[Free] 2018(Jan) Dumps4cert Examcollection ECCouncil 312-38 Dumps with VCE and PDF 101-110
EC-Council Network Security Administrator (ENSA)
Question No: 101 – (Topic 2)
You are taking over the security of an existing network. You discover a machine that is not being used as such, but has software on it that emulates the activity of a sensitive database server. What is this?
A Polymorphic Virus
A reactive IDS.
A Honey Pot
Answer: D Explanation:
A honey pot is a device specifically designed to emulate a high value target such as a database server or entire sub section of your network. It is designed to attract the hacker#39;s attention.
Question No: 102 – (Topic 2)
Alice wants to prove her identity to Bob. Bob requests her password as proof of identity, which Alice dutifully provides (possibly after some transformation like a hash function); meanwhile, Eve is eavesdropping the conversation and keeps the password. After the interchange is over, Eve connects to Bob posing as Alice; when asked for a proof of identity, Eve sends Alice#39;s password read from the last session, which Bob accepts. Which of the following attacks is being used by Eve?
Cross site scripting
Answer: A Explanation:
Eve is using Replay attack. A replay attack is a type of attack in which attackers capture packets containing passwords or digital signatures whenever packets pass between two hosts on a network. In an attempt to obtain an authenticated connection, the attackers then resend the captured packet to the system. In this type of attack, the attacker does not know the actual password, but can simply replay the captured packet. Session tokens can be used to avoid replay attacks. Bob sends a one-time token to Alice, which Alice uses to transform the password and send the result to Bob (e.g. computing a hash function of the session token appended to the password). On his side Bob performs the same computation; if and only if both values match, the login is successful. Now suppose Mallory has captured this value and tries to use it on another session; Bob sends a different session token, and when Mallory replies with the captured value it will be different from Bob#39;s computation.
Answer option C is incorrect. In the cross site scripting attack, an attacker tricks the user#39;s
computer into running code, which is treated as trustworthy because it appears to belong to the server, allowing the attacker to obtain a copy of the cookie or perform other operations. Answer option B is incorrect. Firewalking is a technique for gathering information about a remote network protected by a firewall. This technique can be used effectively to perform information gathering attacks. In this technique, an attacker sends a crafted packet with a TTL value that is set to expire one hop past the firewall.
Answer option D is incorrect. In session fixation, an attacker sets a user#39;s session id to one known to him, for example by sending the user an email with a link that contains a particular session id. The attacker now only has to wait until the user logs in.
Question No: 103 – (Topic 2)
Which of the following types of transmission is the process of sending one bit at a time over a single transmission line?
Serial data transmission
Parallel data transmission
Answer: B Explanation:
In serial data transmission, one bit is sent after another (bit-serial) on a single transmission line. It is the simplest method of transmitting digital information from one point to another. This transmission is suitable for providing communication between two participants as well as for multiple participants. It is used for all long-haul communication and provides high data rates. It is also inexpensive and beneficial in transferring data over long distances.
Answer option D is incorrect. In parallel data transmission, several data signals are sent simultaneously over several parallel channels. Parallel data transmission is faster than serial data transmission. It is used primarily for transferring data between devices at the same site. For instance, communication between a computer and printer is most often parallel, allowing the entire byte to be transferred in one operation.
Answer option A is incorrect. The unicast transmission method is used to establish communication between a single host and a single receiver. Packets sent to a unicast address are delivered to the interface recognized by that IP address, as shown in the following figure:
Answer option C is incorrect. The multicast transmission method is used to establish communication between a single host and multiple receivers. Packets are sent to all interfaces recognized by that IP address, as shown in the figure below:
Question No: 104 CORRECT TEXT – (Topic 2)
Fill in the blank with the appropriate term. management is an area of systems management that involves acquiring, testing, and installing multiple patches (code changes) to an administered computer system.
Question No: 105 – (Topic 2)
Which of the following are used as a cost estimating technique during the project planning stage?Each correct answer represents a complete solution. Choose three.
Function point analysis
Program Evaluation Review Technique (PERT)
Answer: A,C,D Explanation:
Delphi technique, expert judgment, and function point analysis are used as a cost estimating technique during the project planning stage. Delphi is a technique to identify potential risk. In this technique, the responses are gathered via a questionnaire from different experts and their inputs are organized according to their contents. The collected responses are sent back to these experts for further input, addition, and comments. The final list of risks in the project is prepared after that. The participants in this technique are anonymous and therefore it helps prevent a person from unduly influencing the others in the group. The Delphi technique helps in reaching the consensus quickly. Expert judgment is a technique based on a set of criteria that has been acquired in a specific knowledge area or product area. It is obtained when the project manager or project team requires specialized knowledge that they do not possess. Expert judgment involves people most familiar with the work of creating estimates. Preferably, the project team member who will be doing the task should complete the estimates. Expert judgment is applied when performing administrative closure activities, and experts should ensure the project or phase closure is performed to the appropriate standards.
A function point is a unit of measurement to express the amount of business functionality an information system provides to a user. Function points are the units of measure used by the IFPUG Functional Size Measurement Method. The IFPUG FSM Method is an ISO
recognized software metric to size an information system based on the functionality that is perceived by the user of the information system, independent of the technology used to implement the information system.
Answer option B is incorrect. A PERT chart is a project management tool used to schedule, organize, and coordinate tasks within a project. PERT stands for Program Evaluation Review Technique, a methodology developed by the U.S. Navy in the 1950s to manage the Polaris
submarine missile program. A PERT chart presents a graphic illustration of a project as a network diagram consisting of numbered nodes (either circles or rectangles) representing events, or milestones in the project linked by labeled vectors (directional lines) representing tasks in the project. The direction of the arrows on the lines indicates the sequence of tasks.
Question No: 106 – (Topic 2)
Which of the following provide an quot;always onquot; Internet access service when connecting to an ISP?Each correct answer represents a complete solution. Choose two.
Answer: B,D Explanation:
DSL and Cable modems are used in remote-access WAN technology for connecting to the Internet. Both provide an quot;always onquot; Internet access service.
Answer options C and A are incorrect. Analog and Digital modems are not always in #39;ON#39; mode when connecting to an ISP. Analog modems transmit analog voice signals, while Digital modems transmit digital signals over a link.
Question No: 107 – (Topic 2)
Which of the following types of coaxial cable is used for cable TV and cable modems?
Answer: B Explanation:
RG-59 type of coaxial cable is used for cable TV and cable modems.
Answer option D is incorrect. RG-8 coaxial cable is primarily used as a backbone in an Ethernet LAN environment and often connects one wiring closet to another. It is also known as 10Base5 or ThickNet.
Answer option A is incorrect. RG-62 coaxial cable is used for ARCNET and automotive radio antennas.
Answer option C is incorrect. RG-58 coaxial cable is used for Ethernet networks. It uses baseband signaling and 50-Ohm terminator. It is also known as 10Base2 or ThinNet.
Question No: 108 – (Topic 2)
Which of the following fields in the IPv6 header is decremented by 1 for each router that forwards the packet?
Answer: D Explanation:
The hop limit field in the IPv6 header is decremented by 1 for each router that forwards a packet. The packet is discarded when the hop limit field reaches zero.
Answer option B is incorrect. Next header is an 8-bit field that specifies the next encapsulated protocol.
Answer option A is incorrect. Flow label is a 20-bit field that is used for specifying special router handling from source to destination for a sequence of packets.
Answer option C is incorrect. Traffic class is an 8-bit field that specifies the Internet traffic priority delivery value.
Question No: 109 – (Topic 2)
Which of the following is a type of computer security that deals with protection against spurious signals emitted by electrical equipment in the system?
Answer: C Explanation:
Emanation security is one of the types of computer security that deals with protection against spurious signals emitted by electrical equipment in the system, such as electromagnetic emission (from displays), visible emission (displays may be visible through windows), and audio emission (sounds from printers, etc). Answer option D is incorrect.
Hardware security helps in dealing with the vulnerabilities in the handling of hardware. Answer option B is incorrect. Physical security helps in dealing with protection of computer hardware and associated equipment.
Answer option A is incorrect. Communication security helps in dealing with the protection of data and information during transmission.
Question No: 110 – (Topic 2)
Which of the following network devices operate at the network layer of the OSI model? Each correct answer represents a complete solution. Choose all that apply.
Answer: A,D Explanation:
A router is a device that routes data packets between computers in different networks. It is used to connect multiple networks, and it determines the path to be taken by each data packet to its destination computer. A router maintains a routing table of the available routes and their conditions. By using this information, along with distance and cost algorithms, the router determines the best path to be taken by the data packets to the destination computer. A router can connect dissimilar networks, such as Ethernet, FDDI, and Token Ring, and route data packets among them. Routers operate at the network layer (layer 3) of the Open Systems Interconnection (OSI) model.
A gateway is a network point that acts as an entrance to another network. On the Internet, a node or stopping point can be either a gateway node or a host (end-point) node. Both the computers of Internet users and the computers that serve pages to users are host nodes. The computers that control traffic within a company#39;s network or at a local Internet service provider (ISP) are gateway nodes. In the network for an enterprise, a computer server acting as a gateway node is often also acting as a proxy server and a firewall server. A gateway is often associated with both a router, which knows where to direct a given packet of data that arrives at the gateway, and a switch, which furnishes the actual path in and out of the gateway for a given packet. Most of the gateways operate at the application layer, but can operate at the network or session layer of the OSI model.
Answer option C is incorrect. A repeater operates only at the physical layer of the OSI model.
Answer option B is incorrect. A bridge operates at the data link layer of the OSI model.
|Lowest Price Guarantee||Yes||No||No|
|Free VCE Simulator||Yes||No||No|