EC-COUNCIL 312-38 Online Practice Questions and Exam Preparation

EC-COUNCIL 312-38 Online Questions & Answers

• Question 221:

  John, the network administrator and he wants to enable the NetFlow feature in Cisco routers to collect and monitor the IP network traffic passing through the router. Which command will John use to enable NetFlow on an interface?

  A. Router IP route
  B. Router(Config-if) # IP route cache flow
  C. Router# Netmon enable
  D. Router# netflow enable
  B. Router(Config-if) # IP route cache flow

• Question 222:

  Frank is a network technician working for a medium-sized law firm in Memphis. Frank and two other IT employees take care of all the technical needs for the firm. The firm's partners have asked that a secure wireless network be implemented in the office so employees can move about freely without being tied to a network cable. While Frank and his colleagues are familiar with wired Ethernet technologies, 802.3, they are not familiar with how to setup wireless in a business environment. What IEEE standard should Frank and the other IT employees follow to become familiar with wireless?

  A. The IEEE standard covering wireless is 802.9 and they should follow this.
  B. 802.7 covers wireless standards and should be followed
  C. They should follow the 802.11 standard
  D. Frank and the other IT employees should follow the 802.1 standard.
  C. They should follow the 802.11 standard

• Question 223:

  In which of the following attacks does an attacker use software that tries a large number of key combinations in order to get a password?

  A. Buffer overflow
  B. Brute force attack
  C. Zero-day attack
  D. Smurf attack
  B. Brute force attack

  ---

  Explanation/Reference:

  In a brute force attack, an attacker uses software that tries a large number of key combinations in order to get a password. To prevent such attacks, users should create passwords that are more difficult to guess, i.e., by using a minimum of six characters, alphanumeric combinations, and lower-upper case combinations. Answer option D is incorrect. Smurf is an attack that generates significant computer network traffic on a victim network. This is a type of denial-of-service attack that floods a target system via spoofed broadcast ping messages. In such attacks, a perpetrator sends a large amount of ICMP echo request (ping) traffic to IP broadcast addresses, all of which have a spoofed source IP address of the intended victim. If the routing device delivering traffic to those broadcast addresses delivers the IP broadcast to all hosts, most hosts on that IP network will take the ICMP echo request and reply to it with an echo reply, which multiplies the traffic by the number of hosts responding. Answer option A is incorrect. Buffer overflow is a condition in which an application receives more data than it is configured to accept. It helps an attacker not only to execute a malicious code on the target system but also to install backdoors on the target system for further attacks. All buffer overflow attacks are due to only sloppy programming or poor memory management by the application developers. The main types of buffer overflows are: Stack overflow Format string overflow Heap overflow Integer overflow Answer option C is incorrect. A zero-day attack, also known as zero-hour attack, is a computer threat that tries to exploit computer application vulnerabilities which are unknown to others, undisclosed to the software vendor, or for which no security fix is available. Zero-day exploits (actual code that can use a security hole to carry out an attack) are used or shared by attackers before the software vendor knows about the mvulnerability. User awareness training is the most effective technique to mitigate such attacks.

• Question 224:

  Which of the following is the practice of sending unwanted e-mail messages, frequently with commercial content, in large quantities to an indiscriminate set of recipients? Each correct answer represents a complete solution. Choose all that apply.

  A. Email spoofing
  B. Junk mail
  C. E-mail spam
  D. Email jamming
  B. Junk mail
  C. E-mail spam

  ---

  Explanation/Reference:

  E-mail spam, also known as unsolicited bulk email (UBE), junk mail, or unsolicited commercial email (UCE), is the practice of sending unwanted e-mail messages, frequently with commercial content, in large quantities to an indiscriminate set of recipients. Answer option A is incorrect. Email spoofing is a fraudulent email activity in which the sender address and other parts of the email header are altered to appear as though the email originated from a different source. Email spoofing is a technique commonly used in spam and phishing emails to hide the origin of the email message. By changing certain properties of the email, such as the From, Return-Path and Reply-To fields (which can be found in the message header), ill-intentioned users can make the email appear to be from someone other than the actual sender. The result is that, although the email appears to come from the address indicated in the From field (found in the email headers), it actually comes from another source. Answer option D is incorrect. Email jamming is the use of sensitive words in e-mails to jam the authorities that listen in on them by providing a form of a red herring and an intentional annoyance. In this attack, an attacker deliberately includes "sensitive" words and phrases in otherwise innocuous emails to ensure that these are picked up by the monitoring systems. As a result, the senders of these emails will eventually be added to a "harmless" list and their emails will be no longer intercepted, hence it will allow them to regain some privacy.

• Question 225:

  Which of the following is designed to detect unwanted changes by observing the flame of the environment associated with combustion?

  A. Fire extinguishing system
  B. None
  C. Gaseous fire-extinguishing systems
  D. sprinkler
  E. Smoke alarm system
  E. Smoke alarm system

• Question 226:

  Which type of risk treatment process Includes not allowing the use of laptops in an organization to ensure its security?

  A. Risk avoidance
  B. Mitigate the risk
  C. Eliminate the risk
  D. Reduce the risk
  A. Risk avoidance

• Question 227:

  Which of the following attacks, the attacker cannot use the software, which is trying a number of key combinations in order to obtain your password?

  A. Buffer overflow
  B. Zero-day attack
  C. Smurf attack
  D. None
  E. Shock brutal force
  E. Shock brutal force

• Question 228:

  An enterprise recently moved to a new office and the new neighborhood is a little risky. The CEO wants to monitor the physical perimeter and the entrance doors 24 hours. What is the best option to do this job?

  A. Install a CCTV with cameras pointing to the entrance doors and the street
  B. Use fences in the entrance doors
  C. Use lights in all the entrance doors and along the company's perimeter
  D. Use an IDS in the entrance doors and install some of them near the corners
  A. Install a CCTV with cameras pointing to the entrance doors and the street

• Question 229:

  This is a Windows-based tool that is used for the detection of wireless LANs using the IEEE 802.11a, 802.11b, and 802.11g standards. The main features of these tools are as follows:

  It displays the signal strength of a wireless network, MAC address, SSID, channel details, etc.

  It is commonly used for the following purposes:

  A. War driving
  B. Detecting unauthorized access points
  C. Detecting causes of interference on a WLAN
  D. WEP ICV error tracking
  E. Making Graphs and Alarms on 802.11 Data, including Signal Strength This tool is known as __________.
  F. Kismet
  G. Absinthe
  H. THC-Scan
  I. NetStumbler
  A. War driving
  D. WEP ICV error tracking
  E. Making Graphs and Alarms on 802.11 Data, including Signal Strength This tool is known as __________.
  I. NetStumbler

  ---

  It displays the signal strength of a wireless network, MAC address, SSID, channel details, etc.

  It is commonly used for the following purposes:

  a.War driving

  b.Detecting unauthorized access points

  c.Detecting causes of interference on a WLAN

  d.WEP ICV error tracking

  e.Making Graphs and Alarms on 802.11 Data, including Signal Strength

  Answer option A is incorrect. Kismet is an IEEE 802.11 layer2 wireless network detector, sniffer, and intrusion detection system.

  Answer option C is incorrect. THC-Scan is a war-dialing tool.

  Answer option B is incorrect. Absinthe is an automated SQL injection tool.

• Question 230:

  Which of the following honeypots is a useful little burglar alarm?

  A. Backofficer friendly
  B. Specter
  C. Honeynet
  D. Honeyd
  A. Backofficer friendly