• Home
  • Blogs
  • [Full-Version] 2024 Updated EC-COUNCIL Study Guide 312-38 Dumps Questions [Q77-Q92]

[Full-Version] 2024 Updated EC-COUNCIL Study Guide 312-38 Dumps Questions [Q77-Q92]

Share

[Full-Version] 2024 Updated EC-COUNCIL Study Guide 312-38 Dumps Questions

Newest 312-38 Exam Dumps Achieve Success in Actual 312-38 Exam


EC-COUNCIL 312-38 (EC-Council Certified Network Defender CND) Certification Exam is designed for individuals who want to pursue a career in network security. EC-Council Certified Network Defender CND certification exam tests the knowledge and skills required to protect computer networks from unauthorized access, data breaches, and other security threats. It covers various topics such as network security protocols, firewalls, intrusion detection and prevention, cryptography, and more.

 

NEW QUESTION # 77
Which of the following network security controls can an administrator use to detect, deflect or study attempts to gain unauthorized access to information systems?

  • A. Honeypot
  • B. IDS/IPS
  • C. Network Protocol Analyzer
  • D. Proxy Server

Answer: A


NEW QUESTION # 78
Which of the following types of cyberstalking damages the reputation of their victim and turns other people against them by setting up their own Websites, blogs, or user pages for this purpose?

  • A. Attempts to gather information about the victim
  • B. Encouraging others to harass the victim
  • C. False accusation
  • D. False victimization

Answer: C

Explanation:
In false accusations, many cyberstalkers try to damage the reputation of their victim and turn other people against them. They post false information about them on Websites. They may set up their own Websites, blogs, or user pages for this purpose. They post allegations about the victim to newsgroups, chat rooms, or other sites that allow public contributions.
Answer option D is incorrect. In false victimization, the cyberstalker claims that the victim is harassing him/her.
Answer option C is incorrect. In this type of cyberstalking, many cyberstalkers try to involve third parties in the harassment. They claim that the victim has harmed the stalker in some way, or may post the victim's name and telephone number in order to encourage others to join the pursuit.
Answer option B is incorrect. In an attempt to gather information, cyberstalkers may approach their victim's friends, family, and work colleagues to obtain personal information. They may advertise for information on the Internet. They often will monitor the victim's online activities and attempt to trace their IP address in an effort to gather more information about their victims.


NEW QUESTION # 79
Liza was told by her network administrator that they will be implementing IPsec VPN tunnels to connect the branch locations to the main office. What layer of the OSI model do IPsec tunnels function on?

  • A. The session layer
  • B. The data link layer
  • C. The application and physical layers
  • D. The network layer

Answer: D


NEW QUESTION # 80
Which of the following is an attack on a website that changes the visual appearance of the site and seriously damages the trust and reputation of the website?

  • A. Zero-day attack
  • B. Buffer overflow
  • C. Website defacement
  • D. Spoofing

Answer: C

Explanation:
Website defacement is an attack on a website that changes the visual appearance of the site. These are typically the work of system crackers, who break into a Web server and replace the hosted website with one of their own. Sometimes, the Defacer makes fun of the system administrator for failing to maintain server security. Most times, the defacement is harmless; however, it can sometimes be used as a distraction to cover up more sinister actions such as uploading malware.
A high-profile website defacement was carried out on the website of the company SCO Group following its assertion that Linux contained stolen code. The title of the page was changed from Red Hat vs. SCO to SCO vs. World with various satirical content.
Answer option D is incorrect. Buffer overflow is a condition in which an application receives more data than it is configured to accept. This usually occurs due to programming errors in the application. Buffer overflow can terminate or crash the application.
Answer option B is incorrect. A zero-day attack, also known as zero-hour attack, is a computer threat that tries to exploit computer application vulnerabilities which are unknown to others, undisclosed to the software vendor, or for which no security fix is available. Zero-day exploits (actual code that can use a security hole to carry out an attack) are used or shared by attackers before the software vendor knows about the vulnerability. User awareness training is the most effective technique to mitigate such attacks.
Answer option C is incorrect. Spoofing is a technique that makes a transmission appear to have come from an authentic source by forging the IP address, email address, caller ID, etc. In IP spoofing, a hacker modifies packet headers by using someone else's IP address to hide his identity. However, spoofing cannot be used while surfing the Internet, chatting on-line, etc. because forging the source IP address causes the responses to be misdirected.


NEW QUESTION # 81
Eric is receiving complaints from employees that their systems are very slow and experiencing odd issues including restarting automatically and frequent system hangs. Upon investigating, he is convinced the systems are infected with a virus that forces systems to shut down automatically after period of time. What type of security incident are the employees a victim of?

  • A. Denial of service
  • B. Distributed denial of service
  • C. Scans and probes
  • D. Malicious Code

Answer: D


NEW QUESTION # 82
Adam works as a Professional Penetration Tester. A project has been assigned to him to test the vulnerabilities of the CISCO Router of Umbrella Inc. Adam finds out that HTTP Configuration Arbitrary Administrative Access Vulnerability exists in the router. By applying different password cracking tools, Adam gains access to the router. He analyzes the router config file and notices the following lines:
logging buffered errors
logging history critical
logging trap warnings
logging 10.0.1.103
By analyzing the above lines, Adam concludes that this router is logging at log level 4 to the syslog server
10.0.1.103. He decides to change the log level from 4 to 0.
Which of the following is the most likely reason of changing the log level?

  • A. Changing the log level from 4 to 0 will result in the termination of logging. This way the modification in the router is not sent to the syslog server.
  • B. Changing the log level grants access to the router as an Administrator.
  • C. By changing the log level, Adam can easily perform a SQL injection attack.
  • D. Changing the log level from 4 to 0 will result in the logging of only emergencies. This way the modification in the router is not sent to the syslog server.

Answer: D

Explanation:
The Router Log Level directive is used by the sys log server to specify the level of severity of the log. This directive is used to control the types of errors that are sent to the error log by constraining the severity level.
Eight different levels are present in the Log Level directive, which are shown below in order of their descending significance:
Number Level Description
0emergEmergencies - system is unusable
1alertAction must be taken immediately
2critCritical Conditions
3errorError conditions
4warnWarning conditions
5notice Normal but significant condition
6infoInformational
7debug Debug-level messages
Note: When a certain level is specified, the messages from all other levels of higher significance will also be reported. For example, when Log Level crit is specified, then messages with log levels of alert and emerg will also be reported.


NEW QUESTION # 83
Which of the following IP class addresses are not allotted to hosts? Each correct answer represents a complete solution. Choose all that apply.

  • A. Class C
  • B. Class D
  • C. Class E
  • D. Class A
  • E. Class B

Answer: B,C


NEW QUESTION # 84
Which command list all ports available on a server?

  • A. sudo apt netstate -Is tunIp
  • B. sudo apt nst -tunIp
  • C. sudo netstat -tunIp
  • D. sudo ntstat -Is tunIp

Answer: C


NEW QUESTION # 85
Which of the following IEEE standards defines the token passing ring topology?

  • A. 802.7
  • B. 802.5
  • C. 802.3
  • D. 802.4

Answer: B


NEW QUESTION # 86
An enterprise recently moved to a new office and the new neighborhood is a little risky. The CEO wants to monitor the physical perimeter and the entrance doors 24 hours. What is the best option to do this job?

  • A. Install a CCTV with cameras pointing to the entrance doors and the street
  • B. Use lights in all the entrance doors and along the company's perimeter
  • C. Use an IDS in the entrance doors and install some of them near the corners
  • D. Use fences in the entrance doors

Answer: A


NEW QUESTION # 87
Which of the following is a distributed application architecture that partitions tasks or work loads between service providers and service requesters?Each correct answer represents a complete solution. Choose all that apply.

  • A. Peer-to-peer networking
  • B. Client-server networking
  • C. Client-server computing
  • D. Peer-to-peer (P2P) computing

Answer: B,C


NEW QUESTION # 88
Which of the following attacks comes under the category of an active attack?

  • A. Replay attack
  • B. Wireless footprinting
  • C. Passive Eavesdropping
  • D. Traffic analysis

Answer: A


NEW QUESTION # 89
You are a professional Computer Hacking forensic investigator. You have been called to collect evidences of buffer overflow and cookie snooping attacks. Which of the following logs will you review to accomplish the task? Each correct answer represents a complete solution. Choose all that apply.

  • A. Web server logs
  • B. Event logs
  • C. Program logs
  • D. System logs

Answer: B,C,D

Explanation:
Evidences of buffer overflow and cookie snooping attacks can be traced from system logs, event logs, and program logs, depending on the type of overflow or cookie snooping attack executed and the error recovery method used by the hacker.
Answer option B is incorrect. Web server logs are used to investigate cross-site scripting attacks.


NEW QUESTION # 90
Which of the following procedures is designed to enable security personnel to identify, mitigate, and recover from malicious computer incidents, such as unauthorized access to a system or data, denial-of-service, or unauthorized changes to system hardware, software, or data?

  • A. Disaster Recovery Plan
  • B. Crisis Communication Plan
  • C. Occupant Emergency Plan
  • D. Cyber Incident Response Plan

Answer: D

Explanation:
The Cyber Incident Response Plan is used to address cyber attacks against an organization's IT system through various procedures. These procedures enable security personnel to identify, mitigate, and recover from malicious computer incidents, such as denial-of-service attacks, unauthorized accessing of a system or data, or unauthorized changes to system hardware, software, or data. Answer option C is incorrect. A disaster recovery plan should contain data, hardware, and software that can be critical for a business. It should also include the plan for sudden loss such as hard disc crash. The business should use backup and data recovery utilities to limit the loss of data. Answer option D is incorrect. The Occupant Emergency Plan (OEP) is used to reduce the risk to personnel, property, and other assets while minimizing work disorders in the event of an emergency. It is the response procedure for occupants of a facility on the occurrence of a situation, which is posing a potential threat to the health and safety of personnel, the environment, or property. OEPs are developed at the facility level, speci?c to the geographic site and structural design of the building. Answer option B is incorrect. The crisis communication plan can be broadly defined as the plan for the exchange of information before, during, or after a crisis event. It is considered as a subspecialty of the public relations profession that is designed to protect and defend an individual, company, or organization facing a public challenge to its reputation. The aim of crisis communication plan is to assist organizations to achieve continuity of critical business processes and information flows under crisis, disaster or event driven circumstances.


NEW QUESTION # 91
The security network team is trying to implement a firewall capable of operating only in the session layer, monitoring the TCP inter-packet link protocol to determine when a requested session is legitimate or not. Using this type of firewall, they could be able to intercept the communication, making the external network see that the firewall is the source, and facing the user, who responds from the outside is the firewall itself. They are just limiting a requirements previous listed, because they already have a packet filtering firewall and they must add a cheap solution that meets the objective. What kind of firewall would you recommend?

  • A. Packet Filtering with NAT
  • B. Application Proxies
  • C. Application Level Gateways
  • D. Circuit Level Gateway

Answer: D


NEW QUESTION # 92
......

Updated EC-COUNCIL 312-38 Dumps – Check Free 312-38 Exam Dumps: https://www.actualtestsquiz.com/312-38-test-torrent.html

Valid 312-38 exam with EC-COUNCIL Real Exam Questions: https://drive.google.com/open?id=1yGNv35SuE2l0nYpZDRUKq1xjNKNaGPix

Related Blogs

more
EC-COUNCIL 312-38 Certification Practice Exam

ActualTestsQuiz offers best test Quiz materials to help all candidates pass exams and obtain certification successfully all over the world. If you are eager to obtain a certification, we will be your best select.

Latest Update

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 ACTUALTESTSQUIZ.COM. All rights reserved. All trademarks are the property of their respective owners and we don't provide actual questions from any vendor. Privacy Policy