ECSS Online Practice Questions and Answers

Which of the following representatives of incident response team takes forensic backups of the systems that are the focus of the incident?

A. Lead investigator

B. Information security representative

C. Technical representative

D. Legal representative

You work as a Network Administrator for Tech Perfect Inc. The company requires a secure wireless

network. To provide security, you are configuring ISA Server 2006 as a firewall. While configuring

ISA Server 2006, which of the following is NOT necessary?

A. Defining how ISA Server would cache Web contents

B. Defining ISA Server network configuration

C. Setting up of monitoring on ISA Server

D. Configuration of VPN access

Which of the following can be used to perform session hijacking?

Each correct answer represents a complete solution. Choose all that apply.

A. ARP spoofing

B. Cross-site scripting

C. Session fixation

D. Session sidejacking

Which of the following programs is used for bypassing normal authentication for securing remote access to a computer?

A. Worm

B. Adware

C. Backdoor

D. Spyware

What are the two common parts of a Remote Access Trojan (RAT)?

A. A client component and a server component

B. The outbound port and the inbound port

C. The ARP cache and the CAM table

D. The payload and the wrapper

An Anti-Virus software is used to prevent, detect, and remove malware from a system, including computer viruses, worms, and Trojan horses. Which of the following companies are the providers of Anti-virus softwares?

Each correct answer represents a complete solution. Choose all that apply.

A. Kaspersky Lab

B. Symantec Corporation

C. AVG Technologies

D. McAfee Inc.

E. F-Secure Corporation

Which of the following laws was formed by the legislative branch of the United States government?

A. Business law

B. Statutory law

C. Study law

D. Administrative law

Which of the following protocols is used the most by web servers?

A. COM

B. FTP

C. HTTP

D. ORG

Which of the following U.S. Federal laws addresses computer crime activities in communication lines, stations, or systems?

A. 18 U.S.C. 2510

B. 18 U.S.C. 1362

C. 18 U.S.C. 1030

D. 18 U.S.C. 2701

E. 18 U.S.C. 1029

Which of the following tools automates the password guessing in NetBIOS sessions and can also be used to perform a manual dictionary attack?

A. KerbCrack

B. Legion

C. THC Hydra

D. Pwdump