ECSS EC-Council Certified Security Specialist - Practice Questions

Question 4 (Volume C)

You are a professional Computer Hacking forensic investigator. You have been called to collect the evidences of Buffer Overflows or Cookie snooping attack. Which of the following logs will you review to accomplish the task?

Each correct answer represents a complete solution. Choose all that apply.

Select all that apply, then click Submit answer.

○
Web server logs
○
Event logs
○
System logs
○
Program logs

Question 5 (Volume B)

You are a professional Computer Hacking forensic investigator. You have been called to collect the evidences of Buffer Overflows or Cookie snooping attack. Which of the following logs will you review to accomplish the task?

Each correct answer represents a complete solution. Choose all that apply.

Select all that apply, then click Submit answer.

○
Web server logs
○
Event logs
○
Program logs
○
System logs

Question 6 (Volume B)

Adam works as a Security Analyst for Umbrella Inc. He is retrieving large amount of log data from syslog servers and network devices such as Router and switches. He is facing difficulty in analyzing the logs that he has retrieved. To solve this problem, Adam decides to use software called Sawmill. Which of the following statements are true about Sawmill?

Each correct answer represents a complete solution. Choose all that apply.

Select all that apply, then click Submit answer.

○
It is used to analyze any device or software package, which produces a log file such as Web servers, network devices (switches & routers etc.), syslog servers etc.
○
It incorporates real-time reporting and real-time alerting.
○
It comes only as a software package for user deployment.
○
It is a software package for the statistical analysis and reporting of log files.

ECSS – EC-Council Certified Security Specialist