Free 312-38 Braindumps Download Updated on Apr 24, 2024 with 232 Questions [Q104-Q128]

Share

Free 312-38 Braindumps Download Updated on Apr 24, 2024 with 232 Questions

EC-COUNCIL 312-38 Exam Practice Test Questions


EC-COUNCIL 312-38 certification exam is a valuable credential for those who are interested in pursuing a career in network security. EC-Council Certified Network Defender CND certification demonstrates to employers that the candidate has a deep understanding of network security and is capable of defending against common network attacks. The EC-COUNCIL 312-38 certification exam is also a valuable credential for those who are interested in pursuing further certifications in network security, such as the Certified Ethical Hacker (CEH) or Certified Network Security Professional (CNSP) certifications.

 

NEW QUESTION # 104
Which of the following attacks is a class of brute force attacks that depends on the higher likelihood of collisions found between random attack attempts and a fixed degree of permutations?

  • A. Dictionary attack
  • B. Birthday attack
  • C. Phishing attack
  • D. Replay attack

Answer: B

Explanation:
A birthday attack is a class of brute force attacks that exploits the mathematics behind the birthday problem in probability theory. It is a type of cryptography attack. The birthday attack depends on the higher likelihood of collisions found between random attack attempts and a fixed degree of permutations.
Answer option D is incorrect. A dictionary attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching likely possibilities. A dictionary attack uses a brute-force technique of successively trying all the words in an exhaustive list (from a pre- arranged list of values). In contrast with a normal brute force attack, where a large proportion key space is searched systematically, a dictionary attack tries only those possibilities which are most likely to succeed, typically derived from a list of words in a dictionary. Generally, dictionary attacks succeed because many people have a tendency to choose passwords which are short (7 characters or fewer), single words found in dictionaries, or simple, easily-predicted variations on words, such as appending a digit.
Answer option A is incorrect. Phishing is a type of internet fraud attempted by hackers. Hackers try to log into system by masquerading as a trustworthy entity and acquire sensitive information, such as, username, password, bank account details, credit card details, etc. After collecting this information, hackers try to use this information for their gain.
Answer option B is incorrect. A replay attack is a form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it, possibly as part of a masquerade attack by IP packet substitution.


NEW QUESTION # 105
Which of the following provide an "always on" Internet access service when connecting to an ISP? Each correct answer represents a complete solution. (Choose two.)

  • A. Analog modem
  • B. Digital modem
  • C. DSL
  • D. Cable modem

Answer: C,D

Explanation:
DSL and Cable modems are used in remote-access WAN technology for connecting to the Internet. Both provide an "always on" Internet access service.
Answer options C and A are incorrect. Analog and Digital modems are not always in 'ON' mode when connecting to an ISP. Analog modems transmit analog voice signals, while Digital modems transmit digital signals over a link.


NEW QUESTION # 106
Peter, a malicious hacker, obtains e-mail addresses by harvesting them from postings, blogs, DNS listings, and Web pages. He then sends a large number of unsolicited commercial e-mail (UCE) messages to these addresses. Which of the following e-mail crimes is Peter committing?

  • A. E-mail spam
  • B. E-mail storm
  • C. E-mail spoofing
  • D. E-mail bombing

Answer: A

Explanation:
Peter is performing spamming activity. Spam is a term that refers to the unsolicited e-mails sent to a large number of e-mail users. The number of such e-mails is increasing day by day, as most companies now prefer to use e-mails for promoting their products. Because of these unsolicited e-mails, legitimate e-mails take a much longer time to deliver to their destination. The attachments sent through spam may also contain viruses.
However, spam can be stopped by implementing spam filters on servers and e-mail clients.
Answer option C is incorrect. Mail bombing is an attack that is used to overwhelm mail servers and clients by sending a large number of unwanted e-mails. The aim of this type of attack is to completely fill the recipient's hard disk with immense, useless files, causing at best irritation, and at worst total computer failure. E-mail filtering and properly configuring email relay functionality on mail servers can be helpful for protection against this type of attack.
Answer option B is incorrect. An e-mail storm is a sudden spike of Reply All messages on an e-mail distribution list, usually caused by a controversial or misdirected message. Such storms start when multiple members of the distribution list reply to the entire list at the same time in response to an instigating message. Other members soon respond, usually adding vitriol to the discussion, asking to be removed from the list, or pleading for the cessation of messages. If enough members reply to these unwanted messages, this triggers a chain reaction of e-mail messages. The sheer load of traffic generated by these storms can render the e-mail servers carrying them inoperative, similar to a DDoS attack.
Some e-mail viruses also have the capacity to create e-mail storms, by sending copies of themselves to an infected user's contacts, including distribution lists, infecting the contacts in turn.
Answer option D is incorrect. E-mail spoofing is a term used to describe e-mail activity in which the sender address and other parts of the e-mail header are altered to appear as though the e-mail originated from a different source. E-mail spoofing is a technique commonly used for spam e-mail and phishing to hide the origin of an e-mail message. By changing certain properties of the e-mail, such as the From, Return-Path, and Reply- To fields (which can be found in the message header), ill-intentioned users can make the e-mail appear to be from someone other than the actual sender. The result is that, although the e-mail appears to come from the address indicated in the From field, it actually comes from another source.


NEW QUESTION # 107
Fill in the blank with the appropriate term. A______________________ network is a local area network (LAN) in which all computers are connected in a ring or star topology and a bit- or token- passing scheme is used for preventing the collision of data between two computers that want to send messages at the same time.

Answer:

Explanation:
Token Ring


NEW QUESTION # 108
Which of the following ranges of addresses can be used in the first octet of a Class B network address?

  • A. 192-223
  • B. 128-191
  • C. 0-127
  • D. 224-255

Answer: B


NEW QUESTION # 109
Which of the following OSI layers formats and encrypts data to be sent across the network?

  • A. Network layer
  • B. Physical layer
  • C. Transport layer
  • D. Presentation layer

Answer: D


NEW QUESTION # 110
Which of the following IEEE standards operates at 2.4 GHz bandwidth and transfers data at a rate of 54 Mbps?

  • A. 802.11r
  • B. 802.11n
  • C. 802.11g
  • D. 802.11a

Answer: C


NEW QUESTION # 111
Which of the following is a software tool used in passive attacks for capturing network traffic?

  • A. Warchalking
  • B. Intrusion detection system
  • C. Intrusion prevention system
  • D. Sniffer

Answer: D

Explanation:
A sniffer is a software tool that is used to capture any network traffic. Since a sniffer changes the NIC of the
LAN card into promiscuous mode, the NIC begins to record incoming and outgoing data traffic across the
network. A sniffer attack is a passive attack because the attacker does not directly connect with the target host.
This attack is most often used to grab logins and passwords from network traffic. Tools such as Ethereal,
Snort, Windump, EtherPeek, Dsniff are some good examples of sniffers. These tools provide many facilities to
users such as graphical user interface, traffic statistics graph, multiple sessions tracking, etc.
Answer option A is incorrect. An intrusion prevention system (IPS) is a network security device that monitors
network and/or system activities for malicious or unwanted behavior and can react, in real-time, to block or
prevent those activities. When an attack is detected, it can drop the offending packets while still allowing all
other traffic to pass.
Answer option B is incorrect. An IDS (Intrusion Detection System) is a device or software application that
monitors network and/or system activities for malicious activities or policy violations and produces reports to a
Management Station. Intrusion prevention is the process of performing intrusion detection and attempting to
stop detected possible incidents. Intrusion detection and prevention systems (IDPS) are primarily focused on
identifying possible incidents, logging information about them, attempting to stop them, and reporting them to
security administrators.
Answer option C is incorrect. Warchalking is the drawing of symbols in public places to advertise an open Wi-Fi
wireless network. Having found a Wi-Fi node, the warchalker draws a special symbol on a nearby object, such
as a wall, the pavement, or a lamp post. The name warchalking is derived from the cracker terms war dialing
and war driving.


NEW QUESTION # 112
Which of the following cables is made of glass or plastic and transmits signals in the form of light?

  • A. Coaxial cable
  • B. Plenum cable
  • C. Twisted pair cable
  • D. Fiber optic cable

Answer: D


NEW QUESTION # 113
Which of the following is an open source implementation of the syslog protocol for Unix?

  • A. syslog-os
  • B. syslog-ng
  • C. Unix-syslog
  • D. syslog Unix

Answer: B


NEW QUESTION # 114
Which of the following layers performs routing of IP datagrams?

  • A. Transport layer
  • B. Link layer
  • C. Application layer
  • D. Internet layer

Answer: D

Explanation:
Explanation


NEW QUESTION # 115
Which of the following representatives in the incident response process are included in the incident response team? Each correct answer represents a complete solution. Choose all that apply.

  • A. Sales representative
  • B. Technical representative
  • C. Information security representative
  • D. Lead investigator
  • E. Legal representative
  • F. Human resources

Answer: B,C,D,E,F

Explanation:
Incident response is a process that detects a problem, determines the cause of an issue, minimizes the damages, resolves the problem, and documents each step of process for future reference. To perform all these roles, an incident response team is needed. The incident response team includes the following representatives who are involved in the incident response process: Lead investigator: The lead investigator is the manager of an incident response team. He is always involved in the creation of an incident response plan. The duties of a lead investigator are as follows:Keep the management updated.Ensure that the incident response moves smoothly and efficiently.Interview and interrogate the suspects and witnesses. Information security representative: The information security representative is a member of the incident response team who alerts the team about possible security safeguards that can impact their ability to respond to an incident. Legal representative: The legal representative is a member of the incident response team who ensures that the process follows all the laws during the response to an incident. Technical representative: Technical representative is a representative of the incident response team. More than one technician can be deployed to an incident. The duties of a technical representative are as follows:Perform forensic backups of the systems that are involved in an incident. Provide more information about the configuration of the network or system. Human resources: Human resources personnel ensure that the policies of the organization are enforced during the incident response process. They suspend access to a suspect if it is needed. Human resources personnel are closely related with the legal representatives and cover up the organization's legal responsibility.


NEW QUESTION # 116
Identify the minimum number of drives required to setup RAID level 5.

  • A. 0
  • B. 1
  • C. Multiple
  • D. 2

Answer: D


NEW QUESTION # 117
FILL BLANK
Fill in the blank with the appropriate term. ______________ is an open wireless technology standard for
exchanging data over short distances from fixed and mobile devices.

Answer:

Explanation:
Bluetooth
Explanation:
Bluetooth is an open wireless technology standard for exchanging data over short distances from fixed and
mobile devices,
creating personal area networks with high levels of security. Created by telecoms vendor Ericsson in 1994, it
was originally conceived as a wireless alternative to RS-232 data cables. It can connect several devices,
overcoming problems of synchronization. Today Bluetooth is managed by the Bluetooth Special Interest Group.


NEW QUESTION # 118
Which of the following network devices operate at the network layer of the OSI model? Each correct answer represents a complete solution. Choose all that apply.

  • A. Gateway
  • B. Bridge
  • C. Router
  • D. Repeater

Answer: A,C


NEW QUESTION # 119
Which of the following attacks combines dictionary and brute force attacks?

  • A. Man-in-the-middle attack
  • B. Phishing attack
  • C. Replay attack
  • D. Hybrid attack

Answer: D


NEW QUESTION # 120
Which of the following IEEE standards defines the token passing ring topology?

  • A. 802.3
  • B. 802.5
  • C. 802.4
  • D. 802.7

Answer: B


NEW QUESTION # 121
How is the chip-level security of an loT device achieved?

  • A. Closing insecure network services
  • B. Changing the password of the router
  • C. Encrypting JTAC interface
  • D. Keeping the device on a that network

Answer: C


NEW QUESTION # 122
Which of the following is the primary international body for fostering cooperative standards for telecommunications equipment and systems?

  • A. IEEE
  • B. NIST
  • C. ICANN
  • D. CCITT

Answer: D

Explanation:
CCITT is the primary international body for fostering cooperative standards for telecommunications equipment and systems. It is now known as the ITU-T (for Telecommunication Standardization Sector of the International Telecommunications Union). The ITU-T mission is to ensure the efficient and timely production of standards covering all fields of telecommunications on a worldwide basis, as well as defining tariff and accounting principles for international telecommunication services.
Answer option A is incorrect. Internet Corporation for Assigned Names and Numbers (ICANN) is a non-profit organization that oversees the allocation of IP addresses, management of the DNS infrastructure, protocol parameter assignment, and root server system management.
Answer option B is incorrect. The Institute of Electrical and Electronic Engineers (IEEE) is a society of technical professionals. It promotes the development and application of electro-technology and allied sciences. IEEE develops communications and network standards, among other activities. The organization publishes number of journals, has many local chapters, and societies in specialized areas.
Answer option C is incorrect. The National Institute of Standards and Technology (NIST), known between 1901 and 1988 as the National Bureau of Standards (NBS), is a measurement standards laboratory which is a non- regulatory agency of the United States Department of Commerce. The institute's official mission is as follows:
To promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve quality of life.
NIST had an operating budget for fiscal year 2007 (October 1, 2006-September 30, 2007) of about $843.3 million. NIST's 2009 budget was $992 million, but it also received $610 million as part of the American Recovery and Reinvestment Act. NIST employs about 2,900 scientists, engineers, technicians, and support and administrative personnel. About 1,800 NIST associates (guest researchers and engineers from American companies and foreign nations) complement the staff. In addition, NIST partners with 1,400 manufacturing specialists and staff at nearly 350 affiliated centers around the country.


NEW QUESTION # 123
Which filter to locate unusual ICMP request an Analyst can use in order to detect a ICMP probes from the attacker to a target OS looking for the response to perform ICMP based fingerprinting?

  • A. (icmp.type==8 && ((!(icmp.code==8))
  • B. (icmp.type==14) | | (icmp.type==15| |(icmp.type==17)
  • C. (icmp.type==9 && ((!(icmp.code==9))
  • D. (icmp.type==12) | | (icmp.type==15| |(icmp.type==17)

Answer: A


NEW QUESTION # 124
Fill in the blank with the appropriate term. ______________is a protocol used to synchronize the timekeeping among the number of distributed time servers and clients.

Answer:

Explanation:
NTP


NEW QUESTION # 125
Which technique is used in RAID level 0 where the data is split into blocks and written evenly across multiple disks?

  • A. Disk stripping
  • B. Disk partition
  • C. Disk mirroring
  • D. Data splitting

Answer: A


NEW QUESTION # 126
Who offers formal experienced testimony in court?

  • A. Expert witness
  • B. Evidence documenter
  • C. Attorney
  • D. Incident analyzer

Answer: A


NEW QUESTION # 127
Which of the following filters can be used to detect UDP scan attempts using Wireshark?

  • A. icmp.type==13
  • B. icmp.type==3 and icmp.code==3
  • C. icmp.type==8 or icmp.type==0
  • D. icmp.type==15

Answer: B


NEW QUESTION # 128
......

Updated Verified 312-38 dumps Q&As - Pass Guarantee or Full Refund: https://www.actualtests4sure.com/312-38-test-questions.html

Updated Certification Exam 312-38 Dumps - Practice Test Questions: https://drive.google.com/open?id=1kiX3sF6Gp8YV1PckE3mjwXkkq-WGJtoK