Home / ECCouncil / 312-38

Question list

List of questions

Question 1

(0)

Which of the following steps of the OPSEC process examines each aspect of the planned operation to identify OPSEC indicators that could reveal critical information and then compare those indicators

Question 2

(0)

Which of the following is a communication protocol that multicasts messages and information among all member devices in an IP multicast group?

Question 3

(0)

In which of the following attacks do computers act as zombies and work together to send out bogus messages, thereby increasing the amount of phony traffic?

Question 4

(0)

Attacks are classified into which of the following? Each correct answer represents a complete solution. Choose all that apply.

Question 5

(0)

Which of the following statements are true about an IPv6 network? Each correct answer represents a complete solution. Choose all that apply.

Question 6

(0)

Which of the following transmission modes of communication is one-way?

Question 7

(0)

Which of the following is designed to detect unwanted changes by observing the flame of the environment associated with combustion?

Question 8

(0)

Which of the following features is used to generate spam on the Internet by spammers and worms?

Question 9

(0)

Which of the following tools is described below? It is a set of tools that are used for sniffing passwords, e-mail, and HTTP traffic. Some of its tools include arpredirect, macof, tcpkill, tcpnice,

Question 10

(0)

Which of the following IP class addresses are not allotted to hosts? Each correct answer represents a complete solution. Choose all that apply.

Related questions

Which of the following tools are NOT used for logging network activities in the Linux operating system? Each correct answer represents a complete solution. Choose all that apply.

Which of the following is a management process that provides a framework for promoting quick recovery and the capability for an effective response to protect the interests of its brand, reputation, and stakeholders?

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com . He is using a tool to crack the wireless encryption keys. The description of the tool is as follows: „It is a Linux-based WLAN WEP cracking tool that recovers encryption keys. It operates by passively monitoring transmissions. It uses Ciphertext Only Attack and captures approximately 5 to 10 million packets to decrypt the WEP keys." Which of the following tools is John using to crack the wireless encryption keys?

Emmanuel works as a Windows system administrator at an MNC. He uses PowerShell to enforce the script execution policy. He wants to allow the execution of the scripts that are signed by a trusted publisher. Which ofthe following script execution policy setting this?

Which of the follow ng security models enable strict identity verification for every user or device attempting to access the network resources?

Which of the following IEEE standards defines a physical bus topology?

Which of the following standards defines Logical Link Control (LLC)?

Sam wants to implement a network-based IDS and finalizes an IDS solution that works based on pattern matching. Which type of network-based IDS is Sam implementing?

Which of the following types of RAID is also known as disk striping?

Which of the following is designed to detect unwanted changes by observing the flame of the environment associated with combustion?

Question 97 - 312-38 discussion

Which of the following is a mechanism that helps in ensuring that only the intended and authorized recipients are able to read data?

Integrity

Data availability

Confidentiality

Authentication

Suggested answer: C

Explanation:

Confidentiality is a mechanism that ensures that only the intended and authorized recipients are able to read data. The data is so encrypted that even if an unauthorized user gets access to it, he will not get any meaning out of it.

Answer option A is incorrect. In information security, integrity means that data cannot be modified without authorization. This is not the same thing as referential integrity in databases. Integrity is violated when an employee accidentally or with malicious intent deletes important data files, when a computer virus infects a computer, when an employee is able to modify his own salary in a payroll database, when an unauthorized user vandalizes a web site, when someone is able to cast a very large number of votes in an online poll, and so on. There are many ways in which integrity could be violated without malicious intent. In the simplest case, a user on a system could mistype someone's address. On a larger scale, if an automated process is not written and tested correctly, bulk updates to a database could alter data in an incorrect way, leaving the integrity of the data compromised. Information security professionals are tasked with finding ways to implement controls that prevent errors of integrity.

Answer option B is incorrect. Data availability is one of the security principles that ensures that the data and communication services will be available for use when needed (expected). It is a method of describing products and services availability by which it is ensured that data continues to be available at a required level of performance in situations ranging from normal to disastrous. Data availability is achieved through redundancy, which depends upon where the data is stored and how it can be reached.

Answer option D is incorrect. Authentication is the act of establishing or confirming something (or someone) as authentic, i.e., the claims made by or about the subject are true ("authentification" is a variant of this word).

Show Answer

asked 18/09/2024

Ayyaz Rehan Ikram

24 questions

Your answer: A B C D

0 comments

Sorted by