Home / ECCouncil / 312-38

ECCouncil 312-38 Practice Test - Questions Answers, Page 52

Question list

List of questions

Question 511

(0)

John is a senior network security administrator working at a multinational company. He wants to block specif c sys calls from being used by container binaries. Which Linux kernel feature restricts

Question 512

(0)

Which ofthe follow ng is not part ofthe recommended first response steps for network defenders?

Question 513

(0)

Which among the following tools can help in identifying loEs to evaluate human attack surface?

Question 514

(0)

Iri______method, event lugs are arranged in the fuim of a circular buffer.

Question 515

(0)

Which of the follow ng indicators refers to potential risk exposures that attackers can use to breach the security of an organization?

Question 516

(0)

Which of the following can be used to disallow a system/user from accessing all applications except a specific folder on a system?

Question 517

(0)

Which of the following helps prevent executing untrusted or untested programs or code from untrusted or unverified third-parties?

Question 518

(0)

Who is an IR custodian?

Question 519

(0)

Which of the follow ng attack surface increase when you keep USB ports enabled on your laptop unnecessarily?

Question 520

(0)

Which among the following filter is used to detect a SYN/FIN attack?

Related questions

Which of the following tools are NOT used for logging network activities in the Linux operating system? Each correct answer represents a complete solution. Choose all that apply.

Which of the following is a management process that provides a framework for promoting quick recovery and the capability for an effective response to protect the interests of its brand, reputation, and stakeholders?

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com . He is using a tool to crack the wireless encryption keys. The description of the tool is as follows: „It is a Linux-based WLAN WEP cracking tool that recovers encryption keys. It operates by passively monitoring transmissions. It uses Ciphertext Only Attack and captures approximately 5 to 10 million packets to decrypt the WEP keys." Which of the following tools is John using to crack the wireless encryption keys?

Emmanuel works as a Windows system administrator at an MNC. He uses PowerShell to enforce the script execution policy. He wants to allow the execution of the scripts that are signed by a trusted publisher. Which ofthe following script execution policy setting this?

Which of the follow ng security models enable strict identity verification for every user or device attempting to access the network resources?

Which of the following IEEE standards defines a physical bus topology?

Which of the following standards defines Logical Link Control (LLC)?

Sam wants to implement a network-based IDS and finalizes an IDS solution that works based on pattern matching. Which type of network-based IDS is Sam implementing?

Which of the following types of RAID is also known as disk striping?

Which of the following is designed to detect unwanted changes by observing the flame of the environment associated with combustion?

Question 511

John is a senior network security administrator working at a multinational company. He wants to block specif c sys calls from being used by container binaries.

Which Linux kernel feature restricts actions within the container?

Cgroups

LSMs

Seccomp

Usems

Show Answer Comment (0)

Question 512

Which ofthe follow ng is not part ofthe recommended first response steps for network defenders?

Restrict yours elf from doing the investigation

Extract relevant data from the suspected devices as early as possible

Disable virus protection

Do not change the state ofthe suspected device

Show Answer Comment (0)

Question 513

Which among the following tools can help in identifying loEs to evaluate human attack surface?

securiCAD

Amass

Skybox

SET

Show Answer Comment (0)

Question 514

Iri______method, event lugs are arranged in the fuim of a circular buffer.

Non-wrapping method

LIFO method

Wrapping method

FIFO method

Show Answer Comment (0)

Question 515

Which of the follow ng indicators refers to potential risk exposures that attackers can use to breach the security of an organization?

Indicators of attack

Key risk indicators

Indicators of exposure

Indicators of compromise

Show Answer Comment (0)

Question 516

Which of the following can be used to disallow a system/user from accessing all applications except a specific folder on a system?

Hash rule

Path rule

Internet zone rule

Certificate rule

Show Answer Comment (0)

Question 517

Which of the following helps prevent executing untrusted or untested programs or code from untrusted or unverified third-parties?

Application sandboxing

Deployment of WAFS

Application whitelisting

Application blacklisting

Show Answer Comment (0)

Question 518

Who is an IR custodian?

An individual responsible for conveying company details after an incident

An individual who receives the initial IR alerts and leads the IR team in all the IR activities

An individual who makes a decision on the classifications and the severity of the incident identified

An individual responsible for the remediation and resolution of the incident that occurred

Show Answer Comment (0)

Question 519

Which of the follow ng attack surface increase when you keep USB ports enabled on your laptop unnecessarily?

Human attack surface

Network attack surface

Physical attack surface

Software attack surface

Show Answer Comment (0)

Question 520

Which among the following filter is used to detect a SYN/FIN attack?

tcp.flags==0x002

tcp.flags==0x004

tcp.flags==0x003

tcp.flags==0x001

Show Answer Comment (0)

Total 613 questions

50 51 52 53 54

Go to page: of 62