Digital forensics: หลักสูตร EC-Council Security Specialist (ECSS)
A Complete Guide to Pass EC-Council ECSS Exam.
เตรียมสอบหลักสูตรด้านความมั่นคงปลอดภัยระดับพื้นฐาน
ผู้เชี่ยวชาญด้านความปลอดภัยที่ผ่านการรับรองจากสถาบัน EC-Council Certified Security Specialist (ECSS) ช่วยให้นักเรียนได้พัฒนาทักษะของตนเองในสามด้านที่แตกต่างกัน ได้แก่ ความปลอดภัยของข้อมูล ความปลอดภัยของเครือข่าย และนิติคอมพิวเตอร์
ความปลอดภัยของข้อมูลมีบทบาทสำคัญในองค์กรส่วนใหญ่ ความปลอดภัยของข้อมูล การประมวลผลข้อมูล และการสื่อสารได้รับการคุ้มครองจากการรักษาความลับ ความสมบูรณ์ และความพร้อมของข้อมูลและการประมวลผลข้อมูล ในการสื่อสาร ความปลอดภัยของข้อมูลยังครอบคลุมถึงการรับรองความถูกต้องของข้อความที่น่าเชื่อถือ ซึ่งครอบคลุมการระบุถึงการตรวจสอบและการบันทึกการอนุมัติและการอนุญาตข้อมูล การไม่เปลี่ยนแปลงข้อมูล และการไม่ปฏิเสธการสื่อสารหรือข้อมูลที่จัดเก็บ
Why is ECSS Important?
ECSS Brochure
Upon Completion of this Course, you will accomplish following:-
- Key issues plaguing the information security, network security, and computer forensics
- Fundamentals of networks and various components of the OSI and TCP/IP model
- Various types of information security threats and attacks, and their countermeasures
- Identification, authentication, and authorization concepts
- Different types of cryptography ciphers, Public Key Infrastructure (PKI), cryptography attacks, and cryptanalysis tools
- Fundamentals of IDS and IDS evasion techniques
- Data backup techniques and VPN security
- Fundamentals of firewall, techniques for bypassing firewall, and firewall technologies
- such as Bastion Host, DMZ, Proxy Servers, Network Address Translation, Virtual Private
- Network, and Honeypot
- Social engineering techniques, identify theft, and social engineering countermeasures
- Different stages of hacking cycle
- Various network security protocols
- Wireless Encryption, wireless threats, wireless hacking tools, and Wi-Fi security
- Different types of web server and web application attacks, and countermeasures
- Fundamentals of ethical hacking and pen testing
- Incident handling and response process
- Cyber-crime and computer forensics investigation methodology
- Different types of digital evidence and digital evidence examination process
- Different type of file systems and their comparison (based on limit and features)
- Steganography and its techniques
- Different types of log capturing, time synchronization, and log capturing tools
- E-mails tracking and e-mail crimes investigation
- Writing investigation report
- Gathering volatile and non-volatile information from Windows and network
- forensics analysis mechanism
- Computer Forensics Fundamentals : หลักการพื้นฐานด้านนิติคอมพิวเตอร์
- Writing Investigation Report : การจัดทำรายงานการตรวจพิสูจน์หลักฐาน
ประกาศนียบัตรสากล EC-Council Security Specialist (ECSS) Exam Information
Exam Details:
Number of Questions: 50
Passing Score: 70%
Test Duration: 2 Hours
Test Format: Multiple Choice
By getting familiar with the environment and ECSS exam questions repeatedly, you will strengthen your confidence and thus lessen anxiety, thus enhance time management skills, and also identify your weak areas and work upon them. By answering ECSS practice questions, you also acquire skills to deal with different question types and find tactics that work best for you to pass the EC-Council ECSS exam.
ตัวอย่างแบบทดสอบ (EC-Council ECSS Questions )
Which of the following security protocols are based on the 802.11i standard?
a) WEP
b) WPA2
c) WPA
d) WEP2
Answer : B
Which of the following attacks is used to hack simple alphabetical passwords?
a) Man-in-the-middle attack
b) Dictionary-based attack
c) Black hat attack
d) Sniffing
Answer : B
Which of the following tools is John using to crack the wireless encryption keys?
A. AirSnort
B. Kismet
C. PsPasswd
D. Cain
Answer: A
Which of the following types of attacks cannot be prevented by technical measures only?
A. Brute force
B. Ping flood attack
C. Smurf DoS
D. Social engineering
Answer: D
Which of the following OSI layers is responsible for protocol conversion, data encryption/decryption,
and data compression?
A. Transport layer
B. Presentation layer
C. Data-link layer
D. Network layer
Which of the following needs to be documented to preserve evidences for presentation in court?
a) Incident response policy
b) Account lockout policy
c) Separation of duties
d) Chain of custody
Answer : D
Which of the following programs is used to monitor the keystrokes that a user types on a specific computer's keyboard?
a) Keylogger
b) Ettercap
c) THC-Hydra
d) Brutus
Answer : A
Which of the following is used in asymmetric encryption?
a) Public key and user key
b) NTFS
c) Public key and private key
d) SSL
Answer : C
Which of the following is an example of a social engineering attack?
a) Browser Sniffing
b) Phishing
c) Man-in-the-middle attack
d) E-mail bombing
Answer : B
Which of the following is an example of a worm used in the Linux operating system?
a) Ramen
b) Love Bug
c) Melissa
d) Sircam
Answer : A
John works as a Network Security Administrator for NetPerfect Inc. The manager of the company has told John that the company's phone bill has increased drastically. John suspects that the company's phone system has been cracked by a malicious hacker. Which attack is used by malicious hackers to crack the phone system?
a) War dialing
b) Man-in-the-middle attack
c) Sequence++ attack
d) Phreaking
Answer : D
Which of the following are the two types of reconnaissance?
a) Active and passive
b) Preliminary and active
c) Direct and Indirect
d) Active and Invasive
Answer : A
Which of the following is a transport layer circuit-level proxy server?
a) Bastion host
b) UDP proxy
c) SOCKS
d) Forced proxy
Answer : C
What is the major difference between a worm and a Trojan horse?
a) A worm is self replicating, while a Trojan horse is not.
b) A Trojan horse is a malicious program, while a worm is an anti-virus software.
c) A worm spreads via e-mail, while a Trojan horse does not.
d) A worm is a form of malicious program, while a Trojan horse is a utility.
Answer : A
Which of the following DOS commands is used to configure network protocols?
a) netstat
b) netsvc
c) netsh
d) ipconfig
Answer : C
Which of the following password cracking attacks is implemented by calculating all the possible
hashes for a set of characters?
a) Rainbow attack
b) Brute force attack
c) SQL injection attack
d) Dictionary attack
Answer : A
You work as a Network Security Analyzer. You got a suspicious email while working on a forensic
project. Now, you want to know the IP address of the sender so that you can analyze various
information such as the actual location, domain information, operating system being used, contact
information, etc. of the email sender with the help of various tools and resources. You also want to
check whether this email is fake or real. You know that analysis of email headers is a good starting
point in such cases. The email header of the suspicious email is given below:
a) 209.191.91.180
b) 141.1.1.1
c) 172.16.10.90
d) 216.168.54.25
Answer : D
which of the following attacks may she become vulnerable to?
Maria works as a Desktop Technician for PassGuide Inc. She has received an e-mail from the MN
Compensation Office with the following message:
If Maria replies to this mail, which of the following attacks may she become vulnerable to?
Dear Sir/Madam,
My name is Edgar Rena, the director of compensation here at the MN Compensation Office in
Chicago. We receive so many complaints about fraudulent activities that have been taking place in
your region for the past few years. Due to the high volume loss of money, the MN compensation
department has had an agreement with the appropriate authority to compensate each victim with a
sum of USD$500,000.00.
You were selected among the list of people to be paid this sum. To avoid any imperative mood by
intending scammers, your payment has been transmuted into an International bank draft which
can be cashed at any local bank in your country.
Please fill the below details and send it to our secretary for your compensation bank draft.
Full name: ______
Address: ________
Tel: ____________
Fill & Send to:
Dr. Michael Brown
MN Compensation Office, IL
Tel: +1-866-233-8434
Email: micbrown@live.com
Further instructions shall be given to you by our secretary as soon as you contact him. To avoid
losing your compensation, you are requested to pay the sum of $350 for Insurance Premium to
our secretary.
Thanks and God bless.
Rate now:
a) Phishing attack
b) SYN attack
c) CookieMonster attack
d) Mail bombing
Answer : A
Which of the following malicious codes is used by a hacker to get control over the system files of a
victim?
a) Worm
b) Multipartite virus
c) Macro virus
d) Trojan
Answer : D
Victor is a novice Ethical Hacker. He is learning the hacking process, i.e., the steps taken by malicious hackers to perform hacking. Which of the following steps is NOT included in the hacking process?
a) Preparation
b) gaining access
c) Scanning
d) Reconnaissance
Answer : A
Which of the following is true for XSS, SQL injection, and RFI?
a) These are types of Web application vulnerabilities.
b) These are viruses.
c) These are hacking tools.
d) These are Trojans.
Answer : A
Which of the following processes is used by hackers to find information about the target system?
a) Banner grabbing
b) Cracking
c) Covering tracks
d) Foot printing
Answer : D
What does EFI stand for?
a) Extended Firewall Interface
b) Extensible Firewall Interface
c) Extended Firmware Interface
d)Extensible Firmware Interface
Answer : D
Maria works as the Chief Security Officer for Dforensic Inc. She wants to send secret messages to the CEO of the company. To secure these messages, she uses a technique of hiding a secret message within an ordinary message. The technique provides 'security through obscurity'. What technique is Maria using?
a) Steganography
b) Public-key cryptography
c) RSA algorithm
d)Encryption
Answer : A
A________ attack is designed to bring loss of network connectivity and services by consuming
the bandwidth of a user’s network.
a) Dictionary
b) Brute force
c) Man-in-the-middle
d) Denial of Service (DoS)
Answer : D
Which of the following is the name given to expert groups that handle computer security incidents?
a) Computer forensic team
b) Z-Force
c) Software development team
d) CSIRT
Answer : D
Which of the following is used in asymmetric encryption?
a) Public key and private key
b) Public key and user key
c) NTFS
d) SSL
Answer : A
What is the size of Master Boot Record (MBR)?
a) 2 KB
b) 512 bytes
c) 256 bytes
d) 1 KB
Answer : B
EC-Council ECSS Exam Preparation Tips
หลักสูตรที่เกี่ยวข้อง
EC-Council Certified Security Specialist (ECSS คือ)
* หากมีข้อมูลข้อผิดพลาดประการใด ขออภัยมา ณ ที่นี้ด้วย รบกวนแจ้ง Admin เพื่อแก้ไขต่อไป
ขอบคุณครับ
#WindowsForensic #ComputerForensics #dfir #forensics #digitalforensics #computerforensic #investigation #cybercrime #fraud
.png "EC-Council Security Specialist (ECSS)")
%20map.png "EC-Council Security Specialist (ECSS) PATH")
