EC-COUNCIL 312-38 Online Practice Questions and Exam Preparation

EC-COUNCIL 312-38 Online Questions & Answers

• Question 121:

  Brendan wants to implement a hardware based RAID system in his network. He is thinking of choosing a suitable RAM type for the architectural setup in the system. The type he is interested in provides access times of up to 20 ns. Which type of RAM will he select for his RAID system?

  A. NVRAM
  B. SDRAM
  C. NAND flash memory
  D. SRAM
  D. SRAM

• Question 122:

  What defines the maximum time period an organization is willing to lose data during a major IT outage event?

  A. BC
  B. RTO
  C. DR
  D. RPO
  D. RPO

• Question 123:

  Identify the password cracking attempt involving precomputed hash values stored as plaintext and used to crack the password.

  A. Bruteforce
  B. Rainbow table
  C. Hybrid
  D. Dictionary
  B. Rainbow table

• Question 124:

  Fill in the blank with the appropriate term. A network is a local area network (LAN) in which all computers are connected in a ring or star topology and a bit- or tokenpassing scheme is used for preventing the collision of data between two computers that want to send messages at the same time.

  Token Ring

  Explanation/Reference:

  A Token Ring network is a local area network (LAN) in which all computers are connected in a ring or star topology and a bit- or token-passing scheme is used in order to prevent the collision of data between two computers that want to send messages at the same time. The Token Ring protocol is the second most widely-used protocol on local area networks after Ethernet. The IBM Token Ring protocol led to a standard version, specified as IEEE 802.5. Both protocols are used and are very similar. The IEEE 802.5 Token Ring technology provides for data transfer rates of either 4 or 16 megabits per second. Working: Empty information frames are constantly circulated on the ring. When a computer has a message to send, it adds a token to an empty frame and adds a message and a destination identifier to the frame. The frame is then observed by each successive workstation. If the workstation sees that it is the destination for the message, it copies the message from the frame and modifies the token back to 0. When the frame gets back to the originator, it sees that the token has been modified to 0 and that the message has been copied and received. It removes the message from the particular frame. The frame continues to circulate as an empty frame, ready to be taken by a workstation when it has a message to send.

• Question 125:

  Michelle is a network security administrator working at a multinational company. She wants to provide secure access to corporate data (documents, spreadsheets, email, schedules, presentations, and other enterprise data) on mobile devices across organizations networks without being slowed down and also wants to enable easy and secure sharing of information between devices within an enterprise. Based on the above mentioned requirements, which among the following solution should Michelle implement?

  A. MEM
  B. MAM
  C. MCM
  D. MDM
  D. MDM

• Question 126:

  Which of following are benefits of using loT devices in loT-enabled environments?

  A. loT device car be connected anytime II . loT device can be connected at any place III. loT devices connected to anything
  B. I, II and III
  C. I
  D. II
  E. I and II
  A. loT device car be connected anytime II . loT device can be connected at any place III. loT devices connected to anything

• Question 127:

  Which of the following phases is the first step towards creating a business continuity plan?

  A. Business Impact Assessment
  B. Scope and Plan Initiation
  C. Business Continuity Plan Development
  D. Plan Approval and Implementation
  B. Scope and Plan Initiation

• Question 128:

  Which of the following types of information can be obtained through network sniffing? (Choose all that apply.)

  A. DNS traffic
  B. Telnet passwords
  C. Programming errors
  D. Syslog traffic
  A. DNS traffic
  C. Programming errors
  D. Syslog traffic

• Question 129:

  Which of the information below can be gained through network sniffing? (Select all that apply)

  A. Telnet Passwords
  B. Syslog traffic
  C. DNS traffic
  D. Programming errors
  A. Telnet Passwords
  B. Syslog traffic
  C. DNS traffic

• Question 130:

  Which of the following tools is described below? It is a set of tools that are used for sniffing passwords, e-mail, and HTTP traffic. Some of its tools include arpredirect, macof, tcpkill, tcpnice, filesnarf, and mailsnarf. It is highly effective for sniffing both switched and shared networks. It uses the arpredirect and macof tools for switching across switched networks. It can also be used to capture authentication information for FTP, telnet, SMTP, HTTP, POP, NNTP, IMAP, etc.

  A. Dsniff
  B. Cain
  C. Libnids
  D. LIDS
  A. Dsniff

  ---

  Explanation/Reference:

  Dsniff is a set of tools that are used for sniffing passwords, e-mail, and HTTP traffic. Some of the tools of Dsniff include dsniff, arpredirect, macof, tcpkill, tcpnice, filesnarf, and mailsnarf. Dsniff is highly effective for sniffing both switched and shared networks. It uses the arpredirect and macof tools for switching across switched networks. It can also be used to capture authentication information for FTP, telnet, SMTP, HTTP, POP, NNTP, IMAP, etc. Answer option B is incorrect. Cain is a multipurpose tool that can be used to perform many tasks such as Windows password cracking, Windows enumeration, and VoIP session sniffing. This password cracking program can perform the following types of password cracking attacks: Dictionary attack Brute force attack Rainbow attack Hybrid attack Answer options D and C are incorrect. These tools are port scan detection tools that are used in the Linux operating system.