EC-COUNCIL 312-38 Online Practice Questions and Exam Preparation

EC-COUNCIL 312-38 Online Questions & Answers

• Question 431:

  Which of the following IEEE standards is an example of a DQDB access method?

  A. 802.3
  B. 802.5
  C. 802.6
  D. 802.4
  C. 802.6

• Question 432:

  Which of the following is NOT an AWS Shared Responsibility Model devised by AWS?

  A. Shared Responsibility Model for Container Services
  B. Shared Responsibility Model for Infrastructure Services
  C. Shared Responsibility Model for Abstract Services
  D. Shared Responsibility Model for Storage Services
  D. Shared Responsibility Model for Storage Services

• Question 433:

  To provide optimum security while enabling safe/necessary services, blocking known dangerous services, and making employees accountable for their online activity, what Internet Access policy would Brian, the network administrator, have to choose?

  A. Prudent policy
  B. Paranoid policy
  C. Promiscuous policy
  D. Permissive policy
  A. Prudent policy

• Question 434:

  Harry has successfully completed the vulnerability scanning process and found serious vulnerabilities exist in the organization's network. Identify the vulnerability management phases through which he will proceed to ensure all the detected vulnerabilities are addressed and eradicated. (Select all that apply)

  A. Mitigation
  B. Assessment
  C. Verification
  D. Remediation
  A. Mitigation
  C. Verification
  D. Remediation

• Question 435:

  Fill in the blank with the appropriate term. encryption is a type of encryption that uses two keys, i.e., a public key and a private key pair for data encryption. It is also known as public key encryption.

  Asymmetric

  Explanation/Reference:

  Asymmetric encryption is a type of encryption that uses two keys, i.e., a public key and a private key pair for data encryption. The public key is available to everyone, while the private or secret key is available only to the recipient of the message. For example, when a user sends a message or data to another user, the sender uses the public key to encrypt the data. The receiver uses his private key to decrypt the data.

• Question 436:

  Which of the following layers of the OSI model provides end-to-end connections and reliability?

  A. Transport layer
  B. Session layer
  C. Network layer
  D. Physical layer
  A. Transport layer

• Question 437:

  James is working as a Network Administrator in a reputed company situated in California. He is monitoring his network traffic with the help of Wireshark. He wants to check and analyze the traffic against a PING sweep attack. Which of the following Wireshark filters will he use?

  A. Icmp.type==8 or icmp.type==16
  B. icmp.type==8 or icmp.type==0
  C. icmp.type==8 and icmp.type==0
  D. Icmp.type==0 and icmp.type==16
  B. icmp.type==8 or icmp.type==0

• Question 438:

  If Myron, head of network defense at Cyberdyne, wants to change the default password policy settings on the company's Linux systems, which directory should he access?

  A. /etc/logrotate.conf
  B. /etc/hosts.allow
  C. /etc/crontab
  D. /etc/login.defs
  D. /etc/login.defs

• Question 439:

  Which of the following policies is used to add additional information about the overall security posture and serves to protect employees and organizations from inefficiency or ambiguity?

  A. User policy
  B. Group policy
  C. Issue-Specific Security Policy
  D. IT policy
  C. Issue-Specific Security Policy

  ---

  Explanation/Reference:

  The Issue-Specific Security Policy (ISSP) is used to add additional information about the overall security posture. It helps in providing detailed, targeted guidance for instructing organizations in the secure use of tech systems. This policy serves to protect employees and organizations from inefficiency or ambiguity. Answer option A is incorrect. A user policy helps in defining what users can and should do to use network and organization's computer equipment. It also defines what limitations are put on users for maintaining the network secure such as whether users can install programs on their workstations, types of programs users are using, and how users can access data. Answer option D is incorrect. IT policy includes general policies for the IT department. These policies are intended to keep the network secure and stable. It includes the following: Virus incident and security incident Backup policy Client update policies Server configuration, patch update, and modification policies (security) Firewall policies, Dmz policy, email retention, and auto forwarded email policy Answer option B is incorrect. A group policy specifies how programs, network resources, and the operating system work for users and computers in an organization.

• Question 440:

  Which of the following attack signature analysis techniques are implemented to examine the header information and conclude that a packet has been altered?

  A. Composite signature-based analysis
  B. Atomic signature-based analysis
  C. Content-based signature analysis
  D. Context-based signature analysis
  D. Context-based signature analysis