Month End Special 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sale65best

Effective Study Techniques for the ECCouncil 312-38 Exam

Questions 11

How can one identify the baseline for normal traffic?

Options:
A.

When the ACK flag appears at the beginning and the RST flag appears at the end of the connection

B.

When the SYN flag appears at the beginning and the FIN flag appears at the end of the connection

C.

When the RST flag appears at the beginning and the ACK flag appears at the end of the connection

D.

When the FIN flag appears at the beginning and the SYN flag appears at the end of the connection

ECCouncil 312-38 Premium Access
Questions 12

Simran is a network administrator at a start-up called Revolution. To ensure that neither party in the company can deny getting email notifications or any other communication, she mandates authentication

before a connection establishment or message transfer occurs. What fundamental attribute of network defense is she enforcing?

Options:
A.

Integrity

B.

Non-repudiation

C.

Confidentiality

D.

Authentication

Questions 13

Geon Solutions INC., had only 10 employees when it started. But as business grew, the organization had to increase the amount of staff. The network administrator is finding it difficult to accommodate an increasing

number of employees in the existing network topology. So the organization is planning to implement a new topology where it will be easy to accommodate an increasing number of employees. Which network topology

will help the administrator solve the problem of needing to add new employees and expand?

Options:
A.

Bus

B.

Star

C.

Ring

D.

Mesh

Questions 14

Which of the following is true regarding any attack surface?

Options:
A.

Decrease in vulnerabilities decreases the attack surface

B.

Increase in vulnerabilities decreases the attack surface

C.

Decrease in risk exposures increases the attack surface

D.

Decrease in vulnerabilities increases the attack surface

Questions 15

Implementing access control mechanisms, such as a firewall, to protect the network is an example of which of the following network defense approach?

Options:
A.

Proactive approach

B.

Retrospective approach

C.

Preventive approach

D.

Reactive approach

Questions 16

Which of the following is an example of Indicators of Attack?

Options:
A.

Malware

B.

Signatures

C.

Exploits

D.

Remote code execution

Questions 17

Which of the following manages the Docker images, containers, networks, and storage volume and processes the request of Docker API?

Options:
A.

Docker CLI

B.

Docker Engine REST API

C.

Docker Daemon

D.

Docker Registries

Questions 18

To secure his company’s network, Tim the network admin, installed a security device that inspected

all inbound and outbound network traffic for suspicious patterns. The device was configured to alert him

if it found any such suspicious activity. Identify the type of network security device installed by Tim?

Options:
A.

Firewall

B.

Honeypot

C.

Proxy server

D.

Intrusion Detection System (IDS)

Questions 19

Cindy is the network security administrator for her company. She just got back from a security conference in Las Vegas where they talked about all kinds of old and new security threats; many of which she did not know

of. She is worried about the current security state of her company's network so she decides to start scanning the network from an external IP address. To see how some of the hosts on her network react, she sends out

SYN packets to an IP range. A number of IPs responds with a SYN/ACK response. Before the connection is established, she sends RST packets to those hosts to stop the session. She has done this to see how her

intrusion detection system will log the traffic. What type of scan is Cindy attempting here?

Options:
A.

The type of scan she is usinq is called a NULL scan.

B.

Cindy is using a half-open scan to find live hosts on her network.

C.

Cindy is attempting to find live hosts on her company's network by using a XMAS scan.

D.

She is utilizing a RST scan to find live hosts that are listening on her network.

Questions 20

Martin is a professional hacker. He is performing reconnaissance on an organization to hack a few

target systems. As a part of this method, he needs to determine what hosts are available on the

network, what services those hosts are offering, what operating systems they are running, what type of

packet filters/firewalls, etc. To obtain such information, Martin decided to use automated tools.

Which of the following tool must be employed by Martin?

Options:
A.

Burp Suite

B.

FOCA

C.

Nmap

D.

Zendio