Eccouncil 312-38 Exam Actual Questions

Name: Certified Network Defender
Brand: QA4Exam
SKU: 312-38
Price: 30 USD
Availability: InStock
Rating: 4.9 (370 reviews)

The questions for 312-38 were last updated on Sep 30, 2024.

Viewing page 1 out of 69 pages.
Viewing questions 1-5 out of 346 questions

Unlock Access to All 346 Questions & Answers

Question No. 1

An attacker has access to password hashes of a Windows 7 computer. Which of the following attacks can the attacker use to reveal the passwords?

ABrute force

BXSS

CDictionary attacks

DRainbow table

Show Answer

Correct Answer: D

In the context of password hashes on a Windows 7 computer, a Rainbow Table attack is a feasible method an attacker might use to reveal passwords. This type of attack utilizes precomputed tables known as rainbow tables that contain hash values for every possible combination of characters. An attacker with access to password hashes can use these tables to look up the corresponding plaintext passwords. The effectiveness of rainbow tables stems from their ability to reverse cryptographic hash functions, which are used to store passwords securely.Since Windows 7 uses NTLM hashes, which are known to be vulnerable to rainbow table attacks, this method is particularly relevant12.

Question No. 2

Cindy is the network security administrator for her company. She just got back from a security

conference in Las Vegas where they talked about all kinds of old and new security threats; many of

which she did not know of. She is worried about the current security state of her company's network so

she decides to start scanning the network from an external IP address. To see how some of the hosts on

her network react, she sends out SYN packets to an IP range. A number of IPs responds with a SYN/ACK

response. Before the connection is established, she sends RST packets to those hosts to stop the session.

She has done this to see how her intrusion detection system will log the traffic. What type of scan is

Cindy attempting here?

ACindy is using a half-open scan to find live hosts on her network.

BThe type of scan she is using is called a NULL scan

CShe is utilizing a RST scan to find live hosts that are listening on her network

DCindy is attempting to find live hosts on her company's network by using a XMAS scan

Show Answer

Correct Answer: A

The technique Cindy is using is known as a SYN scan, also referred to as a half-open scan. This method involves sending SYN packets to initiate a TCP connection. If a SYN/ACK response is received, it indicates that the port is listening (open). Cindy then sends an RST packet to close the session before the handshake is completed. This type of scan is useful for mapping out live hosts on a network without establishing a full TCP connection, which can be logged by intrusion detection systems and is less likely to be logged by the host system.

Question No. 3

Jason works as a System Administrator for www.company.com Inc. The company has a Windows

based network. Sam, an employee of the company, accidentally changes some of the applications and

system settings. He complains to Jason that his system is not working properly. To troubleshoot the

problem, Jason diagnoses the internals of his computer and observes that some changes have been

made in Sam's computer registry. To rectify the issue, Jason has to restore the registry. Which of the

following utilities can Jason use to accomplish the task? Each correct answer represents a complete

solution. Choose all that apply.

AResplendent registrar

BReg.exe

CRegedit.exe

DEventCombMT
To restore the registry on a Windows-based network, a system administrator can utilize several utilities.TheReg.exeutility is a command-line tool that allows for manipulation of the Windows registry from the command prompt, including the ability to restore it1Regedit.exeis another utility that provides a graphical interface for users to view and modify the registry2. Both these tools are capable of restoring the registry to a previous state if changes have been made that affect system performance or stability.

Show Answer

Correct Answer: B, C

Question No. 4

Bankofamerica Enterprise is working on an internet and usage policy in a way to control the

internet demand. What group of policy does this belong to?

AEnterprise Information Security Policy

BIssue Specific Security Policy

CNetwork Services Specific Security Policy

DSystem Specific Security Policy

Show Answer

Correct Answer: B

The development of an internet and usage policy by Bankofamerica Enterprise to control internet demand falls under the category of Issue Specific Security Policy (ISSP). ISSPs are tailored to address specific areas of technology, requiring frequent updates due to changes in the technology or the environment. They provide guidelines on the acceptable use of the company's internet services, outline the consequences of policy violations, and ensure that the internet resources are not misused.

Question No. 5

A network designer needs to submit a proposal for a company, which has just published a web

portal for its clients on the internet. Such a server needs to be isolated from the internal network,

placing itself in a DMZ. Faced with this need, the designer will present a proposal for a firewall with

three interfaces, one for the internet network, another for the DMZ server farm and another for the

internal network. What kind of topology will the designer propose?

AScreened subnet

BDMZ, External-Internal firewall

CMulti-homed firewall

DBastion host

Show Answer

Correct Answer: A

The topology that the network designer will propose is known as a screened subnet. This topology involves the use of two or more firewalls to create a network segment referred to as a demilitarized zone (DMZ). The DMZ acts as a buffer zone between the public internet and the internal network. It contains the public-facing servers, such as the web portal mentioned, which is isolated from the internal network for added security. The screened subnet topology typically includes a firewall at the network's edge connected to the internet, another firewall separating the DMZ from the internal network, and the DMZ itself. This setup allows for strict control of traffic between the internet, the DMZ, and the internal network, providing an additional layer of security.

Unlock All Questions for Eccouncil 312-38 Exam

Full Exam Access, Actual Exam Questions, Validated Answers, Anytime Anywhere, No Download Limits, No Practice Limits

Get All 346 Questions & Answers