Eccouncil Network Defense Essentials Exam 112-51 NDE Exam Questions

Answer : D

FTP traffic does not provide encryption in the data transfer process, and the data transfer between the sender and receiver is in plain text. FTP stands for File Transfer Protocol, and it is a standard network protocol for transferring files between a client and a server over a TCP/IP network. FTP uses two separate channels for communication: a control channel for sending commands and receiving responses, and a data channel for transferring files. However, FTP does not encrypt any of the data that is sent or received over these channels, which means that anyone who can intercept the network traffic can read or modify the contents of the files, as well as the usernames and passwords used for authentication. This poses a serious security risk for the confidentiality, integrity, and availability of the data and the systems involved in the file transfer. Therefore, FTP is not a secure way to transfer sensitive or confidential data over the network. Reference:

Network Defense Essentials Courseware, EC-Council, 2020, pp. 3-31 to 3-32

What is FTP, and Why Does It Matter in 2021?, Kinsta, January 4, 2021

FTP Security, Wikipedia, February 9, 2021

Answer : A

Answer : A

Biometric authentication is a type of authentication that uses the physical or behavioral characteristics of a person to verify their identity. Biometric authentication is more secure and convenient than other methods such as passwords or tokens, as biometric traits are unique, hard to forge, and easy to use. Some examples of biometric authentication techniques are retina scanner, DNA, and voice recognition. Retina scanner uses a low-intensity light beam to scan the pattern of blood vessels at the back of the eye, which is unique for each individual. DNA uses the genetic code of a person to match their identity, which is the most accurate and reliable biometric technique. Voice recognition uses the sound and pitch of a person's voice to verify their identity, which is influenced by factors such as anatomy, physiology, and psychology. These techniques fall under biometric authentication, as they use the physical or behavioral traits of a person to authenticate them. Reference:

Biometric Authentication - Week 2: Identification, Authentication, and Authorization

Biometric Authentication: What You Need To Know

Biometric Authentication Techniques

Answer : A

S/MIME (Secure/Multipurpose Internet Mail Extensions) is a protocol that provides security services for email messages, such as encryption, digital signature, authentication, and integrity. S/MIME is based on the MIME standard, which defines the format and structure of email messages. S/MIME uses public-key cryptography to encrypt and decrypt the message content and to sign and verify the message sender. S/MIME supports various algorithms for encryption and digital signature, such as Diffie-Hellman, DSS, RSA, and triple DES. S/MIME is widely used for secure email communication in various applications and platforms, such as Outlook, Gmail, and Thunderbird. S/MIME is the protocol that employs the features mentioned in the question, namely Diffie-Hellman (X9.42) with DSS for digital signature and triple DES for encryption. Reference:

S/MIME - Week 7: Email Security

S/MIME - Wikipedia

S/MIME Version 3.2 Message Specification

Answer : B

WPA3 is the latest standard of Wi-Fi Protected Access, which was released in 2018 by the Wi-Fi Alliance. WPA3 uses a new handshake protocol called Simultaneous Authentication of Equals (SAE), which is based on a zero-knowledge proof known as dragonfly. Dragonfly is a key exchange algorithm that uses discrete logarithm cryptography to derive a shared secret between two parties, without revealing any information about their passwords or keys. Dragonfly is resistant to offline dictionary attacks, where an attacker tries to guess the password by capturing the handshake and testing different combinations. Dragonfly is also resistant to key recovery attacks, where an attacker tries to recover the encryption key by exploiting weaknesses in the algorithm or implementation. Dragonfly provides forward secrecy, which means that even if an attacker manages to compromise the password or key in the future, they cannot decrypt the past communication. WPA3 also supports other features such as increased key sizes, opportunistic wireless encryption, and protected management frames, which enhance the security and privacy of wireless networks. Reference:

WPA3 Dragonfly Handshake

WPA3 Encryption and Configuration Guide

Dragon Fly - Zero Knowledge Proof

What is SAE (Simultaneous Authentication of Equals)?

Dragonfly - people.scs.carleton.ca

Answer : B

The PKI component that verified Ben as being legitimate to receive the certificate is the registration authority (RA). An RA is an entity that is responsible for identifying and authenticating certificate applicants, approving or rejecting certificate applications, and initiating certificate revocations or suspensions under certain circumstances. An RA acts as an intermediary between the certificate authority (CA) and the certificate applicant, and performs the necessary checks and validations before forwarding the request to the CA. The CA is the entity that signs and issues the certificates, and maintains the certificate directory and the certificate revocation list. A certificate directory is a repository of issued certificates that can be accessed by users or applications to verify the validity and status of a certificate. A validation authority (VA) is an entity that provides online certificate validation services, such as OCSP or SCVP, to verify the revocation status of a certificate in real time123. Reference:

Public key infrastructure - Wikipedia, Wikipedia, March 16, 2021

Components of a PKI - The National Cyber Security Centre, NCSC, 2020

Network Defense Essentials Courseware, EC-Council, 2020, pp. 3-26 to 3-27

Answer : B

ISO/IEC 27018 is the ISO standard that provides guidance to ensure that cloud service providers offer appropriate information security controls to protect the privacy of their customer's clients by securing personally identifiable information entrusted to them. ISO/IEC 27018 is a code of practice for protecting personal information in cloud storage. The term for the personal data it covers is Personally Identifiable Information or PII. ISO/IEC 27018 is an addendum to ISO/IEC 27001, the first international code of practice for cloud privacy. It helps cloud service providers who process PII to assess risk and implement controls for protecting PII. ISO/IEC 27018 was created in 2014 and updated in 2019. It has the following objectives:

Help the public cloud service provider to comply with applicable obligations when acting as a PII processor, whether such obligations fall on the PII processor directly or through contract.

Enable the public cloud PII processor to be transparent in relevant matters so that cloud service customers can select well-governed cloud-based PII processing services.

Assist the cloud service customer and the public cloud PII processor in entering into a contractual agreement.

Provide cloud service customers with a mechanism for exercising audit and compliance rights and responsibilities in cases where individual cloud service customer audits of data hosted in a multiparty, virtualized server (cloud) environment can be impractical technically and can increase risks to those physical and logical network security controls in place123.

ISO/IEC 27018: Protecting PII in Public Clouds - ISMS.online, ISMS.online, 2019

ISO/IEC 27018 - Wikipedia, Wikipedia, 2021

ISO/IEC 27018:2019 - Information technology --- Security techniques --- Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors, ISO, 2019