EC-Council Certified Security Specialist
Question No: 141 – (Topic 2)
You are the Administrator for a corporate network. You are concerned about denial of service attacks. Which of the following measures would be most helpful in defending against a Denial-of- Service (DoS) attack?
Implement network based antivirus.
Place a honey pot in the DMZ.
Implement a strong password policy.
Shorten the timeout for connection attempts.
Question No: 142 – (Topic 2)
Which method would provide the highest level of protection for all data transmitted on the internal network only?
(Click the Exhibit button on the toolbar to see the case study.)
IPSec tunnel mode
IPSec transport mode
Question No: 143 – (Topic 2)
Fill in the blank with the appropriate name of the attack.
takes best advantage of an existing authenticated connection
A. session hijacking
Question No: 144 – (Topic 2)
Which of the following U.S. Federal laws addresses computer crime activities in communication lines, stations, or systems?
A. 18 U.S.C. 2510
B. 18 U.S.C. 1362
C. 18 U.S.C. 1030
D. 18 U.S.C. 2701
E. 18 U.S.C. 1029
Question No: 145 – (Topic 2)
John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He observes that the We-are-secure server is vulnerable to a special type of DoS attack and he makes the following suggestions to the security authority to protect the server from this DoS attack. The countermeasures against this type of DoS attack are as follows:
l Disabling IP-directed broadcasts at the We-are-secure router
l Configuring local computers so as not to respond to such ICMP packets that are configured to be sent to IP broadcast addresses
Which of the following DoS attacks has John discovered as a vulnerability for the We-are- secure security network?
Question No: 146 – (Topic 2)
Mark works as a Network Security Administrator for BlueWells Inc. The company has a Windowsbased network. Mark is giving a presentation on Network security threats to the newly recruited employees of the company. His presentation is about the External threats that the company recently faced in the past. Which of the following statements are true about external threats?
Each correct answer represents a complete solution. Choose three.
These are the threats that originate from within the organization.
These are the threats intended to flood a network with large volumes of access requests.
These threats can be countered by implementing security controls on the perimeters of the network, such as firewalls, which limit user access to the Internet.
These are the threats that originate from outside an organization in which the attacker attempts to gain unauthorized access.
Question No: 147 – (Topic 2)
In which of the following access control models can a user not grant permissions to other users to see a copy of an object marked as secret that he has received, unless they have the appropriate permissions?
Role Based Access Control (RBAC)
Mandatory Access Control (MAC)
Access Control List (ACL)
Discretionary Access Control (DAC)
Question No: 148 – (Topic 2)
Victor is a novice Ethical Hacker. He is learning the hacking process, i.e., the steps taken by malicious hackers to perform hacking. Which of the following steps is NOT included in the hacking process?
Question No: 149 – (Topic 2)
You are a professional Computer Hacking forensic investigator. You have been called to collect the evidences of Buffer Overflows or Cookie snooping attack. Which of the following logs will you review to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.
Web server logs
Question No: 150 – (Topic 2)
Rick, the Network Administrator of the Fimbry Hardware Inc., wants to design the initial test model for Internet Access. He wants to fulfill the following goals:
路No external traffic should be allowed into the network.
路Administrators should be able to restrict the websites which can be accessed by the internal users.
Which of the following technologies should he use to accomplish the above goals? (Click the Exhibit button on the toolbar to see the case study.)
Network Address Translator (NAT)
Internet Connection Sharing (ICS)
Routing and Remote Access Service (RRAS)
100% Ensurepass Free Download!
–Download Free Demo:ECSS Demo PDF
100% Ensurepass Free Guaranteed!
–Download 2017 EnsurePass ECSS Full Exam PDF and VCE
|Lowest Price Guarantee||Yes||No||No|
|Free VCE Simulator||Yes||No||No|