← Back to exam page

ECSS EC-Council Certified Security Specialist

Loading demo links...

Showing 1–3 of 15 questions

Question 1 (Volume B)

Which of the following statements are true about firewalking?

Each correct answer represents a complete solution. Choose all that apply.

Select all that apply, then click Submit answer.

  • Firewalking works on the UDP packets.

  • A malicious attacker can use firewalking to determine the types of ports/protocols that can bypass the firewall.

  • To use firewalking, the attacker needs the IP address of the last known gateway before the firewall and the IP address of a host located behind the firewall.

  • In this technique, an attacker sends a crafted packet with a TTL value that is set to expire one hop past the firewall.


Question 2 (Volume A)

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He has successfully completed the following steps of the preattack phase:

·Information gathering

·Determining network range

·Identifying active machines

·Finding open ports and applications

·OS fingerprinting

·Fingerprinting services

Now John wants to perform network mapping of the We-are-secure network. Which of the following tools can he use to accomplish his task?

Each correct answer represents a complete solution. Choose all that apply.

Select all that apply, then click Submit answer.

  • Traceroute

  • NeoTrace

  • Cheops

  • Ettercap


Question 3 (Volume C)

You have been assigned the job of configuring wireless networks for a large company. The security of these networks is of great importance. One of the tools that you can use for applying security is Wireless Transport Layer Security (WTLS). What are the goals of using this tool?

Each correct answer represents a complete solution. Choose all that apply.

Select all that apply, then click Submit answer.

  • To provide authentication between the two end points

  • To provide data integrity

  • To provide privacy for the two end users

  • To provide data availability