ExamGecko
Search Search Login
Home Home / ECCouncil / 312-38

ECCouncil 312-38 Practice Test - Questions Answers, Page 45

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following tools are NOT used for logging network activities in the Linux operating system? Each correct answer represents a complete solution. Choose all that apply.
Which of the following is a management process that provides a framework for promoting quick recovery and the capability for an effective response to protect the interests of its brand, reputation, and stakeholders?
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com . He is using a tool to crack the wireless encryption keys. The description of the tool is as follows: „It is a Linux-based WLAN WEP cracking tool that recovers encryption keys. It operates by passively monitoring transmissions. It uses Ciphertext Only Attack and captures approximately 5 to 10 million packets to decrypt the WEP keys." Which of the following tools is John using to crack the wireless encryption keys?
Emmanuel works as a Windows system administrator at an MNC. He uses PowerShell to enforce the script execution policy. He wants to allow the execution of the scripts that are signed by a trusted publisher. Which ofthe following script execution policy setting this?
Which of the follow ng security models enable strict identity verification for every user or device attempting to access the network resources?
Which of the following IEEE standards defines a physical bus topology?
Which of the following standards defines Logical Link Control (LLC)?
Sam wants to implement a network-based IDS and finalizes an IDS solution that works based on pattern matching. Which type of network-based IDS is Sam implementing?
John is a senior network security administrator working at a multinational company. He wants to block specif c sys calls from being used by container binaries. Which Linux kernel feature restricts actions within the container?
Which of the following types of RAID is also known as disk striping?

Question 441

Report
Export
Collapse

An attacker has access to password hashes of a windows 7 computer. Which of the following attacks can the attacker use to reveal the passwords?

A.
XSS
A.
XSS
Answers
B.
Rainbow table
B.
Rainbow table
Answers
C.
Brute force
C.
Brute force
Answers
D.
Dictionary attacks
D.
Dictionary attacks
Answers
Suggested answer: B

Question 442

Report
Export
Collapse

Which NIST Incident category includes any activity that seeks to access or identify a federal agency computer, open ports, protocols, service or any combination for later exploit?

A.
Malicious code
A.
Malicious code
Answers
B.
Scans/ Probes/ Attempted Access
B.
Scans/ Probes/ Attempted Access
Answers
C.
Denial-of-Service
C.
Denial-of-Service
Answers
D.
Improper usage
D.
Improper usage
Answers
Suggested answer: B

Question 443

Report
Export
Collapse

James is working as a Network Administrator in a reputed company situated in California. He is monitoring his network traffic with the help of Wireshark. He wants to check and analyze the traffic against a PING sweep attack. Which of the following Wireshark filters will he use?

A.
Icmp.type==8 or icmp.type==16
A.
Icmp.type==8 or icmp.type==16
Answers
B.
icmp.type==8 or icmp.type==0
B.
icmp.type==8 or icmp.type==0
Answers
C.
icmp.type==8 and icmp.type==0
C.
icmp.type==8 and icmp.type==0
Answers
D.
Icmp.type==0 and icmp.type==16
D.
Icmp.type==0 and icmp.type==16
Answers
Suggested answer: B

Question 444

Report
Export
Collapse

Management wants to bring their organization into compliance with the ISO standard for information security risk management. Which ISO standard will management decide to implement?

A.
ISO/IEC 27005
A.
ISO/IEC 27005
Answers
B.
ISO/IEC 27006
B.
ISO/IEC 27006
Answers
C.
ISO/IEC 27002
C.
ISO/IEC 27002
Answers
D.
ISO/IEC 27004
D.
ISO/IEC 27004
Answers
Suggested answer: A

Question 445

Report
Export
Collapse

Which of the following systems includes an independent NAS Head and multiple storage arrays?

A.
FreeNAS
A.
FreeNAS
Answers
B.
None of these
B.
None of these
Answers
C.
Gateway NAS System
C.
Gateway NAS System
Answers
D.
Integrated NAS System
D.
Integrated NAS System
Answers
Suggested answer: C

Question 446

Report
Export
Collapse

You are monitoring your network traffic with the Wireshark utility and noticed that your network is experiencing a large amount of traffic from a certain region.

You suspect a DoS incident on the network. What will be your first reaction as a first responder?

A.
Avoid Fear, Uncertainty and Doubt
A.
Avoid Fear, Uncertainty and Doubt
Answers
B.
Communicate the incident
B.
Communicate the incident
Answers
C.
Make an initial assessment
C.
Make an initial assessment
Answers
D.
Disable Virus Protection
D.
Disable Virus Protection
Answers
Suggested answer: A

Question 447

Report
Export
Collapse

The security network team is trying to implement a firewall capable of operating only in the session layer, monitoring the TCP inter-packet link protocol to determine when a requested session is legitimate or not. Using this type of firewall, they could be able to intercept the communication, making the external network see that the firewall is the source, and facing the user, who responds from the outside is the firewall itself. They are just limiting a requirements previous listed, because they already have a packet filtering firewall and they must add a cheap solution that meets the objective. What kind of firewall would you recommend?

A.
Packet Filtering with NAT
A.
Packet Filtering with NAT
Answers
B.
Circuit Level Gateway
B.
Circuit Level Gateway
Answers
C.
Application Proxies
C.
Application Proxies
Answers
D.
Application Level Gateways
D.
Application Level Gateways
Answers
Suggested answer: B

Question 448

Report
Export
Collapse

If a network is at risk resulting from misconfiguration performed by unskilled and/or unqualified individuals, what type of threat is this?

A.
External Threats
A.
External Threats
Answers
B.
Unstructured Threats
B.
Unstructured Threats
Answers
C.
Structured Threats
C.
Structured Threats
Answers
D.
Internal Threats
D.
Internal Threats
Answers
Suggested answer: B

Question 449

Report
Export
Collapse

John is a network administrator and is monitoring his network traffic with the help of Wireshark. He suspects that someone from outside is making a TCP OS fingerprinting attempt on his organization's network. Which of following Wireshark filter(s) will he use to locate the TCP OS fingerprinting attempt? (Choose all that apply.)

A.
tcp.flags=0x00
A.
tcp.flags=0x00
Answers
B.
tcp.options.wscale_val==20
B.
tcp.options.wscale_val==20
Answers
C.
tcp.flags==0x2b
C.
tcp.flags==0x2b
Answers
D.
tcp.options.mss_val<1460
D.
tcp.options.mss_val<1460
Answers
Suggested answer: A, C, D

Question 450

Report
Export
Collapse

Michael decides to view the ________ to track employee actions on the organization's network.

A.
Firewall policy
A.
Firewall policy
Answers
B.
Firewall settings
B.
Firewall settings
Answers
C.
Firewall log
C.
Firewall log
Answers
D.
Firewall rule set
D.
Firewall rule set
Answers
Suggested answer: C
Total 613 questions
Go to page: of 62
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms