EC-Council - ECSS

QUESTION: 1
Firewalking is a technique that can be used to gather information about a remote network
protected by a firewall. This technique can be used effectively to perform information
gathering attacks. In this technique, an attacker sends a crafted packet with a TTL value that
is set to expire one hop past the firewall. Which of the following are pre-requisites for an
attacker to conduct firewalking?
Each correct answer represents a complete solution. Choose all that apply.

A. ICMP packets leaving the network should be allowed.
B. An attacker should know the IP address of the last known gateway before the firewall.
C. There should be a backdoor installed on the network.
D. An attacker should know the IP address of a host located behind the firewall.

Answer(s): A, B, D

QUESTION: 2
Which of the following security protocols are based on the 802.11i standard?
Each correct answer represents a complete solution. Choose all that apply.

A. WEP
B. WPA2
C. WPA
D. WEP2

Answer(s): B, C
QUESTION: 3
Which of the following OSI layers is responsible for protocol conversion, data
encryption/decryption, and data compression?

A. Transport layer
B. Presentation layer
C. Data-link layer
D. Network layer
Answer(s): B
QUESTION: 4
You are responsible for security at a company that uses a lot of Web applications. You are
most concerned about flaws in those applications allowing some attacker to get into your
network. What method would be best for finding such flaws?

A. Vulnerability scanning
B. Manual penetration testing
C. Automated penetration testing
D. Code review

Answer(s): A

QUESTION: 5
Which of the following representatives of incident response team takes forensic backups of
the systems that are the focus of the incident?

A. Lead investigator

2
https://Xcerts.com