Home / ECCouncil / 312-38

ECCouncil 312-38 Practice Test - Questions Answers, Page 42

Question list

List of questions

Question 411

(0)

You are using Wireshark to monitor your network traffic and you see a lot of packages with the FIN, PUSH and URG flags activated; what can you infer about this behavior?

Question 412

(0)

The Circuit-level gateway firewall technology functions at which of the following OSI layer?

Question 413

(0)

Individuals in the organization using system resources in a way that violates acceptable usage policies indicates which of the following security incident(s):

Question 414

(0)

The GMT enterprise is working on their internet and web usage policies. GMT would like to control internet bandwidth consumption by employees. Which group of policies would this belong to?

Question 415

(0)

Which of the following intrusion detection techniques observes the network for abnormal usage patterns by determining the performance parameters for regular activities and monitoring for actions bey

Question 416

(0)

An administrator wants to monitor and inspect large amounts of traffic and detect unauthorized attempts from inside the organization, with the help of an IDS. They are not able to recognize the exa

Question 417

(0)

Steven's company has recently grown from 5 employees to over 50. Every workstation has a public IP address and navigated to the Internet with little to no protection. Steven wants to use a firewall.

Question 418

(0)

Assume that you are a network administrator and the company has asked you to draft an Acceptable Use Policy (AUP) for employees. Under which category of an information security policy does AUP fall

Question 419

(0)

During the recovery process, RTO and RPO should be the main parameters of your disaster recovery plan. What does RPO refer to?

Question 420

(0)

Ryan works as a network security engineer at an organization the recently suffered an attack. As a countermeasure, Ryan would like to obtain more information about the attacker and chooses to deploy

Related questions

Which of the following tools are NOT used for logging network activities in the Linux operating system? Each correct answer represents a complete solution. Choose all that apply.

Which of the following is a management process that provides a framework for promoting quick recovery and the capability for an effective response to protect the interests of its brand, reputation, and stakeholders?

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com . He is using a tool to crack the wireless encryption keys. The description of the tool is as follows: „It is a Linux-based WLAN WEP cracking tool that recovers encryption keys. It operates by passively monitoring transmissions. It uses Ciphertext Only Attack and captures approximately 5 to 10 million packets to decrypt the WEP keys." Which of the following tools is John using to crack the wireless encryption keys?

Emmanuel works as a Windows system administrator at an MNC. He uses PowerShell to enforce the script execution policy. He wants to allow the execution of the scripts that are signed by a trusted publisher. Which ofthe following script execution policy setting this?

Which of the follow ng security models enable strict identity verification for every user or device attempting to access the network resources?

Which of the following types of RAID is also known as disk striping?

Which of the following IEEE standards defines a physical bus topology?

Which of the following standards defines Logical Link Control (LLC)?

Sam wants to implement a network-based IDS and finalizes an IDS solution that works based on pattern matching. Which type of network-based IDS is Sam implementing?

John is a senior network security administrator working at a multinational company. He wants to block specif c sys calls from being used by container binaries. Which Linux kernel feature restricts actions within the container?

Question 411

You are using Wireshark to monitor your network traffic and you see a lot of packages with the FIN, PUSH and URG flags activated; what can you infer about this behavior?

The Layer 3 Controls are activated in the Switches

The Spanning Tree Protocol is activated in the Switches

One NIC is broadcasting erroneous traffic

An attacker is running a XMAS scan against the network

Show Answer Comment (0)

Question 412

The Circuit-level gateway firewall technology functions at which of the following OSI layer?

Transport layer

Data-link layer

Session layer

Network layer

Show Answer Comment (0)

Question 413

Individuals in the organization using system resources in a way that violates acceptable usage policies indicates which of the following security incident(s):

Unauthorized Access

Improper Usage

Denial-of-Service (DoS)

Malicious Code

Show Answer Comment (0)

Question 414

The GMT enterprise is working on their internet and web usage policies. GMT would like to control internet bandwidth consumption by employees. Which group of policies would this belong to?

Enterprise Information Security Policy

Network Services Specific Security Policy

Issue Specific Security Policy

System Specific Security Policy

Show Answer Comment (0)

Which of the following intrusion detection techniques observes the network for abnormal usage patterns by determining the performance parameters for regular activities and monitoring for actions beyond the normal parameters?

Statistical anomaly detection

Signature/Pattern matching

None of these

Stateful protocol analysis

Show Answer Comment (0)

Question 416

An administrator wants to monitor and inspect large amounts of traffic and detect unauthorized attempts from inside the organization, with the help of an IDS.

They are not able to recognize the exact location to deploy the IDS sensor. Can you help him spot the location where the IDS sensor should be placed?

Location 1

Location 2

Location 3

Location 4

Show Answer Comment (0)

Question 417

Steven's company has recently grown from 5 employees to over 50. Every workstation has a public IP address and navigated to the Internet with little to no protection. Steven wants to use a firewall. He also wants IP addresses to be private addresses, to prevent public Internet devices direct access to them. What should Steven implement on the firewall to ensure this happens?

Steven should use Open Shortest Path First (OSPF).

Steven should enable Network Address Translation (NAT).

Steven should use a Demilitarized Zone (DMZ).

Steven should use IPsec.

Show Answer Comment (0)

Question 418

Assume that you are a network administrator and the company has asked you to draft an Acceptable Use Policy (AUP) for employees. Under which category of an information security policy does AUP fall into?

Incident Response Policy (IRP)

Issue Specific Security Policy (ISSP)

Enterprise Information Security Policy (EISP)

System Specific Security Policy (SSSP)

Show Answer Comment (0)

Question 419

During the recovery process, RTO and RPO should be the main parameters of your disaster recovery plan. What does RPO refer to?

The encryption feature, acting as add-on security to the data

The hot plugging technique used to replace computer components

The duration required to restore the data

The interval after which the data quality is lost

Show Answer Comment (0)

Question 420

Ryan works as a network security engineer at an organization the recently suffered an attack. As a countermeasure, Ryan would like to obtain more information about the attacker and chooses to deploy a honeypot into the organizations production environment called Kojoney. Using this honeypot, he would like to emulate the network vulnerability that was attacked previously. Which type of honeypot is he trying to implement?

High interaction honeypots

Research honeypot

Low interaction honeypots

Pure honeypots

Show Answer Comment (0)

Total 613 questions

40 41 42 43 44

Go to page: of 62