ExamGecko
Search Search Login
Home Home / ECCouncil / 112-51
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following algorithms uses a sponge construction where message blocks are XORed into the initial bits of the state that the algorithm then invertible permutes?
Identify the UBA tool that collects user activity details from multiple sources and uses artificial intelligence and machine learning algorithms to perform user behavior analysis to prevent and detect various threats before the fraud is perpetrated.
Which of the following types of network traffic flow does not provide encryption in the data transfer process, and the data transfer between the sender and receiver is in plain text?
A major fire broke out in the storeroom of CyberSol Inc. It first gutted the equipment in the storeroom and then started spreading to other areas in the company. The officials of the company informed the fire department. The fire rescue team reached the premises and used a distribution piping system to suppress the fire, thereby preventing any human or asset loss. Identify the type of fire-fighting system used by the rescue team in the above scenario.
Which of the following types of network cable is made up of a single copper conductor at its center and a plastic layer that provides an insulated center conductor with a braided metal shield?
Sarah was accessing confidential office files from a remote location via her personal computer connected to the public Internet. Accidentally, a malicious file was downloaded onto Sarah's computer without her knowledge. This download might be due to the free Internet access and the absence of network defense solutions. Identify the Internet access policy demonstrated in the above scenario.
Which of the following algorithms is an iterated block cipher that works by repeating the defined steps multiple times and has a 128-bit block size, having key sizes of 128, 192, and 256 bits?
Steve was sharing his confidential file with John via an email that was digitally signed and encrypted. The digital signature was made using the 'Diffie-Hellman (X9.42) with DSS' algorithm, and the email was encrypted using triple DES. Which of the following protocols employs the above features to encrypt an email message?
Below is the list of encryption modes used in a wireless network. 1.WPA2 Enterprise with RADIUS 2.WPA3 3.WPA2 PSK 4.WPA2 Enterprise Identify the correct order of wireless encryption modes in terms of security from high to low.
Finch, a security professional, was instructed to strengthen the security at the entrance. At the doorway, he implemented a security mechanism that allows employees to register their retina scan and a unique six- digit code, using which they can enter the office at any time. Which of the following combinations of authentication mechanisms is implemented in the above scenario?

Question 21 - 112-51 discussion

Report
Export

Kalley, a network administrator of an organization, has installed a traffic monitoring system to capture and report suspicious traffic signatures. In this process, she detects traffic containing password cracking, sniffing, and brute-forcing attempts.Which of the following categories of suspicious traffic signature were identified by Kalley through the installed monitoring system?

A.
Reconnaissance signatures
Answers
A.
Reconnaissance signatures
B.
Unauthorized access signatures
Answers
B.
Unauthorized access signatures
C.
Denial-of-service (DoS) signatures
Answers
C.
Denial-of-service (DoS) signatures
D.
Informational signatures
Answers
D.
Informational signatures
Suggested answer: B

Explanation:

Unauthorized access signatures were identified by Kalley through the installed monitoring system. Unauthorized access signatures are designed to detect attempts to gain unauthorized access to a system or network by exploiting vulnerabilities, misconfigurations, or weak credentials. Password cracking, sniffing, and brute-forcing are common techniques used by attackers to obtain or guess the passwords of legitimate users or administrators and gain access to their accounts or privileges. These techniques generate suspicious traffic patterns that can be detected by traffic monitoring systems, such as Snort, using signature-based detection. Signature-based detection is based on the premise that abnormal or malicious network traffic fits a distinct pattern, whereas normal or benign traffic does not. Therefore, by installing a traffic monitoring system and capturing and reporting suspicious traffic signatures, Kalley can identify and prevent unauthorized access attempts and protect the security of her organization's network.

Reference:

Network Defense Essentials Courseware, EC-Council, 2020, pp. 3-33 to 3-34

Detecting Suspicious Traffic via Signatures - Intrusion Detection with Snort, O'Reilly, 2003

Threat Signature Categories - Palo Alto Networks, Palo Alto Networks, 2020

Show Answer
asked 18/09/2024
Frank Acosta
38 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms