Latest 312-38 Exam Dumps EC-COUNCIL Exam from Training Expert Free4Dump
Pass EC-COUNCIL EC-Council Certified Network Defender CND PDF Dumps | Recently Updated 171 Questions
NEW QUESTION # 36
CORRECT TEXT
Fill in the blank with the appropriate word. The ____________________risk analysis process analyzes the effect of a risk event deriving a numerical value.
Answer:
Explanation:
quantitative
Explanation:
Quantitative risk analysis is a process to assess the probability of achieving particular project objectives, to quantify the effect of risks on the whole project objective, and to prioritize the risks based on the impact to the overall project risk. The quantitative risk analysis process analyzes the effect of a risk event deriving a numerical value. It also presents a quantitative approach to build decisions in the presence of uncertainty. The inputs for quantitative risk analysis are as follows: Organizational process assets Project scope statement Risk management plan Risk register Project management plan
NEW QUESTION # 37
Which of the following is a mechanism that helps to ensure that only the intended and authorized recipients are able to read the data?
- A. none
- B. authentication
- C. access to information
- D. confidence
- E. integrity
Answer: D
NEW QUESTION # 38
Which of the following help in estimating and totaling up the equivalent money value of the benefits and costs to the community of projects for establishing whether they are worthwhile?
Each correct answer represents a complete solution. Choose all that apply.
- A. Benefit-Cost Analysis
- B. Cost-benefit analysis
- C. Disaster recovery
- D. Business Continuity Planning
Answer: A,B
Explanation:
Cost-benefit analysis is a process by which business decisions are analyzed. It is used to estimate and total up the equivalent money value of the benefits and costs to the community of projects for establishing whether they are worthwhile. It is a term that refers both to: helping to appraise, or assess, the case for a project, program, or policy proposal; an approach to making economic decisions of any kind. Under both definitions, the process involves, whether explicitly or implicitly, weighing the total expected costs against the total expected benefits of one or more actions in order to choose the best or most profitable option. The formal process is often referred to as either CBA (Cost-Benefit Analysis) or BCA (Benefit-Cost Analysis). Answer option A is incorrect. Business Continuity Planning (BCP) is the creation and validation of a practiced logistical plan that defines how an organization will recover and restore partially or completely interrupted critical (urgent) functions within a predetermined time after a disaster or extended disruption. The logistical plan is called a Business Continuity Plan. Answer option C is incorrect. Disaster recovery is the process, policies, and procedures related to preparing for recovery or continuation of technology infrastructure critical to an organization after a natural or human-induced disaster. Disaster recovery planning is a subset of a larger process known as business continuity planning and should include planning for resumption of applications, data, hardware, communications (such as networking) and other IT infrastructure. A business continuity plan (BCP) includes planning for non-IT related aspects such as key personnel, facilities, crisis communication and reputation protection, and should refer to the disaster recovery plan (DRP) for IT related infrastructure recovery / continuity.
NEW QUESTION # 39
Which of the following layers of the OSI model provides end-to-end connections and reliability?
- A. Session layer
- B. Network layer
- C. Transport layer
- D. Physical layer
Answer: C
NEW QUESTION # 40
What is the range for private ports?
- A. 0 through 1023
- B. 49152 through 65535
- C. 1024 through 49151
- D. Above 65535
Answer: B
NEW QUESTION # 41
Which of the following protocols is used for inter-domain multicast routing?
- A. VoIP
- B. RADIUS
- C. RPC
- D. BGP
Answer: D
NEW QUESTION # 42
Fill in the blank with the appropriate term.
______________ is a prime example of a high-interaction honeypot.
Answer:
Explanation:
Honeynet
NEW QUESTION # 43
Which of the following is a telecommunication service designed for cost-efficient data transmission for intermittent traffic between local area networks (LANs) and between end-points in a wide area network (WAN)?
- A. ISDN
- B. X.25
- C. PPP
- D. Frame relay
- E. None
Answer: D
Explanation:
Frame relay is a telecommunication service designed for cost-efficient data transmission for intermittent traffic between local area networks (LANs) and between end-points in a wide area network (WAN). Frame relay puts data in a variable-size unit called a frame. It checks for lesser errors as compared to other traditional forms of packet switching and hence speeds up data transmission. When an error is detected in a frame, it is simply dropped. The end points are responsible for detecting and retransmitting dropped frames.
Answer option C is incorrect. Integrated Services Digital Network (ISDN) is a digital telephone/ telecommunication network that carries voice, data, and video over an existing telephone network infrastructure. It requires an ISDN modem at both the ends of a transmission. ISDN is designed to provide a single interface for hooking up a telephone, fax machine, computer, etc. ISDN has two levels of service, i.e., Basic Rate Interface (BRI) and Primary Rate Interface (PRI).
Answer option A is incorrect. The Point-to-Point Protocol, or PPP, is a data link protocol commonly used to establish a direct connection between two networking nodes. It can provide connection authentication, transmission encryption privacy, and compression. PPP is commonly used as a data link layer protocol for connection over synchronous and asynchronous circuits, where it has largely superseded the older, non- standard Serial Line Internet Protocol (SLIP) and telephone company mandated standards (such as Link Access Protocol, Balanced (LAPB) in the X.25 protocol suite). PPP was designed to work with numerous network layer protocols, including Internet Protocol (IP), Novell's Internetwork Packet Exchange (IPX), NBF, and AppleTalk.
Answer option D is incorrect. The X.25 protocol, adopted as a standard by the Consultative Committee for International Telegraph and Telephone (CCITT), is a commonly-used network protocol. The X.25 protocol allows computers on different public networks (such as CompuServe, Tymnet, or a TCP/IP network) to communicate through an intermediary computer at the network layer level. X.25's protocols correspond closely to the data-link and physical-layer protocols defined in the Open Systems Interconnection (OSI) communication model.
NEW QUESTION # 44
You work as a professional Computer Hacking Forensic Investigator for DataEnet Inc. You want to investigate e-mail information of an employee of the company. The suspected employee is using an online e-mail system such as Hotmail or Yahoo. Which of the following folders on the local computer will you review to accomplish the task? Each correct answer represents a complete solution. Choose all that apply.
- A. History folder
- B. Cookies folder
- C. Temporary Internet Folder
- D. Download folder
Answer: A,B,C
Explanation:
Online e-mail systems such as Hotmail and Yahoo leave files containing e-mail message information on the local computer. These files are stored in a number of folders, which are as follows:
Cookies folder
Temp folder
History folder
Cache folder
Temporary Internet Folder Forensic tools can recover these folders for the respective e-mail clients. When folders are retrieved, e-mail files can be accessed. If the data is not readable, various tools are available to decrypt the information such as a cookie reader used with cookies.
Answer option D is incorrect. Download folder does not contain any e-mail message information.
NEW QUESTION # 45
Which of the following steps will NOT make a server fault tolerant? Each correct answer represents a complete solution. Choose two.
- A. Implementing cluster servers facility
- B. Adding a second power supply unit
- C. Performing regular backup of the server
- D. Encrypting confidential data stored on the server
- E. Adding one more same sized disk as mirror on the server
Answer: C,D
Explanation:
Encrypting confidential data stored on the server and performing regular backup will not make the server fault tolerant. Fault tolerance is the ability to continue work when a hardware failure occurs on a system. A fault-tolerant system is designed from the ground up for reliability by building multiples of all critical components, such as CPUs, memories, disks and power supplies into the same computer. In the event one component fails, another takes over without skipping a beat. Answer options A, C, and D are incorrect. The following steps will make the server fault tolerant: Adding a second power supply unit Adding one more same sized disk as a mirror on the serverImplementing cluster servers facility
NEW QUESTION # 46
Which of the following IEEE standards adds QoS features and multimedia support?
- A. 802.5
- B. 802.11e
- C. 802.11a
- D. 802.11b
Answer: B
NEW QUESTION # 47
James is working as a Network Administrator in a reputed company situated in California. He is monitoring his network traffic with the help of Wireshark. He wants to check and analyze the traffic against a PING sweep attack. Which of the following Wireshark filters will he use?
- A. lcmp.type==0 and icmp.type==16
- B. lcmp.type==8 or icmp.type==16
- C. lcmp.type==8 and icmp.type==0
- D. lcmp.type==8 or icmp.type==0
Answer: D
NEW QUESTION # 48
Fred is a network technician working for Johnson Services, a temporary employment agency in Boston. Johnson Services has three remote offices in New England and the headquarters in Boston where Fred works.
The company relies on a number of customized applications to perform daily tasks and unfortunately these applications require users to be local administrators. Because of this, Fred's supervisor wants to implement tighter security measures in other areas to compensate for the inherent risks in making those users local admins. Fred's boss wants a solution that will be placed on all computers throughout the company and monitored by Fred. This solution will gather information on all network traffic to and from the local computers without actually affecting the traffic. What type of solution does Fred's boss want to implement?
- A. Fred's boss wants to implement a HIPS solution.
- B. Fred's boss wants a NIDS implementation.
- C. Fred's boss wants Fred to monitor a NIPS system.
- D. Fred's boss wants to implement a HIDS solution.
Answer: D
NEW QUESTION # 49
CORRECT TEXT
Fill in the blank with the appropriate term.
The______________ model is a description framework for computer network protocols and is sometimes called the Internet Model or the DoD Model.
Answer:
Explanation:
TCP
/IP
Explanation:
The TCP/IP model is a description framework for computer network protocols. It describes a set of general design guidelines and implementations of specific networking protocols to enable computers to communicate over a network. TCP/IP provides end-to-end connectivity specifying how data should be formatted, addressed, transmitted, routed and received at the destination. Protocols exist for a variety of different types of communication services between computers. The TCP/IP Model is sometimes called the Internet Model or the DoD Model. The TCP/IP model has four unique layers as shown in the image. This layer architecture is often compared with the seven-layer OSI Reference Model. The TCP/IP model and related protocols are maintained by the Internet Engineering Task Force (IETF).
NEW QUESTION # 50
Fill in the blank with the appropriate term. ________________ is the process, policies, and procedures related to preparing for recovery or continuation of technology infrastructure critical to an organization after a natural or human-induced disaster.
Answer:
Explanation:
Disaster recovery
NEW QUESTION # 51
Fill in the blank with the appropriate term. ______________is a free open-source utility for network exploration and security auditing that is used to discover computers and services on a computer network, thus creating a "map" of the network.
Answer:
Explanation:
Nmap
NEW QUESTION # 52
Which of the following policies is a set of rules designed to enhance computer security by encouraging users to employ strong passwords and use them properly?
- A. Group policy
- B. Remote access policy
- C. Information protection policy
- D. Password policy
Answer: D
NEW QUESTION # 53
Which of the following types of transmission is the process of sending one bit at a time over a single transmission line?
- A. Unicast transmission
- B. Serial data transmission
- C. Parallel data transmission
- D. Multicast transmission
Answer: B
Explanation:
In serial data transmission, one bit is sent after another (bit-serial) on a single transmission line. It is the simplest method of transmitting digital information from one point to another. This transmission is suitable for providing communication between two participants as well as for multiple participants. It is used for all long- haul communication and provides high data rates. It is also inexpensive and beneficial in transferring data over long distances.
Answer option D is incorrect. In parallel data transmission, several data signals are sent simultaneously over several parallel channels. Parallel data transmission is faster than serial data transmission. It is used primarily for transferring data between devices at the same site. For instance, communication between a computer and printer is most often parallel, allowing the entire byte to be transferred in one operation.
Answer option A is incorrect. The unicast transmission method is used to establish communication between a single host and a single receiver. Packets sent to a unicast address are delivered to the interface recognized by that IP address, as shown in the following figure:
Answer option C is incorrect. The multicast transmission method is used to establish communication between a single host and multiple receivers. Packets are sent to all interfaces recognized by that IP address, as shown in the figure below:
NEW QUESTION # 54
Alice wants to prove her identity to Bob. Bob requests her password as proof of identity, which Alice dutifully provides (possibly after some transformation like a hash function); meanwhile, Eve is eavesdropping the conversation and keeps the password. After the interchange is over, Eve connects to Bob posing as Alice; when asked for a proof of identity, Eve sends Alice's password read from the last session, which Bob accepts.
Which of the following attacks is being used by Eve?
- A. Cross site scripting
- B. Fire walking
- C. Session fixation
- D. Replay
Answer: D
Explanation:
Explanation
Explanation:
Eve is using Replay attack. A replay attack is a type of attack in which attackers capture packets containing passwords or digital signatures whenever packets pass between two hosts on a network. In an attempt to obtain an authenticated connection, the attackers then resend the captured packet to the system. In this type of attack, the attacker does not know the actual password, but can simply replay the captured packet. Session tokens can be used to avoid replay attacks. Bob sends a one-time token to Alice, which Alice uses to transform the password and send the result to Bob (e.g. computing a hash function of the session token appended to the password). On his side Bob performs the same computation; if and only if both values match, the login is successful. Now suppose Mallory has captured this value and tries to use it on another session; Bob sends a different session token, and when Mallory replies with the captured value it will be different from Bob's computation.
Answer option C is incorrect. In the cross site scripting attack, an attacker tricks the user's computer into running code, which is treated as trustworthy because it appears to belong to the server, allowing the attacker to obtain a copy of the cookie or perform other operations.
Answer option B is incorrect. Firewalking is a technique for gathering information about a remote network protected by a firewall. This technique can be used effectively to perform information gathering attacks. In this technique, an attacker sends a crafted packet with a TTL value that is set to expire one hop past the firewall.
Answer option D is incorrect. In session fixation, an attacker sets a user's session id to one known to him, for example by sending the user an email with a link that contains a particular session id. The attacker now only has to wait until the user logs in.
NEW QUESTION # 55
Which of the following type of UPS is used to supply power above 10kVA and provides an ideal electric output presentation, and its constant wear on the power components reduces the dependability?
- A. Double conversion on-line
- B. Stand by On-line hybrid
- C. Line Interactive
- D. Stand by Ferro
Answer: A
NEW QUESTION # 56
You are an Administrator for a network at an investment bank. You are concerned about individuals breeching your network and being able to steal data before you can detect their presence and shut down their access. Which of the following is the best way to address this issue?
- A. Implement a strong firewall.
- B. Implement a honey pot.
- C. Implement network based anti virus.
- D. Implement a strong password policy.
Answer: B
Explanation:
A honey pot is designed to attract intruders to a false server that has no real data (but may seem to have valuable data). The specific stated purpose of a honey pot is as a backup plan in case an intruder does gain access to your network. Answer option B is incorrect. The firewall may help reduce the chance of an intruder gaining access, but won't help protect you once they have gained access.
NEW QUESTION # 57
......
Updated Test Engine to Practice 312-38 Dumps & Practice Exam: https://www.free4dump.com/312-38-braindumps-torrent.html
Dumps Collection 312-38 Test Engine Dumps Training With 171 Questions: https://drive.google.com/open?id=1wCFRgNQ__CGY3AKSsnry1vqwZLVkKwcl