[Free] 2018(Jan) EnsurePass Testking ECCouncil ECSS Dumps with VCE and PDF 161-170

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released ECSS
100% Free Download! 100% Pass Guaranteed!

EC-Council Certified Security Specialist

Question No: 161 – (Topic 2)

Alice wants to prove her identity to Bob. Bob requests her password as proof of identity, which Alice dutifully provides (possibly after some transformation like a hash function); meanwhile, Eve is eavesdropping the conversation and keeps the password. After the interchange is over, Eve connects to Bob posing as Alice; when asked for a proof of

identity, Eve sends Alice#39;s password read from the last session, which Bob accepts. Which of the following attacks is being used by Eve?

  1. Firewalking

  2. Replay

  3. Session fixation

  4. Cross site scripting

Answer: B

Question No: 162 – (Topic 2)

According to the Sophos Security Threat Report 2009, which country amongst the following tops in producing spam (unwanted e-mails)?

  1. Russia

  2. United States

  3. China

  4. Turkey

Answer: B

Question No: 163 – (Topic 2)

Which of the following viruses/worms uses the buffer overflow attack?

  1. Nimda virus

  2. Code red worm

  3. Chernobyl (CIH) virus

  4. Klez worm

Answer: B

Question No: 164 – (Topic 2)

Which of the following proxy servers is placed anonymously between the client and remote server and handles all of the traffic from the client?

  1. Web proxy server

  2. Caching proxy server

  3. Open proxy server

  4. Forced proxy server

Answer: D

Question No: 165 – (Topic 2)

John works as a professional Ethical Hacker for SecureEnet Inc. The company has a Windowsbased network. All client computers run on Windows XP. A project has been assigned to John to investigate about the open ports responsible for various malicious attacks on the network. John wants to use the DOS command-line utility to find out the open ports. Which of the following DOS commands will John use to accomplish the task?

  1. nslookup

  2. tracert and pathping

  3. netstat

  4. nbtstat

Answer: C

Question No: 166 – (Topic 2)

Which of the following attacks is used by attackers to access a company#39;s internal network through its remote access system?

  1. Trojan horse

  2. Land attack

  3. War dialer

  4. Denial-of-Service (DoS) attack

Answer: C

Question No: 167 – (Topic 2)

Which of the following Trojans is used by attackers to modify the Web browser settings?

  1. WMA/TrojanDownloader.GetCodec

  2. Win32/FlyStudio

  3. Trojan.Lodear

  4. Win32/Pacex.Gen

Answer: B

Question No: 168 – (Topic 2)

Which of the following user authentications are supported by the SSH-1 protocol but not by the SSH-2 protocol?

Each correct answer represents a complete solution. Choose all that apply.

  1. TIS authentication

  2. Password-based authentication

  3. Kerberos authentication

  4. Rhosts (rsh-style) authentication

Answer: A,C,D

Question No: 169 – (Topic 2)

Which of the following attacks is a man-in-the-middle exploit where a third party can gain HTTPS cookie data?

  1. Cookie poisoning

  2. CookieMonster attack

  3. Cross site scripting attack

  4. Smart Force Attack

Answer: B

Question No: 170 – (Topic 2)

Which of the following is an example of a low-interaction production honeypot that is developed and sold by the Swiss company Netsec?

  1. Specter

  2. KFSensor

  3. Honeyd

  4. ManTrap

Answer: A

100% Ensurepass Free Download!
Download Free Demo:ECSS Demo PDF
100% Ensurepass Free Guaranteed!
ECSS Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No