EC-Council 312-38 Real Exam Questions
The questions for 312-38 were last updated at Dec 19,2024.
- Exam Code: 312-38
- Exam Name: Certified Network Defender
- Certification Provider: EC-Council
- Latest update: Dec 19,2024
Management wants to calculate the risk factor for their organization. Kevin, a network administrator in the organization knows how to calculate the risk factor. Certain parameters are required before calculating risk factor.
What are they? (Select all that apply) Risk factor =………….X……………X………..
- A . Vulnerability
- B . Impact
- C . Attack
- D . Threat
Smith is an IT technician that has been appointed to his company’s network vulnerability assessment team. He is the only IT employee on the team. The other team members include employees from Accounting, Management, Shipping, and Marketing. Smith and the team members are having their first meeting to discuss how they will proceed.
What is the first step they should do to create the network vulnerability assessment plan?
- A . Their first step is to analyze the data they have currently gathered from the company or interviews.
- B . Their first step is to make a hypothesis of what their final findings will be.
- C . Their first step is to create an initial Executive report to show the management team.
- D . Their first step is the acquisition of required documents, reviewing of security policies and compliance.
Assume that you are a network administrator and the company has asked you to draft an Acceptable Use Policy (AUP) for employees.
Under which category of an information security policy does AUP fall into?
- A . System Specific Security Policy (SSSP)
- B . Incident Response Policy (IRP)
- C . Enterprise Information Security Policy (EISP)
- D . Issue Specific Security Policy (ISSP)
John wants to implement a firewall service that works at the session layer of the OSI model. The firewall must also have the ability to hide the private network information.
Which type of firewall service is John thinking of implementing?
- A . Application level gateway
- B . Stateful Multilayer Inspection
- C . Circuit level gateway
- D . Packet Filtering
An enterprise recently moved to a new office and the new neighborhood is a little risky. The CEO wants to monitor the physical perimeter and the entrance doors 24 hours.
What is the best option to do this job?
- A . Install a CCTV with cameras pointing to the entrance doors and the street
- B . Use fences in the entrance doors
- C . Use lights in all the entrance doors and along the company’s perimeter
- D . Use an IDS in the entrance doors and install some of them near the corners
As a network administrator, you have implemented WPA2 encryption in your corporate wireless network. The WPA2’s _________integrity check mechanism provides security against a replay attack
- A . CRC-32
- B . CRC-MAC
- C . CBC-MAC
- D . CBC-32
Identify the spread spectrum technique that multiplies the original data signal with a pseudo random noise spreading code.
- A . FHSS
- B . DSSS
- C . OFDM
- D . ISM
Assume that you are working as a network administrator in the head office of a bank. One day a bank employee informed you that she is unable to log in to her system. At the same time, you get a call from another network administrator informing you that there is a problem connecting to the main server.
How will you prioritize these two incidents?
- A . Based on approval from management
- B . Based on a first come first served basis
- C . Based on a potential technical effect of the incident
- D . Based on the type of response needed for the incident
Steven’s company has recently grown from 5 employees to over 50. Every workstation has a public IP address and navigated to the Internet with little to no protection. Steven wants to use a firewall. He also wants IP addresses to be private addresses, to prevent public Internet devices direct access to them.
What should Steven implement on the firewall to ensure this happens?
- A . Steven should use a Demilitarized Zone (DMZ)
- B . Steven should use Open Shortest Path First (OSPF)
- C . Steven should use IPsec
- D . Steven should enabled Network Address Translation (NAT)
Ross manages 30 employees and only 25 computers in the organization. The network the company uses is a peer-to-peer. Ross configures access control measures allowing the employees to set their own control measures for their files and folders.
Which access control did Ross implement?
- A . Discretionary access control
- B . Mandatory access control
- C . Non-discretionary access control
- D . Role-based access control