312-38 Exam Details

  • Exam Code
    :312-38
  • Exam Name
    :EC-Council Certified Network Defender (CND)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :653 Q&As
  • Last Updated
    :Jul 09, 2026

EC-COUNCIL 312-38 Online Questions & Answers

  • Question 61:

    Syslog and SNMP are the two main _______ protocols through which log records are transferred.

    A. Pull-based
    B. Push-based
    C. Host-based
    D. Network-based

  • Question 62:

    Which type of attack is used to hack an IoT device and direct large amounts of network traffic toward a web server, resulting in overloading the server with connections and preventing any new connections?

    A. XSS
    B. DDoS
    C. XCRF
    D. Sniffing

  • Question 63:

    Which of the following IEEE standards is also called Fast Basic Service Set Transition?

    A. 802.11r
    B. 802.11e
    C. 802.11a
    D. 802.11b

  • Question 64:

    The SOC manager is reviewing logs in AlienVault USM to investigate an intrusion on the network. Which CND approach is being used?

    A. Retrospective
    B. Reactive
    C. Deterrent D. Preventive

  • Question 65:

    Which of the following is a tool that runs on the Windows OS and analyzes iptables log messages to detect port scans and other suspicious traffic?

    A. Nmap
    B. Hping
    C. NetRanger
    D. PSAD

  • Question 66:

    Fill in the blank with the appropriate term. The model is a description framework for computer network protocols and is sometimes called the Internet Model or the DoD Model.

  • Question 67:

    Adam, a malicious hacker, is sniffing an unprotected Wi-FI network located in a local store with Wireshark to capture hotmail e-mail traffic. He knows that lots of people are using their laptops for browsing the Web in the store. Adam wants to sniff their e-mail messages traversing the unprotected Wi-Fi network. Which of the following Wireshark filters will Adam configure to display only the packets with hotmail email messages?

    A. (http = "login.pass.com") andand (http contains "SMTP")
    B. (http contains "email") andand (http contains "hotmail")
    C. (http contains "hotmail") andand (http contains "Reply-To")
    D. (http = "login.passport.com") andand (http contains "POP3")

  • Question 68:

    Which of the following encryption techniques do digital signatures use?

    A. MD5
    B. RSA
    C. Blowfish
    D. IDEA

  • Question 69:

    Which of the following statements are true about an IPv6 network? Each correct answer represents a complete solution. Choose all that apply.

    A. For interoperability, IPv4 addresses use the last 32 bits of IPv6 addresses.
    B. It increases the number of available IP addresses.
    C. It uses longer subnet masks than those used in IPv4.
    D. It provides improved authentication and security.
    E. It uses 128-bit addresses.

  • Question 70:

    Andrew would like to configure IPsec in a manner that provides confidentiality for the content of packets. What component of IPsec provides this capability?

    A. IKE
    B. ESP
    C. AH
    D. ISAKMP

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-38 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.