EC-COUNCIL 312-38 Online Practice Questions and Exam Preparation

EC-COUNCIL 312-38 Online Questions & Answers

• Question 271:

  Which of the following OSI layers is sometimes called the syntax layer?

  A. Presentation layer
  B. Application layer
  C. Physical layer
  D. Data link layer
  A. Presentation layer

• Question 272:

  Which of the following provide an "always on" Internet access service when connecting to an ISP? Each correct answer represents a complete solution. (Choose two.)

  A. Digital modem
  B. Cable modem
  C. Analog modem
  D. DSL
  B. Cable modem
  D. DSL

  ---

  Explanation/Reference:

  DSL and Cable modems are used in remote-access WAN technology for connecting to the Internet. Both provide an "always on" Internet access service. Answer options C and A are incorrect. Analog and Digital modems are not always in 'ON' mode when connecting to an ISP. Analog modems transmit analog voice signals, while Digital modems transmit digital signals over a link.

• Question 273:

  Which type of information security policy addresses the implementation and configuration of technology and user behavior?

  A. Enterprise information security policy
  B. Acceptable use policy
  C. System specific security policy
  D. Issue-specific security policy
  C. System specific security policy

• Question 274:

  Nancy is working as a network administrator for a small company. Management wants to implement a RAID storage for their organization. They want to use the appropriate RAID level for their backup plan that will satisfy the following requirements:

  1.

  It has a parity check to store all the information about the data in multiple drives

  2.

  Help reconstruct the data during downtime.

  3.

  Process the data at a good speed.

  4.

  Should not be expensive.

  The management team asks Nancy to research and suggest the appropriate RAID level that best suits their requirements. What RAID level will she suggest?

  A. RAID 3.
  B. RAID 1
  C. RAID 0
  D. RAID 10
  A. RAID 3.

• Question 275:

  Which of the following is a type of computer security that deals with protection against spurious signals emitted by electrical equipment in the system?

  A. Communication Security
  B. Physical security
  C. Emanation Security
  D. Hardware security
  C. Emanation Security

  ---

  Explanation/Reference:

  Emanation security is one of the types of computer security that deals with protection against spurious signals emitted by electrical equipment in the system, such as electromagnetic emission (from displays), visible emission (displays may be

  visible through windows), and audio emission (sounds from printers, etc). Answer option D is incorrect. Hardware security helps in dealing with the vulnerabilities in the handling of hardware.

  Answer option B is incorrect. Physical security helps in dealing with protection of computer hardware and associated equipment.

  Answer option A is incorrect. Communication security helps in dealing with the protection of data and information during transmission.

• Question 276:

  What is needed for idle scan a closed port the next steps? Each correct answer represents a part of the solution. Choose all that apply.

  A. Zombie ignores unsolicited RST, and IP ID remains unchanged.
  B. The attacker sends a SYN/ACK zombie.
  C. In response to the SYN, the target to send RST.
  D. Zombie IP ID will increase by only 1.
  E. Zombie IP ID 2 rises.
  A. Zombie ignores unsolicited RST, and IP ID remains unchanged.
  B. The attacker sends a SYN/ACK zombie.
  C. In response to the SYN, the target to send RST.
  D. Zombie IP ID will increase by only 1.

• Question 277:

  How is an "attack" represented?

  A. Motive (goal) + method
  B. Motive (goal) + method + vulnerability
  C. Asset + Threat + Vulnerability
  D. Asset + Threat
  A. Motive (goal) + method

• Question 278:

  Which of the following things need to be identified during attack surface visualization?

  A. Attacker's tools, techniques, and procedures
  B. Authentication, authorization, and auditing in networks
  C. Regulatory frameworks, standards and, procedures for organizations
  D. Assets, topologies, and policies of the organization
  A. Attacker's tools, techniques, and procedures

• Question 279:

  Which of the following header fields in TCP/IP protocols involves Ping of Death attack?

  A. SMTP header field
  B. TCP header field
  C. IP header field
  D. UDP header field
  B. TCP header field

• Question 280:

  Identify the spread spectrum technique that multiplies the original data signal with a pseudo random noise spreading code.

  A. ISM
  B. FHSS
  C. DSSS
  D. OFDM
  C. DSSS