Eccouncil 312-38 Certified Network Defender CND Exam Practice Test

Page: 1 / 14
Total 363 questions
Question 1

Which encryption algorithm is used by WPA3 encryption?



Answer : D

WPA3 encryption utilizes the AES-GCMP 256 algorithm. This is an advanced encryption standard that uses Galois/Counter Mode Protocol (GCMP) with a 256-bit key length. It provides a higher level of security than the previous encryption methods used in WPA2, which included AES-CCMP with a 128-bit key. The use of a 256-bit key in AES-GCMP makes it more resistant to brute-force attacks and provides better data protection.


Question 2

Identify the attack where an attacker manipulates or tricks people into revealing their confidential details like bank account information, credit card details, etc.?



Answer : A

The attack described in the question is aSocial Engineering Attack. This type of attack involves manipulating or deceiving people into divulging confidential information such as bank account details, credit card numbers, and other sensitive data. Social engineering attacks exploit human psychology rather than technical hacking techniques to gain access to systems, networks, or physical locations, or for financial gain.Attackers may use various tactics such as phishing, pretexting, baiting, or tailgating to trick individuals into providing the information they seek1.


Understanding and Preventing Social Engineering Attacks - EC-Council1.

Certified Network Defender (CND) Course Outline - EC-Council2.

Certified Network Defender - EC-Council3.

Question 3

The SNMP contains various commands that reduce the burden on the network administrators.

Which of the following commands is used by SNMP agents to notify SNMP managers about an event occurring in the network?



Answer : B

In SNMP (Simple Network Management Protocol), theTRAPScommand is used by SNMP agents to notify SNMP managers about certain events occurring within the network.TRAPS are unsolicited messages sent from an SNMP agent to the SNMP manager, alerting it of a significant event, such as a system reboot, link failure, or high CPU usage1.Unlike INFORM requests, which are acknowledged messages ensuring that the notification was received, TRAPS do not require an acknowledgment from the SNMP manager, making them less reliable but faster and more suitable for alerting in real-time scenarios2.


Cisco IOS SNMP Support Command Reference1.

Sending an SNMP Trap From the Command Line in Linux - Baeldung on Linux2.

Question 4

Henry needs to design a backup strategy for the organization with no service level downtime. Which backup method will he select?



Answer : C

A hot backup, also known as an online backup or dynamic backup, is the process of backing up data while the system continues to be in operation. This means that there is no need for system downtime or interruption in services while the backup is taking place. It is mostly used in systems where operations are critical and cannot afford any downtime, such as databases and servers that must be available 24/7. The hot backup method allows for data to be backed up at regular intervals with minimal impact on the system's performance, ensuring that the organization can maintain continuous service levels.


Question 5

Which component of the data packets is encrypted in Transport mode encryption of an IPsec server?



Answer : A

In Transport mode encryption of an IPsec server, only the payload of the data packet is encrypted. This mode is designed to encrypt the message within an IP packet, while the header remains unencrypted. Transport mode is used for end-to-end communication between a client and a server, where the server can interpret the headers to route the packet to the correct application or process.


Question 6

To provide optimum security while enabling safe/necessary services, blocking known dangerous services, and making employees accountable for their online activity, what Internet Access policy would

Brian, the network administrator, have to choose?



Answer : A

ThePrudent policyis the most appropriate choice for Brian, the network administrator, to provide optimum security while enabling necessary services and blocking known dangerous ones. This policy strikes a balance between security and usability, allowing safe and necessary services to operate while preventing potentially harmful activities. It also includes measures to make employees accountable for their online activity, which is essential for maintaining a secure network environment.


Question 7

You are responsible for network functions and logical security throughout the corporation. Your company has over 250 servers running Windows Server 2012, 5000 workstations running Windows 10, and 200 mobile

users working from laptops on Windows 8. Last week 10 of your company's laptops were stolen from a salesman, while at a conference in Barcelon

a. These laptops contained proprietary company information. While

doing a damage assessment, a news story leaks about a blog post containing information about the stolen laptops and the sensitive information. What built-in Windows feature could you have implemented to protect the

sensitive information on these laptops?



Answer : D

The Encrypted File System (EFS) is a feature of the NTFS file system available in Windows that provides filesystem-level encryption. It allows for the transparent encryption of files, protecting confidential data from attackers who might gain physical access to the computers. EFS uses a combination of symmetric key encryption and public key technology to protect files. The symmetric key, known as the File Encryption Key (FEK), is used to encrypt the file data, and then the FEK itself is encrypted with a public key associated with the user's identity and stored with the file. This ensures that only authorized users can decrypt the encrypted files. EFS is particularly suitable for protecting sensitive data on laptops that might be lost or stolen, as it ensures that the data remains inaccessible without the appropriate encryption key.


Page:    1 / 14   
Total 363 questions