Home / ECCouncil / 312-38

Question list

List of questions

Question 1

(0)

Which of the following steps of the OPSEC process examines each aspect of the planned operation to identify OPSEC indicators that could reveal critical information and then compare those indicators

Question 2

(0)

Which of the following is a communication protocol that multicasts messages and information among all member devices in an IP multicast group?

Question 3

(0)

In which of the following attacks do computers act as zombies and work together to send out bogus messages, thereby increasing the amount of phony traffic?

Question 4

(0)

Attacks are classified into which of the following? Each correct answer represents a complete solution. Choose all that apply.

Question 5

(0)

Which of the following statements are true about an IPv6 network? Each correct answer represents a complete solution. Choose all that apply.

Question 6

(0)

Which of the following transmission modes of communication is one-way?

Question 7

(0)

Which of the following is designed to detect unwanted changes by observing the flame of the environment associated with combustion?

Question 8

(0)

Which of the following features is used to generate spam on the Internet by spammers and worms?

Question 9

(0)

Which of the following tools is described below? It is a set of tools that are used for sniffing passwords, e-mail, and HTTP traffic. Some of its tools include arpredirect, macof, tcpkill, tcpnice,

Question 10

(0)

Which of the following IP class addresses are not allotted to hosts? Each correct answer represents a complete solution. Choose all that apply.

Related questions

Which of the following tools are NOT used for logging network activities in the Linux operating system? Each correct answer represents a complete solution. Choose all that apply.

Which of the following is a management process that provides a framework for promoting quick recovery and the capability for an effective response to protect the interests of its brand, reputation, and stakeholders?

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com . He is using a tool to crack the wireless encryption keys. The description of the tool is as follows: „It is a Linux-based WLAN WEP cracking tool that recovers encryption keys. It operates by passively monitoring transmissions. It uses Ciphertext Only Attack and captures approximately 5 to 10 million packets to decrypt the WEP keys." Which of the following tools is John using to crack the wireless encryption keys?

Emmanuel works as a Windows system administrator at an MNC. He uses PowerShell to enforce the script execution policy. He wants to allow the execution of the scripts that are signed by a trusted publisher. Which ofthe following script execution policy setting this?

Which of the follow ng security models enable strict identity verification for every user or device attempting to access the network resources?

Which of the following IEEE standards defines a physical bus topology?

Which of the following standards defines Logical Link Control (LLC)?

Sam wants to implement a network-based IDS and finalizes an IDS solution that works based on pattern matching. Which type of network-based IDS is Sam implementing?

Which of the following types of RAID is also known as disk striping?

Which of the following is designed to detect unwanted changes by observing the flame of the environment associated with combustion?

Question 15 - 312-38 discussion

Which of the following attacks is a class of brute force attacks that depends on the higher likelihood of collisions found between random attack attempts and a fixed degree of permutations?

Phishing attack

Replay attack

Birthday attack

Dictionary attack

Suggested answer: C

Explanation:

A birthday attack is a class of brute force attacks that exploits the mathematics behind the birthday problem in probability theory. It is a type of cryptography attack. The birthday attack depends on the higher likelihood of collisions found between random attack attempts and a fixed degree of permutations.

Answer option D is incorrect. A dictionary attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching likely possibilities. A dictionary attack uses a brute-force technique of successively trying all the words in an exhaustive list (from a prearranged list of values). In contrast with a normal brute force attack, where a large proportion key space is searched systematically, a dictionary attack tries only those possibilities which are most likely to succeed, typically derived from a list of words in a dictionary. Generally, dictionary attacks succeed because many people have a tendency to choose passwords which are short (7 characters or fewer), single words found in dictionaries, or simple, easily-predicted variations on words, such as appending a digit.

Answer option A is incorrect. Phishing is a type of internet fraud attempted by hackers. Hackers try to log into system by masquerading as a trustworthy entity and acquire sensitive information, such as, username, password, bank account details, credit card details, etc. After collecting this information, hackers try to use this information for their gain.

Answer option B is incorrect. A replay attack is a form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it, possibly as part of a masquerade attack by IP packet substitution.

Show Answer

asked 18/09/2024

Kinzonji Tavares

42 questions

Your answer: A B C D

0 comments

Sorted by