Eccouncil Certified Network Defender 312-38 CND Exam Practice Test

Page: 1 / 14
Total 363 questions
Question 1

Larry is responsible for the company's network consisting of 300 workstations and 25 servers. After using a hosted email service for a year, the company wants to control the email internally. Larry likes this idea because

it will give him more control over the email. Larry wants to purchase a server for email but does not want the server to be on the internal network due to the potential to cause security risks. He decides to place the server

outside of the company's internal firewall. There is another firewall connected directly to the Internet that will protect traffic from accessing the email server. The server will be placed between the two firewalls. What

logical area is Larry putting the new email server into?



Answer : A

Larry is placing the new email server in a Demilitarized Zone (DMZ). A DMZ is a physical or logical subnetwork that contains and exposes an organization's external-facing services to an untrusted network, usually the internet. The purpose of a DMZ is to add an additional layer of security to an organization's local area network (LAN); an external attacker only has access to equipment in the DMZ, rather than any other part of the network. The email server placed in the DMZ can be accessed from the internet, but it does not have direct access to the internal network, which reduces the risk of an internal security breach if the email server is compromised.


Question 2

The mechanism works on the basis of a client-server model.



Answer : B

In a pull-based mechanism, the client initiates the request to the server to fetch data or services. This model contrasts with the push-based mechanism, where the server initiates the data transfer to the client without a specific request.

In the context of network security and data transfer:

Pull-based mechanisms allow clients to request updates or data as needed, giving them control over the timing and frequency of the requests.

This model is commonly used in content delivery networks (CDNs), software updates, and various client-server applications where clients need to periodically check for new information or updates.


EC-Council Certified Network Defender (CND) Study Guide

Question 3

USB ports enabled on a laptop is an example of____



Answer : C

The term ''attack surface'' refers to the sum of all possible points where an unauthorized user can try to enter data to or extract data from an environment. The enabled USB ports on a laptop are considered a part of the physical attack surface because they allow for physical interaction with the device. This includes the potential for unauthorized devices to be connected, which could be used to compromise security, such as through the introduction of malware or the unauthorized copying of sensitive data.


Question 4

Which BC/DR activity includes action taken toward resuming all services that are dependent on business-critical applications?



Answer : C

In the context of Business Continuity/Disaster Recovery (BC/DR), the activity that includes actions taken toward resuming all services that are dependent on business-critical applications is referred to asResumption. This phase focuses on the steps necessary to bring critical functions back into operation after a disruption. Recovery, on the other hand, is more about the actions taken to return the business to normal operating conditions post-disaster, which may include repairs, restorations, and return to normalcy. Response is the immediate reaction to an incident, and Restoration is the process of rebuilding or restoring IT systems and operations.Reference: The information aligns with the objectives and documents of the EC-Council's Certified Network Defender (CND) program, which emphasizes understanding and implementing proper BC/DR activities.


Question 5

Which of the following provides a set of voluntary recommended cyber security features to include in network-capable loT devices?



Answer : C

The National Institute of Standards and Technology (NIST) has released a guide that identifies a set of voluntary recommended cybersecurity features to include in network-capable IoT devices. This guide, known as the ''Core Baseline,'' is intended to assist manufacturers and users by providing practical advice for securing IoT devices that connect to computer networks. The recommendations are designed to mitigate risks to IoT security and are not mandatory rules but rather best practices to follow.


Question 6

How can organizations obtain information about threats through human intelligence?



Answer : A

Human intelligence (HUMINT) in the context of network defense involves the collection of information from human sources. This can include extracting insights from security blogs, forums, and other platforms where cybersecurity professionals and enthusiasts discuss vulnerabilities, threats, and incidents. By monitoring these discussions, organizations can gain valuable information about emerging threats, techniques used by attackers, and potential security weaknesses that need to be addressed.


Question 7

Which of the following RAID storage techniques divides the data into multiple blocks, which are further written across the RAID system?



Answer : B

In RAID storage, striping is the technique that divides data into blocks and spreads them across multiple drives in the RAID array. This method enhances performance by allowing the drives to read and write data simultaneously, effectively increasing throughput and speed. Unlike mirroring, which duplicates data across drives, or parity, which provides redundancy, striping solely focuses on performance by distributing data across the RAID system without redundancy.


Page:    1 / 14   
Total 363 questions