Eccouncil ECSS EC-Council Certified Security Specialist (ECSSv10) Exam Exam Practice Test Questions

• Question 1

  In which of the following access control models can a user not grant permissions to other users to see a copy of an object marked as secret that he has received, unless they have the appropriate permissions?

  • Role Based Access Control (RBAC)
  • Mandatory Access Control (MAC)
  • Access Control List (ACL)
  • Discretionary Access Control (DAC)

  Show Answer Answer: B Next

• Question 2

  RRD Job World wants to upgrade its network. The company decides to implement a TCP/IP-based network. According to the case study, RRD Job World is concerned about security. Which of the following methods should the on-site employees use to communicate securely with the headquarters?(Click the Exhibit button on the toolbar to see the case study.)

  • Basic (Clear Text) authentication using SSL
  • DNS security and group policies
  • L2TP over IPSec
  • Windows NT Challenge/Response (NTLM) authentication

  Show Answer Answer: A Next

• Question 3

  Which of the following two cryptography methods are used by NTFS Encrypting File System (EFS) to encrypt the data stored on a disk on a file-by-file basis?

  • Twofish
  • Digital certificates
  • Public key
  • RSA

  Show Answer Answer: B,C Next

• Question 4

  Which of the following attacks CANNOT be detected by an Intrusion Detection System (IDS)? Each correct answer represents a complete solution. Choose all that apply.

  • Denial-of-Service (DoS) attack
  • E-mail spoofing
  • Port scan attack
  • Shoulder surfing

  Show Answer Answer: B,D Next

• Question 5

  What does EFI stand for?

  • Extensible Firmware Interface
  • Extended Firewall Interface
  • Extensible Firewall Interface
  • Extended Firmware Interface

  Show Answer Answer: A Next