and software, used to provide security to a network. It is used to protect an internal network or intranet against unauthorized access from the Internet or other outside networks. It restricts inbound and outbound access and can analyze all traffic between an internal network and the Internet. Users can configure a firewall to pass or block packets from specific IP addresses and ports. Which of the following tools works as a firewall for the Linux 2.4 kernel?
Which of the following laws was formed by the legislative branch of the United States government?
Sam, a bank employee, develops a program and uploads it to the bank's server. He deducts $1 a month from the account of every customer using the program. Probably no account holder will notice this type of illegal debit, but Sam will make a good amount of money every month. Which of the following types of cybercrime is Sam performing?