ExamGecko
Search Search Login
Home Home / ECCouncil / 112-51
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following algorithms uses a sponge construction where message blocks are XORed into the initial bits of the state that the algorithm then invertible permutes?
Identify the UBA tool that collects user activity details from multiple sources and uses artificial intelligence and machine learning algorithms to perform user behavior analysis to prevent and detect various threats before the fraud is perpetrated.
Which of the following types of network traffic flow does not provide encryption in the data transfer process, and the data transfer between the sender and receiver is in plain text?
A major fire broke out in the storeroom of CyberSol Inc. It first gutted the equipment in the storeroom and then started spreading to other areas in the company. The officials of the company informed the fire department. The fire rescue team reached the premises and used a distribution piping system to suppress the fire, thereby preventing any human or asset loss. Identify the type of fire-fighting system used by the rescue team in the above scenario.
Which of the following types of network cable is made up of a single copper conductor at its center and a plastic layer that provides an insulated center conductor with a braided metal shield?
Sarah was accessing confidential office files from a remote location via her personal computer connected to the public Internet. Accidentally, a malicious file was downloaded onto Sarah's computer without her knowledge. This download might be due to the free Internet access and the absence of network defense solutions. Identify the Internet access policy demonstrated in the above scenario.
Which of the following algorithms is an iterated block cipher that works by repeating the defined steps multiple times and has a 128-bit block size, having key sizes of 128, 192, and 256 bits?
Steve was sharing his confidential file with John via an email that was digitally signed and encrypted. The digital signature was made using the 'Diffie-Hellman (X9.42) with DSS' algorithm, and the email was encrypted using triple DES. Which of the following protocols employs the above features to encrypt an email message?
Below is the list of encryption modes used in a wireless network. 1.WPA2 Enterprise with RADIUS 2.WPA3 3.WPA2 PSK 4.WPA2 Enterprise Identify the correct order of wireless encryption modes in terms of security from high to low.
Cibel.org, an organization, wanted to develop a web application for marketing its products to the public. In this process, they consulted a cloud service provider and requested provision of development tools, configuration management, and deployment platforms for developing customized applications. Identify the type of cloud service requested by Cibel.org in the above scenario.

Question 39 - 112-51 discussion

Report
Export

Joseph, a security professional, was instructed to secure the organization's network. In this process, he began analyzing packet headers to check whether any indications of source and destination IP addresses and port numbers are being changed during transmission.

Identify the attack signature analysis technique performed by Joseph in the above scenario.

A.
Composite-signature-based analysis
Answers
A.
Composite-signature-based analysis
B.
Context-based signature analysis
Answers
B.
Context-based signature analysis
C.
Content-based signature analysis
Answers
C.
Content-based signature analysis
D.
Atomic-signature-based analysis
Answers
D.
Atomic-signature-based analysis
Suggested answer: D

Explanation:

Atomic-signature-based analysis is a type of attack signature analysis technique that uses a single characteristic or attribute of a packet header to identify malicious traffic. Atomic signatures are simple and fast to match, but they can also generate false positives or miss some attacks. Some examples of atomic signatures are source and destination IP addresses, port numbers, protocol types, and TCP flags. Atomic-signature-based analysis is the technique performed by Joseph in the above scenario, as he analyzed packet headers to check whether any indications of source and destination IP addresses and port numbers are being changed during transmission.

Reference:

[Understanding the Network Traffic Signatures] - Module 12: Network Traffic Monitoring

Network Defense Essentials (NDE) | Coursera - Week 12: Network Traffic Monitoring

[Network Defense Essentials Module 12 (Network Traffic Monitoring) - Quizlet] - Flashcards: What are Network Traffic Signatures?

Show Answer
asked 18/09/2024
frederic dohen
36 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms