Pass Your Exam With 100% Verified 312-38 Exam Questions [Q59-Q77]

Share

Pass Your Exam With 100% Verified 312-38 Exam Questions

312-38 Dumps PDF - 312-38 Real Exam Questions Answers


Preparation Process

Understanding the exam topics is very critical to success in the test. Therefore, the potential candidates must download the exam blueprint to review the comprehensive details of these domains. After exploring the scope of the test, they can proceed to choose ample resources to prepare for EC-Council 312-38 with great deliberation.


Understanding functional and technical aspects of Certified Network Defender Business Principles and Practices

The following will be discussed in ECCOUNCIL EC 312-38 exam dumps:

  • Verify and document that design requirements are met including coverage, throughput, roaming, and connectivity with a post-implementation validation survey (CHAPTER 12)
  • Protocol and spectrum analyzers
  • Wireless Intrusion Prevention System (WIPS) and/or rogue AP detection
  • Locate and identify sources of RF interference (CHAPTER 12)
  • Identify sources of RF interference from non-802.11 wireless devices based on the investigation of airtime and frequency utilization
  • Best practices in secure management protocols (e.g. encrypted management HTTPS, SNMPv3, SSH2, VPN and password management)

 

NEW QUESTION 59
Which of the following incident handling stage removes the root cause of the incident?

  • A. Recovery
  • B. Detection
  • C. Containment
  • D. Eradication

Answer: D

 

NEW QUESTION 60
Which of the following is a credit card-sized device used to securely store personal information and used in conjunction with a PIN number to authenticate users?

  • A. Proximity card
  • B. Java card
  • C. SD card
  • D. Smart card

Answer: D

Explanation:
A smart card is a credit card-sized device used to securely store personal information such as certificates, public and private keys, passwords, etc. It is used in conjunction with a PIN number to authenticate users. In Windows, smart cards are used to enable certificate-based authentication. To use smart cards, Extensible Authentication Protocol (EAP) must be configured in Windows. Answer option B is incorrect. Java Card is a technology that allows Java-based applications to be run securely on smart cards and small memory footprint devices. Java Card gives a user the ability to program devices and make them application specific. It is widely used in SIM cards and ATM cards. Java Card products are based on the Java Card Platform specifications developed by Sun Microsystems, a supplementary of Oracle Corporation. Many Java card products also rely on the global platform specifications for the secure management of applications on the card. The main goals of the Java Card technology are portability and security. Answer option A is incorrect. Proximity card (or Prox Card) is a generic name for contactless integrated circuit devices used for security access or payment systems. It can refer to the older 125 kHz devices or the newer 13.56 MHz contactless RFID cards, most commonly known as contactless smartcards.Modern proximity cards are covered by the ISO/IEC 14443 (Proximity Card) standard. There is also a related ISO/IEC 15693 (Vicinity Card) standard. Proximity cards are powered by resonant energy transfer and have a range of 0-3 inches in most instances. The user will usually be able to leave the card inside a wallet or purse. The price of the cards is also low, usually US$2-$5, allowing them to be used in applications such as identification cards, keycards, payment cards and public transit fare cards. Answer option C is incorrect. Secure Digital (SD) card is a non-volatile memory card format used in portable devices such as mobile phones, digital cameras, and handheld computers. SD cards are based on the older MultiMediaCard (MMC) format, but they are a little thicker than MMC cards. Generally an SD card offers a write-protect switch on its side. SD cards generally measure 32 mm x 24 mm x 2.1 mm, but they can be as thin as 1.4 mm. The devices that have SD card slots can use the thinner MMC cards, but the standard SD cards will not fit into the thinner MMC slots. Some SD cards are also available with a USB connector. SD card readers allow SD cards to be accessed via many connectivity ports such as USB, FireWire, and the common parallel port.

 

NEW QUESTION 61
FILL BLANK
Fill in the blank with the appropriate term. A ______________________ network is a local area network (LAN)
in which all computers are connected in a ring or star topology and a bit- or token-passing scheme is used for
preventing the collision of data between two computers that want to send messages at the same time.

Answer:

Explanation:
Token Ring
Explanation:
A Token Ring network is a local area network (LAN) in which all computers are connected in a ring or star
topology and a bit- or token-passing scheme is used in order to prevent the collision of data between two
computers that want to send messages at the same time. The Token Ring protocol is the second most widely-
used protocol on local area networks after Ethernet. The IBM Token Ring protocol led to a standard version,
specified as IEEE 802.5. Both protocols are used and are very similar. The IEEE 802.5 Token Ring technology
provides for data transfer rates of either 4 or 16 megabits per second.
Working:
Empty information frames are constantly circulated on the ring. When a computer has a message to send, it
adds a token to an empty frame and adds a message and a destination identifier to the frame. The frame is
then observed by each successive workstation. If the workstation sees that it is the destination for the
message, it copies the message from the frame and modifies the token back to 0. When the frame gets back
to the originator, it sees that the token has been modified to 0 and that the message has been copied and
received. It removes the message from the particular frame. The frame continues to circulate as an empty
frame, ready to be taken by a workstation when it has a message to send.

 

NEW QUESTION 62
Which type of wireless network attack is characterized by an attacker using a high gain amplifier from a nearby location to drown out the legitimate access point signal?

  • A. Unauthorized association
  • B. Rogue access point attack
  • C. Ad Hoc Connection attack
  • D. Jamming signal attack

Answer: D

Explanation:
Explanation/Reference:

 

NEW QUESTION 63
Which of the following tools is used for wireless LANs detection?

  • A. Sniffer
  • B. NetStumbler
  • C. Fort Knox
  • D. Airopeek

Answer: B

 

NEW QUESTION 64
This is a Windows-based tool that is used for the detection of wireless LANs using the IEEE 802.11a, 802.11b, and 802.11g standards. The main features of these tools are as follows: It displays the signal strength of a wireless network, MAC address, SSID, channel details, etc.
It is commonly used for the following purposes:
a.War driving
b.Detecting unauthorized access points
c.Detecting causes of interference on a WLAN
d.WEP ICV error tracking
e.Making Graphs and Alarms on 802.11 Data, including Signal Strength
This tool is known as __________.

  • A. Kismet
  • B. NetStumbler
  • C. THC-Scan
  • D. Absinthe

Answer: B

Explanation:
NetStumbler is a Windows-based tool that is used for the detection of wireless LANs using the
IEEE 802.11a, 802.11b, and 802.11g standards. The main features of NetStumbler are as follows:
It displays the signal strength of a wireless network, MAC address, SSID, channel details, etc.
It is commonly used for the following purposes:
a.War driving
b.Detecting unauthorized access points
c.Detecting causes of interference on a WLAN
d.WEP ICV error tracking
e.Making Graphs and Alarms on 802.11 Data, including Signal Strength
Answer option A is incorrect. Kismet is an IEEE 802.11 layer2 wireless network detector, sniffer,
and intrusion detection system.
Answer option C is incorrect. THC-Scan is a war-dialing tool.
Answer option B is incorrect. Absinthe is an automated SQL injection tool.

 

NEW QUESTION 65
Which of the following examines network traffic to identify threats that generate unusual traffic flows, such as distributed denial of service (DDoS) attacks, certain forms of malware, and policy violations?

  • A. Wireless Intrusion Prevention System
  • B. Network-based Intrusion Prevention
  • C. Host-based Intrusion Prevention
  • D. Network Behavior Analysis

Answer: D

Explanation:
Network Behavior Analysis examines network traffic to identify threats that generate unusual traffic flows, such as distributed denial of service (DDoS) attacks, certain forms of malware, and policy violations. Answer option B is incorrect. Network-based Intrusion Prevention (NIPS) monitors the entire network for suspicious traffic by analyzing protocol activity. Answer option C is incorrect. Wireless Intrusion Prevention System (WIPS) monitors a wireless network for suspicious traffic by analyzing wireless networking protocols. Answer option D is incorrect. Host-based Intrusion Prevention (HIPS) is an installed software package that monitors a single host for suspicious activity by analyzing events occurring within that host.

 

NEW QUESTION 66
Which of the following tools is used to ping a given range of IP addresses and resolve the host name of the remote system?

  • A. Nmap
  • B. SuperScan
  • C. Netscan
  • D. Hping

Answer: B

Explanation:
Explanation

 

NEW QUESTION 67
FILL BLANK
Fill in the blank with the appropriate term. ______________ is an open wireless technology standard for
exchanging data over short distances from fixed and mobile devices.

Answer:

Explanation:
Bluetooth
Explanation:
Bluetooth is an open wireless technology standard for exchanging data over short distances from fixed and
mobile devices,
creating personal area networks with high levels of security. Created by telecoms vendor Ericsson in 1994, it
was originally conceived as a wireless alternative to RS-232 data cables. It can connect several devices,
overcoming problems of synchronization. Today Bluetooth is managed by the Bluetooth Special Interest Group.

 

NEW QUESTION 68
Which of the following router configuration modes changes terminal settings on a temporary basis, performs basic tests, and lists system information?

  • A. Privileged EXEC
  • B. Global Config
  • C. Interface Config
  • D. User EXEC

Answer: D

Explanation:
User EXEC is one of the router configuration modes that changes terminal settings on a temporary basis, performs basic tests, and lists system information.
Answer option C is incorrect. Privileged EXEC sets operating parameters.
Answer option A is incorrect. Global Config modifies configuration that affects the system as a whole.
Answer option B is incorrect. Interface Config modifies the operation of an interface.

 

NEW QUESTION 69
Which of the following is the main international standards organization for the World Wide Web?

  • A. WASC
  • B. W3C
  • C. CCITT
  • D. ANSI

Answer: B

 

NEW QUESTION 70
Which of the following tools is a free laptop tracker that helps in tracking a user's laptop in case it gets stolen?

  • A. Nessus
  • B. SAINT
  • C. Adeona
  • D. Snort

Answer: C

Explanation:
Adeona is a free laptop tracker that helps in tracking a user's laptop in case it gets stolen. All it takes is to install the Adeona software client on the user's laptop, pick a password, and make it run in the background. If at one point, the user's laptop gets stolen and is connected to the Internet, the Adeona software sends the criminal's IP address. Using the Adeona Recovery, the IP address can then be retrieved. Knowing the IP address helps in tracking the geographical location of the stolen device. Answer option D is incorrect. Nessus is proprietary comprehensive vulnerability scanning software. It is free of charge for personal use in a non-enterprise environment. Its goal is to detect potential vulnerabilities on tested systems. It is capable of checking various types of vulnerabilities, some of which are as follows:Vulnerabilities that allow a remote cracker to control or access sensitive data on a system Misconfiguration (e.g. open mail relay, missing patches, etc)Default passwords, a few common passwords, and blank/absent passwords on some system accounts. Nessus can also call Hydra (an external tool) to launch a dictionary attack.Denials of service against the TCP/IP stack by using mangled packets Answer option A is incorrect. SAINT stands for System Administrator's Integrated Network Tool. It is computer software used for scanning computer networks for security vulnerabilities, and exploiting found vulnerabilities. The SAINT scanner screens every live system on a network for TCP and UDP services. For each service it finds running, it launches a set of probes designed to detect anything that could allow an attacker to gain unauthorized access, create a denial-ofservice, or gain sensitive information about the network. Answer option C is incorrect. Snort is an open source network intrusion detection system. The Snort application analyzes network traffic in realtime mode. It performs packet sniffing, packet logging, protocol analysis, and a content search to detect a variety of potential attacks.

 

NEW QUESTION 71
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He is using a tool to crack the wireless encryption keys. The description of the tool is as follows:
„It is a Linux-based WLAN WEP cracking tool that recovers encryption keys. It operates by passively monitoring transmissions. It uses Ciphertext Only Attack and captures approximately 5 to 10 million packets to decrypt the WEP keys." Which of the following tools is John using to crack the wireless encryption keys?

  • A. PsPasswd
  • B. Kismet
  • C. Cain
  • D. AirSnort

Answer: D

Explanation:
AirSnort is a Linux-based WLAN WEP cracking tool that recovers encryption keys. AirSnort operates by passively monitoring transmissions. It uses Ciphertext Only Attack and captures approximately 5 to 10 million packets to decrypt the WEP keys.
Answer option C is incorrect. Kismet is a Linux-based 802.11 wireless network sniffer and intrusion detection system. It can work with any wireless card that supports raw monitoring (rfmon) mode. Kismet can sniff
802.11b, 802.11a, 802.11g, and 802.11n traffic. Kismet can be used for the following tasks:
To identify networks by passively collecting packets
To detect standard named networks
To detect masked networks
To collect the presence of non-beaconing networks via data traffic Answer option A is incorrect. Cain is a multipurpose tool that can be used to perform many tasks such as Windows password cracking, Windows enumeration, and VoIP session sniffing. This password cracking program can perform the following types of password cracking attacks:
Dictionary attack
Brute force attack
Rainbow attack
Hybrid attack
Answer option B is incorrect. PsPasswd is a tool that helps Network Administrators change an account password on the local or remote system. The command syntax of PsPasswd is as follows:
pspasswd [\\computer[,computer[,..] | @file [-u user [-p psswd]] Username [NewPassword]

 

NEW QUESTION 72
Which of the following standards have been proposed for the improvement of 802.11a and 802.11b wireless local area network (WLAN) specifications, which provides a quality of service (QoS) features, such as the prioritization of data, voice and video transmissions?

  • A. 802.11e
  • B. 802.11n
  • C. None
  • D. 802.15
  • E. 802.11h

Answer: A

 

NEW QUESTION 73
Which of the following helps in viewing account activity and events for supported services made by AWS?

  • A. AWS CloudTrial
  • B. AWS Certificate Manager
  • C. AWS CloudFormation
  • D. AWS CloudHSM

Answer: A

 

NEW QUESTION 74
Which of the following is a tool that runs on the Windows OS and analyzes iptables log messages to detect port scans and other suspicious traffic?

  • A. Nmap
  • B. NetRanger
  • C. PSAD
  • D. Hping

Answer: C

Explanation:
PSAD is a tool that runs on the Windows OS and analyzes iptables log messages to detect port scans and other suspicious traffic. It includes many signatures from the IDS to detect probes for various backdoor programs such as EvilFTP, GirlFriend, SubSeven, DDoS tools (mstream, shaft), and advanced port scans (FIN, NULL, XMAS). If it is combined with fwsnort and the Netfilter string match extension, it detects most of the attacks described in the Snort rule set that involve application layer data.
Answer option C is incorrect. NetRanger is the complete network configuration and information toolkit that includes the following tools: Ping tool, Trace Route tool, Host Lookup tool, Internet time synchronizer, Whois tool, Finger Unix hosts tool, Host and port scanning tool, check multiple POP3 mail accounts tool, manage dialup connections tool, Quote of the day tool, and monitor Network Settings tool. These tools are integrated in order to use an application interface with full online help. NetRanger is designed for both new and experienced users. This tool is used to help diagnose network problems and to get information about users, hosts, and networks on the Internet or on a user computer network. NetRanger uses multi-threaded and multi-connection technologies in order to be very fast and efficient.
Answer option D is incorrect. Nmap is a free open-source utility for network exploration and security auditing. It is used to discover computers and services on a computer network, thus creating a "map" of the network. Just like many simple port scanners, Nmap is capable of discovering passive services. In addition, Nmap may be able to determine various details about the remote computers. These include operating system, device type, uptime, software product used to run a service, exact version number of that product, presence of some firewall techniques and, on a local area network, even vendor of the remote network card. Nmap runs on Linux, Microsoft Windows, etc.

 

NEW QUESTION 75
A war dialer is a tool that is used to scan thousands of telephone numbers to detect vulnerable modems. It
provides an attacker unauthorized access to a computer. Which of the following tools can an attacker use to
perform war dialing? Each correct answer represents a complete solution. Choose all that apply.

  • A. Wingate
  • B. NetStumbler
  • C. THC-Scan
  • D. ToneLoc

Answer: C,D

Explanation:
THC-Scan and ToneLoc are tools used for war dialing. A war dialer is a tool that is used to scan thousands of
telephone numbers to detect vulnerable modems. It provides the attacker unauthorized access to a computer.
Answer option D is incorrect. NetStumbler is a Windows-based tool that is used for the detection of wireless
LANs using the IEEE 802.11a, 802.11b, and 802.11g standards. It detects wireless networks and marks their
relative position with a GPS. It uses an 802.11 Probe Request
that has been sent to the broadcast destination address.
Answer option B is incorrect. Wingate is a proxy server.

 

NEW QUESTION 76
Which of the following is an electronic device that helps in forwarding data packets along networks?

  • A. Gateway
  • B. Router
  • C. Hub
  • D. Repeater

Answer: B

 

NEW QUESTION 77
......


Exam Overview

The interested candidates must complete the 312-38 exam with a high result if they want to earn the Certified Network Defender certificate. Therefore, they should know what to expect. The test is 4 hours long and contains 100 questions. You must achieve the passing score, which ranges from 60% to 85%, to qualify for the certification.

 

312-38 Dumps 100 Pass Guarantee With Latest Demo: https://www.free4torrent.com/312-38-braindumps-torrent.html

Prepare 312-38 Question Answers Free Update With 100% Exam Passing Guarantee [2022]: https://drive.google.com/open?id=1srdG14ffceM4JGNuC_fzBXUJkZzUNj20