ECSS Online Practice Questions and Answers
Fill in the blank with the appropriate name of the attack. _______takes best advantage of an existing authenticated connection
You are responsible for security at a company that uses a lot of Web applications. You are most concerned about flaws in those applications allowing some attacker to get into your network. What method would be best for finding such flaws?
A. Vulnerability scanning
B. Manual penetration testing
C. Automated penetration testing
D. Code review
Victor wants to use Wireless Zero Configuration (WZC) to establish a wireless network connection using his computer running on Windows XP operating system. Which of the following are the most likely threats to his computer? Each correct answer represents a complete solution. Choose two.
A. Information of probing for networks can be viewed using a wireless analyzer and may be used to gain access.
B. Attacker can use the Ping Flood DoS attack if WZC is used.
C. Attacker by creating a fake wireless network with high power antenna cause Victor's computer to associate with his network to gain access.
D. It will not allow the configuration of encryption and MAC filtering. Sending information is not secure on wireless network.
Which of the following Linux rootkits allows attackers to hide files, processes, and network connections?
Each correct answer represents a complete solution. Choose all that apply.
A. Phalanx2
B. Adore
C. Knark
D. Beastkit
Which of the following password cracking attacks is implemented by calculating all the possible hashes for a set of characters?
A. Rainbow attack
B. Brute force attack
C. SQL injection attack
D. Dictionary attack
Which of the following malicious codes is used by a hacker to get control over the system files of a victim?
A. Worm
B. Multipartite virus
C. Macro virus
D. Trojan
Maria works as the Chief Security Officer for PassGuide Inc. She wants to send secret messages to the CEO of the company. To secure these messages, she uses a technique of hiding a secret message within an ordinary message. The technique provides 'security through obscurity'. What technique is Maria using?
A. Encryption
B. Steganography
C. RSA algorithm
D. Public-key cryptography
Which of the following attacks is a man-in-the-middle exploit where a third party can gain HTTPS cookie data?
A. Cookie poisoning
B. CookieMonster attack
C. Cross site scripting attack
D. Smart Force Attack
Which of the following components are usually found in an Intrusion detection system (IDS)?
Each correct answer represents a complete solution. Choose two.
A. Modem
B. Console
C. Sensor
D. Gateway
E. Firewall
Which of the following honeypots is a low-interaction honeypot and is used by companies or corporations for capturing limited information about malicious hackers?
A. Production honeypot
B. Research honeypot
C. Honeynet
D. Honeyfarm