312-38 - EC-Council Network Security Administrator

Go back to ECCouncil

Example Questions

Which of the following attacks are computer threats that try to exploit computer application vulnerabilities that are unknown to others or undisclosed to the software developer? Each correct answer represents a complete solution. Choose all that apply. Which of the following is a management process that provides a framework for promoting quick recovery and the capability for an effective response to protect the interests of its brand, reputation, and stakeholders? Which of the following layers of the OSI model provides end-to-end connections and reliability? Which of the following is designed to detect the unwanted presence of fire by monitoring environmental changes associated with combustion? Which of the following protocols is a method for implementing virtual private networks? What is the bit size of the Next Header field in the IPv6 header format? Which of the following protocols is used for inter-domain multicast routing? Which of the following wireless networks provides connectivity over distance up to 20 feet? Which of the following statements best describes the consequences of the disaster recovery plan test? Which of the following IEEE standards defines the token passing ring topology? Which of the following is a type of computer security that deals with protection against spurious signals emitted by electrical equipment in the system? Which of the following policies helps in defining what users can and should do to use network and organization's computer equipment? Which of the following layers of TCP/IP model is used to move packets between the Internet Layer interfaces of two different hosts on the same link? Which of the following is a software tool used in passive attacks for capturing network traffic? Which of the following statements are TRUE about Demilitarized zone (DMZ)? Each correct answer represents a complete solution. Choose all that apply. Which of the following is the practice of sending unwanted e-mail messages, frequently with commercial content, in large quantities to an indiscriminate set of recipients? Each correct answer represents a complete solution. Choose all that apply. Which of the following types of coaxial cable is used for cable TV and cable modems? Which of the following ranges of addresses can be used in the first octet of a Class B network address? You are a professional Computer Hacking forensic investigator. You have been called to collect evidences of buffer overflow and cookie snooping attacks. Which of the following logs will you review to accomplish the task? Each correct answer represents a complete solution. Choose all that apply. Which of the following is an Internet application protocol used for transporting Usenet news articles between news servers and for reading and posting articles by end-user client applications? You work as a professional Computer Hacking Forensic Investigator for DataEnet Inc. You want to investigate e-mail information of an employee of the company. The suspected employee is using an online e-mail system such as Hotmail or Yahoo. Which of the following folders on the local computer will you review to accomplish the task? Each correct answer represents a complete solution. Choose all that apply. Which of the following is a firewall that keeps track of the state of network connections traveling across it? Which of the following is a computer network that covers a broad area? Which of the following protocols supports source-specific multicast (SSM)? In which of the following types of port scans does the scanner attempt to connect to all 65,535 ports? Which of the following is a network analysis tool that sends packets with nontraditional IP stack parameters? Which of the following standards is approved by IEEE-SA for wireless personal area networks? Which of the following is also known as stateful firewall? In an Ethernet peer-to-peer network, which of the following cables is used to connect two computers, using RJ-45 connectors and Category-5 UTP cable? Which of the following standards defines Logical Link Control (LLC)? Which of the following is the type of documented business rule for protecting information and the systems, which store and process the information Which of the following firewalls are used to track the state of active connections and determine the network packets allowed to enter through the firewall?Each correct answer represents a complete solution. Choose all that apply. Which of the following TCP/IP state transitions represents no connection state at all? Which of the following protocols is used to share information between routers to transport IP Multicast packets among networks? You are advising a school district on disaster recovery plans. In case a disaster affects the main IT centers for the district they will need to be able to work from an alternate location. However, budget is an issue. Which of the following is most appropriate for this client? Which of the following tools scans the network systems for well-known and often exploited vulnerabilities? Which of the following steps will NOT make a server fault tolerant? Each correct answer represents a complete solution. Choose two. Which of the following techniques is also called access point mapping? Which of the following types of RAID is also known as disk striping? What is the response of an Xmas scan if a port is either open or filtered? Which of the following is the process of managing incidents in an enterprise? John works as a C programmer. He develops the following C program: #include <stdlib.h> #include <stdio.h> #include <string.h> int buffer(char *str) { char buffer1[10]; strcpy(buffer1, str); return 1; } int main(int argc, char *argv[]) { buffer (argv[1]); printf("Executed\n"); return 1; } His program is vulnerable to a __________ attack. Which of the following is a method of authentication that uses physical characteristics? Which of the following is a network interconnectivity device that translates different communication protocols and is used to connect dissimilar network technologies? Adam works as a Professional Penetration Tester. A project has been assigned to him to test the vulnerabilities of the CISCO Router of Umbrella Inc. Adam finds out that HTTP Configuration Arbitrary Administrative Access Vulnerability exists in the router. By applying different password cracking tools, Adam gains access to the router. He analyzes the router config file and notices the following lines: logging buffered errors logging history critical logging trap warnings logging 10.0.1.103 By analyzing the above lines, Adam concludes that this router is logging at log level 4 to the syslog server 10.0.1.103. He decides to change the log level from 4 to 0. Which of the following is the most likely reason of changing the log level? The IP addresses reserved for experimental purposes belong to which of the following classes? Which of the following is the best way of protecting important data against virus attack? Which of the following is a malicious program that looks like a normal program? Which of the following attacks comes under the category of an active attack? Which of the following commands is used for port scanning?