Eccouncil Certified Network Defender 312-38 CND Exam Practice Test

Page: 1 / 14
Total 363 questions
Question 1

Which of the following is an example of MAC model?



Answer : D

The Bell-LaPadula model is an example of a Mandatory Access Control (MAC) model. It is designed to maintain the confidentiality of information by enforcing access controls based on security classification levels. This model ensures that subjects (users) with a certain clearance level cannot read data at a higher classification level (no read-up) and cannot write data to a lower classification level (no write-down), thus preventing unauthorized access and information flow not permitted by the policy.


Question 2

Identity the method involved in purging technique of data destruction.



Answer : B

The purging technique of data destruction is aimed at making data recovery infeasible using logical methods, which directly target the data at the memory level. Overwriting is a prevalent technique for purging, where data is destroyed by being overwritten with unintelligible characters like 0s and 1s. This method ensures that the original data cannot be recovered.


12.

Question 3

Which type of wireless network attack is characterized by an attacker using a high gain amplifier from a nearby location to drown out the legitimate access point signal?



Answer : A

The type of wireless network attack characterized by an attacker using a high gain amplifier to drown out the legitimate access point signal is known as a jamming signal attack. This attack involves the deliberate transmission of radio signals at the same frequency as the access point, thereby overwhelming and interfering with the legitimate signal. High gain amplifiers can be used to increase the strength of the jamming signal, making it more effective at disrupting the wireless communication.


Question 4

Which of the following entities is responsible for cloud security?



Answer : D

In the context of cloud security, the responsibility is shared between the cloud provider and the cloud consumer. This is known as the shared responsibility model. The cloud provider is responsible for securing the infrastructure that runs all of the services offered in the cloud. On the other hand, the cloud consumer is responsible for managing the security of their data, applications, and operating systems that they run on the cloud infrastructure. The specific responsibilities can vary depending on the service model being used (IaaS, PaaS, SaaS), but the underlying principle is that both parties have a role to play in ensuring the security of cloud services.


Question 5

Assume that you are working as a network administrator in the head office of a bank. One day a bank employee informed you that she is unable to log in to her system. At the same time, you get a call from another

network administrator informing you that there is a problem connecting to the main server. How will you prioritize these two incidents?



Answer : C

Prioritizing incidents in a network environment, especially within a critical infrastructure like a bank, should be based on the potential technical effect of the incident. This approach ensures that the most severe and impactful issues are addressed first to maintain business continuity and minimize potential damage. The incident involving the main server would likely take precedence because it could affect a larger number of systems and operations within the bank, compared to an individual's login issue.The ITIL framework supports this prioritization method by emphasizing the importance of impact and urgency when managing network incidents12.Reference: The prioritization strategy aligns with best practices outlined in the ITIL framework for IT service management, which suggests managing incidents based on their severity, urgency, and impact on business operations12.


Question 6

Which of the following network monitoring techniques requires extra monitoring software or hardware?



Answer : B

Switch-based network monitoring requires additional monitoring software or hardware because switches operate at the data link layer of the OSI model and do not inherently provide monitoring capabilities. To monitor traffic through a switch, network administrators must use port mirroring or a network tap, which involves configuring the switch to send a copy of the network packets to a monitoring device. This allows the monitoring device to analyze the traffic passing through the switch without interfering with the network's normal operation. This technique is essential for deep packet inspection, intrusion detection systems, and for gaining visibility into the traffic between devices in a switched network.


Question 7

Which of the following refers to a potential occurrence of an undesired event that can eventually damage and interrupt the operational and functional activities of an organization?



Answer : C

A threat refers to a potential occurrence of an undesired event that can damage and interrupt the operational and functional activities of an organization. It represents a possible danger that could exploit vulnerabilities to harm the organization's assets.

Attack: An attempt to exploit a vulnerability to cause harm.

Risk: The potential for loss or damage when a threat exploits a vulnerability.

Vulnerability: A weakness that can be exploited by a threat to cause harm.

In this context, a threat is the potential occurrence of an event that can cause damage, whereas an attack is the actual occurrence, risk is the measure of the likelihood and impact of the threat, and a vulnerability is the weakness that the threat could exploit.


EC-Council Certified Network Defender (CND) Study Guide

Page:    1 / 14   
Total 363 questions