Sep-2021 Latest ValidBraindumps 312-38 Exam Dumps with PDF and Exam Engine Free Updated Today!
Following are some new 312-38 Real Exam Questions!
NEW QUESTION 39
Which OSI layer does a Network Interface Card (NIC) work on?
- A. Network layer
- B. Presentation layer
- C. Session layer
- D. Physical layer
Answer: D
NEW QUESTION 40
Which of the following is also known as stateful firewall?
- A. Stateless firewall
- B. PIX firewall
- C. Dynamic packet-filtering firewall
- D. DMZ
Answer: C
NEW QUESTION 41
You have just set up a wireless network for customers at a coffee shop. Which of the following are good security measures to implement? Each correct answer represents a complete solution. Choose two.
- A. MAC filtering the router
- B. Using WPA encryption
- C. Not broadcasting SSID
- D. Using WEP encryption
Answer: B,D
Explanation:
With either encryption method (WEP or WPA), you can give the password to the customers who need it, and even change it frequently (daily if you like). So this won't be an inconvenience for the customers.
NEW QUESTION 42
Which of the following procedures is intended to provide security personnel to identify, mitigate, and recover from malware events, such as unauthorized access to systems or data, denial-of-service or unauthorized changes to the system hardware, software, or information?
- A. disaster survival plan
- B. None
- C. Cyber Incident Response Plan
- D. A resident of the emergency plan
- E. Crisis communications guidelines
Answer: C
NEW QUESTION 43
CORRECT TEXT
Fill in the blank with the appropriate term.
The______________ model is a description framework for computer network protocols and is sometimes called the Internet Model or the DoD Model.
Answer:
Explanation:
TCP
/IP
Explanation:
The TCP/IP model is a description framework for computer network protocols. It describes a set of general design guidelines and implementations of specific networking protocols to enable computers to communicate over a network. TCP/IP provides end-to-end connectivity specifying how data should be formatted, addressed, transmitted, routed and received at the destination. Protocols exist for a variety of different types of communication services between computers. The TCP/IP Model is sometimes called the Internet Model or the DoD Model. The TCP/IP model has four unique layers as shown in the image. This layer architecture is often compared with the seven-layer OSI Reference Model. The TCP/IP model and related protocols are maintained by the Internet Engineering Task Force (IETF).
NEW QUESTION 44
Which of the following techniques is used for drawing symbols in public places for advertising an open Wi-Fi
wireless network?
- A. Warchalking
- B. War dialing
- C. War driving
- D. Spamming
Answer: A
Explanation:
Warchalking is the drawing of symbols in public places to advertise an open Wi-Fi wireless network. Having
found a Wi-Fi node, the warchalker draws a special symbol on a nearby object, such as a wall, the pavement,
or a lamp post. The name warchalking is derived from the cracker terms war dialing and war driving.
Answer option B is incorrect. War driving, also called access point mapping, is the act of locating and possibly
exploiting connections to wireless local area networks while driving around a city or elsewhere. To do war
driving, one needs a vehicle, a computer (which can be a laptop), a wireless Ethernet card set to work in
promiscuous mode, and some kind of an antenna which can be mounted on top of or positioned inside the car.
Because a wireless LAN may have a range that extends beyond an office building, an outside user may be
able to intrude into the network, obtain a free Internet connection, and possibly gain access to company
records and other resources.
Answer option C is incorrect. War dialing is a technique of using a modem to automatically scan a list of
telephone numbers, usually dialing every number in a local area code to search for computers, BBS systems,
and fax machines. Hackers use the resulting lists for various purposes, hobbyists for exploration, and crackers
(hackers that specialize in computer security) for password guessing.
Answer option A is incorrect. Spamming is the technique of flooding the Internet with a number of copies of the
same message. The most widely recognized form of spams are e-mail spam, instant messaging spam, Usenet
newsgroup spam, Web search engine spam, spam in blogs, online classified ads spam, mobile phone
messaging spam, Internet forum spam, junk fax transmissions, social networking spam, television advertising
and file sharing network spam.
NEW QUESTION 45
Which of the following is a network layer protocol used to obtain an IP address for a given hardware (MAC) address?
- A. IP
- B. ARP
- C. PIM
- D. RARP
Answer: D
Explanation:
Reverse Address Resolution Protocol (RARP) is a Network layer protocol used to obtain an IP address for a given hardware (MAC) address. RARP is sort of the reverse of an ARP. Common protocols that use RARP are BOOTP and DHCP. Answer option D is incorrect. Address Resolution Protocol (ARP) is a network maintenance protocol of the TCP/IP protocol suite. It is responsible for the resolution of IP addresses to media access control (MAC) addresses of a network interface card (NIC). The ARP cache is used to maintain a correlation between a MAC address and its corresponding IP address. ARP provides the protocol rules for making this correlation and providing address conversion in both directions. ARP is limited to physical network systems that support broadcast packets. Answer option B is incorrect. Protocol-Independent Multicast (PIM) is a family of multicast routing protocols for Internet Protocol (IP) networks that provide one-to-many and many-to-many distribution of data over a LAN, WAN, or the Internet. It is termed protocol-independent because PIM does not include its own topology discovery mechanism, but instead uses routing information supplied by other traditional routing protocols, such as Border Gateway Protocol (BGP). Answer option A is incorrect. The Internet Protocol (IP) is a protocol used for communicating data across a packet-switched inter-network using the Internet Protocol Suite, also referred to as TCP/IP. IP is the primary protocol in the Internet Layer of the Internet Protocol Suite and has the task of delivering distinguished protocol datagrams (packets) from the source host to the destination host solely based on their addresses. For this purpose, the Internet Protocol defines addressing methods and structures for datagram encapsulation. The first major version of addressing structure, now referred to as Internet Protocol Version 4 (IPv4), is still the dominant protocol of the Internet, although the successor, Internet Protocol Version 6 (IPv6), is being deployed actively worldwide.
NEW QUESTION 46
CORRECT TEXT
Fill in the blank with the appropriate term. ______________is a free open-source utility for network exploration and security auditing that is used to discover computers and services on a computer network, thus creating a "map" of the network.
Answer:
Explanation:
Nmap
Explanation:
Nmap is a free open-source utility for network exploration and security auditing. It is used to discover computers and services on a computer network, thus creating a "map" of the network. Just like many simple port scanners, Nmap is capable of discovering passive services. In addition, Nmap may be able to determine various details about the remote computers. These include operating system, device type, uptime, software product used to run a service, exact version number of that product, presence of some firewall techniques and, on a local area network, even vendor of the remote network card. Nmap runs on Linux, Microsoft Windows, etc.
NEW QUESTION 47
Which of the following types of coaxial cable is used for cable TV and cable modems?
- A. RG-62
- B. RG-58
- C. RG-59
- D. RG-8
Answer: C
Explanation:
Explanation
Explanation:
RG-59 type of coaxial cable is used for cable TV and cable modems.
Answer option A is incorrect. RG-8 coaxial cable is primarily used as a backbone in an Ethernet LAN
environment and often connects one wiring closet to another. It is also known as 10Base5 or ThickNet.
Answer option B is incorrect. RG-62 coaxial cable is used for ARCNET and automotive radio antennas.
Answer option D is incorrect. RG-58 coaxial cable is used for Ethernet networks. It uses baseband signaling
and 50-Ohm terminator. It is also known as 10Base2 or ThinNet.
NEW QUESTION 48
Management wants to bring their organization into compliance with the ISO standard for information security risk management. Which ISO standard will management decide to implement?
- A. ISO/IEC 27005
- B. ISO/IEC 27004
- C. ISO/IEC 27002
- D. ISO/IEC 27006
Answer: A
NEW QUESTION 49
Which of the following is an exterior gateway protocol that communicates using a Transmission Control Protocol (TCP) and sends the updated router table information?
- A. BGP
- B. IGMP
- C. OSPF
- D. IRDP
Answer: A
Explanation:
Border Gateway Protocol (BGP) is an exterior gateway protocol. It communicates using a Transmission Control Protocol (TCP) and sends the updated router table information. The best path is chosen on the basis of cost metric associated with the route. It is used between gateway hosts in a network.
Answer option C is incorrect. Open Shortest Path First (OSPF) is a routing protocol that is used in large networks. Internet Engineering Task Force (IETF) designates OSPF as one of the Interior Gateway Protocols.
A host uses OSPF to obtain a change in the routing table and to immediately multicast updated information to all the other hosts in the network.
Answer option A is incorrect. IGMP stands for Internet Group Management Protocol. IGMP is a communication protocol that is used to manage the membership of Internet protocol multicast groups. It is an integral part of the IP multicast specification. Although it does not actually act as a transport protocol, it operates above the network layer. It is analogous to ICMP for unicast connections. It is susceptible to some attacks, so firewalls commonly allow the user to disable it if not needed.
Answer option B is incorrect. ICMP Router Discovery Protocol (IRDP) uses Internet Control Message Protocol (ICMP) router advertisements and router solicitation messages to allow a host to discover the addresses of operational routers on the subnet. It basically consists of 2 message types used for discovering local routers.
The message type 9 is sent periodically or on request (using a message of type 10) to the local subnet from the local routers to propagate themselves. On boot, the client may send an ICMP message of type 10 to ask for local routers. When a client receives a message type 9, they add the router to their local routing-table.
NEW QUESTION 50
A war dialer is a tool that is used to scan thousands of telephone numbers to detect vulnerable modems. It
provides an attacker unauthorized access to a computer. Which of the following tools can an attacker use to
perform war dialing? Each correct answer represents a complete solution. Choose all that apply.
- A. Wingate
- B. ToneLoc
- C. NetStumbler
- D. THC-Scan
Answer: B,D
Explanation:
THC-Scan and ToneLoc are tools used for war dialing. A war dialer is a tool that is used to scan thousands of
telephone numbers to detect vulnerable modems. It provides the attacker unauthorized access to a computer.
Answer option D is incorrect. NetStumbler is a Windows-based tool that is used for the detection of wireless
LANs using the IEEE 802.11a, 802.11b, and 802.11g standards. It detects wireless networks and marks their
relative position with a GPS. It uses an 802.11 Probe Request
that has been sent to the broadcast destination address.
Answer option B is incorrect. Wingate is a proxy server.
NEW QUESTION 51
Which of the following networks interconnects devices centered on an individual person's workspace?
- A. WMAN
- B. WLAN
- C. WWAN
- D. WPAN
Answer: D
NEW QUESTION 52
Which of the following can be performed with software or hardware devices in order to record everything a
person types using his or her keyboard?
- A. War dialing
- B. Warchalking
- C. Keystroke logging
- D. IRC bot
Answer: C
Explanation:
Keystroke logging is a method of logging and recording user keystrokes. It can be performed with software or
hardware devices. Keystroke logging devices can record everything a person types using his or her keyboard,
such as to measure employee's productivity on certain clerical tasks. These types of devices can also be used
to get usernames, passwords, etc.
Answer option C is incorrect. War dialing is a technique of using a modem to automatically scan a list of
telephone numbers, usually dialing every number in a local area code to search for computers, BBS systems,
and fax machines. Hackers use the resulting lists for various purposes, hobbyists for exploration, and crackers
(hackers that specialize in computer security) for password guessing.
Answer option A is incorrect. Warchalking is the drawing of symbols in public places to advertise an open Wi-Fi
wireless network. Having found a Wi-Fi node, the warchalker draws a special symbol on a nearby object, such
as a wall, the pavement, or a lamp post. The name warchalking is derived from the cracker terms war dialing
and war driving.
Answer option D is incorrect. An Internet Relay Chat (IRC) bot is a set of scripts or an independent program
that connects to Internet Relay Chat as a client, and so appears to other IRC users as another user. An IRC
bot differs from a regular client in that instead of providing interactive access to IRC for a human user, it
performs automated functions.
NEW QUESTION 53
Which of the following UTP cables uses four pairs of twisted cable and provides transmission speeds of up to
16 Mbps?
- A. Category 6
- B. Category 5e
- C. Category 5
- D. Category 3
Answer: D
Explanation:
Category 3 type of UTP cable uses four pairs of twisted cable and provides transmission speeds of up to 16
Mbps. They are commonly used in Ethernet networks that operate at the speed of 10 Mbps. A higher speed is
also possible by these cables implementing the Fast Ethernet (100Base-T4) specifications. This cable is used
mainly for telephone systems.
Answer option C is incorrect. This category of UTP cable is the most commonly used cable in present day
networks. It consists of four twisted pairs and is used in those Ethernet networks that run at the speed of 100
Mbps. Category 5 cable can also provide a higher speed of up to 1000 Mbps.
Answer option A is incorrect. It is also known as Category 5 Enhanced cable. Its specification is the same as
category 5, but it has some enhanced features and is used in Ethernets that run at the speed of 1000 Mbps.
Answer option D is incorrect. This category of UTP cable is designed to support high-speed networks that run
at the speed of 1000 Mbps. It consists of four pairs of wire and uses all of them for data transmission. Category
6 provides more than twice the speed of Category 5e, but is also more expensive.
NEW QUESTION 54
You work as the network administrator for uCertify Inc. The company has planned to add the support for IPv6 addressing. The initial phase deployment of IPv6 requires support from some IPv6-only devices. These devices need to access servers that support only IPv4. Which of the following tools would be suitable to use?
- A. NAT-PT
- B. Native IPv6
- C. Point-to-point tunnels
- D. Multipoint tunnels
Answer: A
Explanation:
NAT-PT (Network address translation-Protocol Translation) is useful when an IPv4-only host needs to communicate with an IPv4-only host. NAT-PT (Network Address Translation-Protocol Translation) is an implementation of RFC 2766 as specified by the IETF. NAT-PT was designed so that it can be run on low-end, commodity hardware. NAT-PT runs in user space, capturing and translating packets between the IPv6 and IPv4 networks (and vice-versa). NAT-PT uses the Address Resolution Protocol (ARP) and Neighbor Discovery (ND) on the IPv4 and IPv6 network systems, respectively.
NAT-Protocol Translation can be used to translate both the source and destination IP addresses. Answer option D is incorrect. Native IPv6 is of use when the IPv6 deployment is pervasive, with heavy traffic loads. Answer option C is incorrect. Point-to-point tunnels work well when IPv6 is needed only in a subset of sites. These point-to-point tunnels act as virtual point-to-point serial link. These are
useful when the traffic is of very high volume.
Answer option A is incorrect. The multipoint tunnels are used for IPv6 deployment even when IPv6
is needed in a subset of sites and is suitable when the traffic is infrequent and of less predictable
volume.
NEW QUESTION 55
CORRECT TEXT
Fill in the blank with the appropriate word. The ____________________risk analysis process analyzes the effect of a risk event deriving a numerical value.
Answer:
Explanation:
quantitative
Explanation:
Quantitative risk analysis is a process to assess the probability of achieving particular project objectives, to quantify the effect of risks on the whole project objective, and to prioritize the risks based on the impact to the overall project risk. The quantitative risk analysis process analyzes the effect of a risk event deriving a numerical value. It also presents a quantitative approach to build decisions in the presence of uncertainty. The inputs for quantitative risk analysis are as follows: Organizational process assets Project scope statement Risk management plan Risk register Project management plan
NEW QUESTION 56
Which of the following tools examines a system for a number of known weaknesses and alerts the
administrator?
- A. SAINT
- B. COPS
- C. Nessus
- D. SATAN
Answer: B
NEW QUESTION 57
CORRECT TEXT
Fill in the blank with the appropriate word. The primary goal of _________________ risk analysis is to determine the proportion of effect and theoretical response.
Answer:
Explanation:
qualitative
Explanation:
Qualitative risk analysis uses the likelihood and impact of the identified risks in a fast and cost-effective manner. Qualitative risk analysis establishes a basis for a focused quantitative analysis or risk response plan by evaluating the precedence of risks with a view to impact on the project's scope, cost, schedule, and quality objectives. Qualitative risk analysis is conducted at any point in a project life cycle. The primary goal of qualitative risk analysis is to determine the proportion of effect and theoretical response. The inputs to the qualitative risk analysis process are as follows: Organizational process assets Project scope statement Risk management plan Risk register
NEW QUESTION 58
Which of the following tools is an open source network intrusion prevention and detection system that operates
as a network sniffer and logs activities of the network that is matched with the predefined signatures?
- A. Dsniff
- B. KisMAC
- C. Snort
- D. Kismet
Answer: C
Explanation:
Snort is an open source network intrusion prevention and detection system that operates as a network sniffer.
It logs activities of the network that is matched with the predefined signatures. Signatures can be designed for
a wide range of traffic, including Internet Protocol (IP), Transmission Control Protocol (TCP), User Datagram
Protocol (UDP), and Internet Control Message Protocol (ICMP). The three main modes in which Snort can be
configured are as follows:
Sniffer mode: It reads the packets of the network and displays them in a continuous stream on the console.
Packet logger mode: It logs the packets to the disk.
Network intrusion detection mode: It is the most complex and configurable configuration, allowing Snort to
analyze network traffic for matches against a user-defined rule set.
Answer option A is incorrect. Dsniff is a set of tools that are used for sniffing passwords, e-mail, and HTTP
traffic. Some of the tools of Dsniff include dsniff, arpredirect, macof, tcpkill, tcpnice, filesnarf, and mailsnarf.
Dsniff is highly effective for sniffing both switched and shared networks. It uses the arpredirect and macof tools
for switching across switched networks. It can also be used to capture authentication information for FTP,
telnet, SMTP, HTTP, POP, NNTP, IMAP, etc.
Answer option D is incorrect. Kismet is a Linux-based 802.11 wireless network sniffer and intrusion detection
system. It can work with any wireless card that supports raw monitoring (rfmon) mode. Kismet can sniff
802.11b, 802.11a, 802.11g, and 802.11n traffic. Kismet can be used for the following tasks:
To identify networks by passively collecting packets
To detect standard named networks
To detect masked networks
To collect the presence of non-beaconing networks via data traffic
Answer option B is incorrect. KisMAC is a wireless network discovery tool for Mac OS
X. It has a wide range of
features, similar to those of Kismet, its Linux/BSD namesake and far exceeding those of NetStumbler, its
closest equivalent on Windows. The program is geared towards the network security professionals, and is not
as novice-friendly as the similar applications. KisMAC will scan for networks passively on supported cards,
including Apple's AirPort, AirPort Extreme, and many third-party cards. It will scan for networks actively on any
card supported by Mac OS X itself.
Cracking of WEP and WPA keys, both by brute force, and exploiting flaws, such as weak scheduling and badly
generated keys is supported when a card capable of monitor mode is used, and when packet reinsertion can
be done with a supported card. The GPS mapping can be performed when an NMEA compatible GPS receiver
is attached. Data can also be saved in pcap format and loaded into programs, such as Wireshark.
NEW QUESTION 59
Which of the following is a Cisco product that performs VPN and firewall functions?
- A. Circuit-Level Gateway
- B. PIX Firewall
- C. IP Packet Filtering Firewall
- D. Application Level Firewall
Answer: B
NEW QUESTION 60
......
Resources From:
- 2021 Latest ValidBraindumps 312-38 Exam Dumps (PDF & Exam Engine) Free Share: https://www.validbraindumps.com/312-38-exam-prep.html
- 2021 Latest ValidBraindumps 312-38 PDF and 312-38 Exam Dumps Free Share: https://drive.google.com/open?id=1Wb_Hfs3AK3CCuf02tut5hIvz8n1CZeAC
Free Resources from ValidBraindumps, We Devoted to Helping You 100% Pass All Exams!