Eccouncil 112-51 NDE Exam Practice Test Instant Access

Question 1

John is working as a security professional in FinCorp Ltd. He was instructed to deploy a security solution on their corporate network that provides real-time monitoring, correlation of events, threat detection, and security incident response activities.

Which of the following security solutions helps John in the above scenario?

ASIEM

BVPN

CSOCKS

DMDM

Answer : A

SIEM stands for Security Information and Event Management. It is a security solution that collects, analyzes, and correlates data from various sources, such as logs, network devices, applications, and security tools. SIEM provides real-time monitoring, threat detection, and security incident response activities. SIEM can help security professionals identify and mitigate security risks, comply with regulations, and improve the overall security posture of the organization12. Reference: Network Defense Essentials - EC-Council Learning, What is SIEM? Security Information and Event Management Explained

Question 2

Peter, a network defender, was instructed to protect the corporate network from unauthorized access. To achieve this, he employed a security solution for wireless communication that uses dragonfly key exchange for authentication, which is the strongest encryption algorithm that protects the network from dictionary and key recovery attacks.

Identify the wireless encryption technology implemented in the security solution selected by Peter in the above scenario.

AWPA

BWPA3

CEAP

DWEP

Answer : B

WPA3 is the latest standard of Wi-Fi Protected Access, which was released in 2018 by the Wi-Fi Alliance. WPA3 uses a new handshake protocol called Simultaneous Authentication of Equals (SAE), which is based on a zero-knowledge proof known as dragonfly. Dragonfly is a key exchange algorithm that uses discrete logarithm cryptography to derive a shared secret between two parties, without revealing any information about their passwords or keys. Dragonfly is resistant to offline dictionary attacks, where an attacker tries to guess the password by capturing the handshake and testing different combinations. Dragonfly is also resistant to key recovery attacks, where an attacker tries to recover the encryption key by exploiting weaknesses in the algorithm or implementation. Dragonfly provides forward secrecy, which means that even if an attacker manages to compromise the password or key in the future, they cannot decrypt the past communication. WPA3 also supports other features such as increased key sizes, opportunistic wireless encryption, and protected management frames, which enhance the security and privacy of wireless networks. Reference:

WPA3 Dragonfly Handshake

WPA3 Encryption and Configuration Guide

Dragon Fly - Zero Knowledge Proof

What is SAE (Simultaneous Authentication of Equals)?

Dragonfly - people.scs.carleton.ca

Question 3

Amber is working as a team lead in an organization. She was instructed to share a policy document with all the employees working from remote locations and collect them after filling. She shared the files from her mobile device to the concerned employees through the public Internet. An unauthorized user accessed the file in transit, modified the file, and forwarded it to the remote employees.

Based on the above scenario, identify the security risk associated with mobile usage policies.

ALost or stolen devices

BInfrastructure issues

CImproperly disposing of devices

DSharing confidential data on an unsecured network

Answer : D

Sharing confidential data on an unsecured network is a security risk associated with mobile usage policies. Mobile devices are often used to access and transmit sensitive information over public or untrusted networks, such as WiFi hotspots, cellular networks, or Bluetooth connections. This exposes the data to interception, modification, or redirection by malicious actors who may exploit mobile security vulnerabilities or use network-based attacks, such as man-in-the-middle, spoofing, or sniffing. To prevent this risk, mobile users should follow best practices such as using encryption, VPN, certificate pinning, and secure protocols to protect the data in transit. They should also avoid sending or receiving sensitive data over unsecured networks or applications, and verify the identity and integrity of the endpoint servers before establishing a connection. Reference:

The 9 Most Common Security Threats to Mobile Devices in 2021, Auth0, June 25, 2021

7 Mobile App Security Risks and How to Mitigate Them, Cypress Data Defense, July 10, 2020

The Latest Mobile Security Threats and How to Prevent Them, Security Intelligence, February 19, 2019

Question 4

Which of the following access control models refers to assigning permissions to a user role based on the rules defined for each user role by the administrator?

ADiscretionary rule access control

BMandatory rule access control

CRule-based access control

DRole-based access control

Answer : D

Role-based access control (RBAC) is a type of access control model that refers to assigning permissions to a user role based on the rules defined for each user role by the administrator. In RBAC, the administrator creates different roles and assigns them the appropriate access rights to the resources. The administrator then assigns users to those roles based on their job functions. This way, the administrator can manage the access of users to the resources without having to deal with each user individually. RBAC can simplify the administration, enhance the security, and improve the scalability of the access control system12. Reference: Network Defense Essentials - EC-Council Learning, Role-Based Access Control (RBAC) and Role-Based Security

Question 5

Which of the following environmental controls options saves the hardware from humidity and heat,

increases hardware performance, and maintains consistent room temperature?

AHot and cold aisles

BLighting systern

CTemperature indicator

DEMI shielding

Answer : A

Hot and cold aisles are a type of environmental control that saves the hardware from humidity and heat, increases hardware performance, and maintains consistent room temperature. Hot and cold aisles are a layout design for data centers, where the server racks are arranged in alternating rows of cold air intake and hot air exhaust. The cold aisle faces the air conditioner output ducts and provides cool air to the front of the servers. The hot aisle faces the air conditioner return ducts and collects the hot air from the back of the servers. This way, the hot and cold air streams are separated and do not mix, resulting in better cooling efficiency, lower energy consumption, and longer hardware lifespan. Reference:

Hot and cold aisles - Week 4: Network Security Controls: Physical Controls

Hot and Cold Aisles: The Basics of Data Center Cooling

Hot Aisle vs. Cold Aisle Containment: Which One is Best for Your Data Center?

Question 6

Mark, a network administrator in an organization, was assigned the task of preventing data from falling into the wrong hands. In this process, Mark implemented authentication techniques and performed full memory encryption for the data stored on RAM.

In which of the following states has Steve encrypted the data in the above scenario?

AData in use

BData in transit

CData inactive

DData in rest

Answer : A

The state in which Mark encrypted the data in the above scenario is data in use. Data in use refers to data that is being processed or manipulated by an application or a system, such as data stored on RAM or CPU registers. Data in use is the most vulnerable state of data, as it is exposed to various threats, such as memory scraping, buffer overflow, or side-channel attacks, that can compromise the confidentiality, integrity, or availability of the data. Data in use encryption is a technique that protects the data while it is being processed by encrypting it in memory using hardware or software solutions. Data in use encryption prevents unauthorized access or modification of the data, even if the system is compromised or the memory is dumped. Data in use encryption is one of the three types of data encryption, along with data at rest encryption and data in transit encryption123. Reference:

Network Defense Essentials Courseware, EC-Council, 2020, pp. 3-23 to 3-24

Encryption: Data at Rest, Data in Motion and Data in Use, Jatheon, 2020

Data in Use Encryption: What It Is and Why You Need It, Fortanix, 2020

Question 7

Below are various authentication techniques.

1.Retina scanner

2.One-time password

3.DNA

4.Voice recognition

Identify the techniques that fall under biometric authentication.

A1, 3, and 4

B1, 2, and 3

C2, 3, and 4

D1, 2, and 4

Answer : A

Biometric authentication is a type of authentication that uses the physical or behavioral characteristics of a person to verify their identity. Biometric authentication is more secure and convenient than other methods such as passwords or tokens, as biometric traits are unique, hard to forge, and easy to use. Some examples of biometric authentication techniques are retina scanner, DNA, and voice recognition. Retina scanner uses a low-intensity light beam to scan the pattern of blood vessels at the back of the eye, which is unique for each individual. DNA uses the genetic code of a person to match their identity, which is the most accurate and reliable biometric technique. Voice recognition uses the sound and pitch of a person's voice to verify their identity, which is influenced by factors such as anatomy, physiology, and psychology. These techniques fall under biometric authentication, as they use the physical or behavioral traits of a person to authenticate them. Reference:

Biometric Authentication - Week 2: Identification, Authentication, and Authorization

Biometric Authentication: What You Need To Know

Biometric Authentication Techniques

Eccouncil 112-51 Network Defense Essentials Exam NDE Exam Practice Test