[2024] New 312-38 exam Free Sample Questions to Practice [Q135-Q152]

[2024] New 312-38 exam Free Sample Questions to Practice

Cover Real 312-38 Exam Questions Make Sure You 100% Pass

The CND certification exam is divided into various sections, including network security, network defense, and security policies and procedures. 312-38 exam consists of 100 multiple-choice questions and is designed to test the candidate's knowledge of the various topics covered in the certification. 312-38 exam is administered online and can be taken at any time, making it convenient for professionals who are unable to attend traditional classroom training.

 

NEW QUESTION # 135
Ryan, a network security engineer, after a recent attack, is trying to get information about the kind of attack his users were facing. He has decided to put into production one honeypot called Kojoney. He is interested in emulating the network vulnerability, rather than the real vulnerability system, making this probe safer and more flexible. Which type of honeypot is he trying to implement?

• A. Pure honeypots
• B. Research honeypot
• C. Low interaction honeypots
• D. High interaction honeypots

Answer: C

Explanation:
Ryan is implementing a low interaction honeypot with Kojoney. Low interaction honeypots are designed to emulate services and applications to a certain degree without exposing the real underlying system. They provide a safe environment that can be used to study the attacker's behavior and methods without the risk of compromising the actual system. Kojoney, specifically, is a low interaction honeypot that emulates an SSH server1. It uses minimal resources and is less complex compared to high interaction honeypots, making it easier to deploy and manage. By simulating network vulnerabilities rather than actual system vulnerabilities, Kojoney can attract attackers and record their interaction, which helps in understanding the attack patterns and potentially identifying the attackers.

NEW QUESTION # 136
Which of the following is a standard-based protocol that provides the highest level of VPN security?

• A. IP
• B. L2TP
• C. IPSec
• D. PPP

Answer: C

Explanation:
Internet Protocol Security (IPSec) is a standard-based protocol that provides the highest level of VPN security.
IPSec can encrypt virtually everything above the networking layer. It is used for VPN connections that use the
L2TP protocol. It secures both data and password. IPSec cannot be used with Point-to-Point Tunneling
Protocol (PPTP).
Answer option B is incorrect. The Internet Protocol (IP) is a protocol used for communicating data across a
packet-switched inter-network using the Internet Protocol Suite, also referred to as TCP/IP.IP is the primary
protocol in the Internet Layer of the Internet Protocol Suite and has the task of delivering distinguished protocol
datagrams (packets) from the source host to the destination host solely based on their addresses. For this
purpose, the Internet Protocol defines addressing methods and structures for datagram encapsulation. The
first major version of addressing structure, now referred to as Internet Protocol Version 4 (IPv4), is still the
dominant protocol of the Internet, although the successor, Internet Protocol Version 6 (IPv6), is being deployed
actively worldwide.
Answer option C is incorrect. Point-to-Point Protocol (PPP) is a remote access protocol commonly used to
connect to the Internet. It supports compression and encryption and can be used to connect to a variety of
networks. It can connect to a network running on the IPX, TCP/IP, or NetBEUI protocol. It supports multi-
protocol and dynamic IP assignments. It is the default protocol for the Microsoft Dial-Up adapter.
Answer option A is incorrect. Layer 2 Tunneling Protocol (L2TP) is a more secure version of Point-to-Point
Tunneling Protocol (PPTP). It provides tunneling, address assignment, and authentication. It allows the transfer
of Point-to-Point Protocol (PPP) traffic between different networks. L2TP combines with IPSec to provide
tunneling and security for Internet Protocol (IP), Internetwork Packet Exchange (IPX), and other protocol
packets across IP networks.

NEW QUESTION # 137
Nancy is working as a network administrator for a small company. Management wants to implement a RAID storage for their organization. They want to use the appropriate RAID level for their backup plan that will satisfy the following requirements: 1. It has a parity check to store all the information about the data in multiple drives 2. Help reconstruct the data during downtime. 3. Process the data at a good speed. 4. Should not be expensive. The management team asks Nancy to research and suggest the appropriate RAID level that best suits their requirements. What RAID level will she suggest?

• A. RAID 1
• B. RAID 0
• C. RAID 3
• D. RAID 10

Answer: C

Explanation:
RAID 3 is a level of RAID that uses striping with a dedicated parity disk. This means that data is spread across multiple disks, and parity information is stored on one dedicated disk. RAID 3 allows for good read and write speeds and can reconstruct data if one drive fails, thanks to the parity information. It is also a cost-effective solution because it requires only one additional disk for parity, regardless of the size of the array. This makes it suitable for environments where data throughput and fault tolerance are important but budget constraints are a consideration.
References: The explanation aligns with the RAID level characteristics and the requirements specified by the management team. RAID 3's ability to provide parity checks, data reconstruction during downtime, and process data at a good speed while being cost-effective makes it an appropriate choice123.

NEW QUESTION # 138
Which of the following standards defines Logical Link Control (LLC)?

• A. 802.4
• B. 802.3
• C. 802.2
• D. 802.5

Answer: C

NEW QUESTION # 139
Adam, a malicious hacker, has just succeeded in stealing a secure cookie via a XSS attack. He is able to replay the cookie even while the session is valid on the server. Which of the following is the most likely reason of this cause?

• A. Two way encryption is applied.
• B. Encryption is performed at the application layer (single encryption key).
• C. Encryption is performed at the network layer (layer 1 encryption).
• D. No encryption is applied.

Answer: B

Explanation:
Single key encryption uses a single word or phrase as the key. The same key is used by the sender to encrypt and the receiver to decrypt. Sender and receiver initially need to have a secure way of passing the key from one to the other. With TLS or SSL this would not be possible. Symmetric encryption is a type of encryption that uses a single key to encrypt and decrypt data. Symmetric encryption algorithms are faster than public key encryption. Therefore, it is commonly used when a message sender needs to encrypt a large amount of data. Data Encryption Standard (DES) uses the symmetric encryption key algorithm to encrypt data.

NEW QUESTION # 140
Which of the following UTP cables is NOT suitable for data transmission or Ethernet data work usage?

• A. Category 1
• B. Category 5
• C. Category 4
• D. Category 6

Answer: A

NEW QUESTION # 141
Which of the following standards is an amendment to the original IEEE 802.11 and specifies security
mechanisms for wireless networks?

• A. 802.11b
• B. 802.11e
• C. 802.11i
• D. 802.11a

Answer: C

Explanation:
Explanation
Explanation:
802.11i is an amendment to the original IEEE 802.11. This standard specifies security mechanisms for
wireless networks. It replaced the short Authentication and privacy clause of the original standard with a
detailed Security clause. In the process, it deprecated the broken WEP. 802.11i supersedes the previous
security specification, Wired Equivalent Privacy (WEP), which was shown to have severe security weaknesses.
Wi-Fi Protected Access (WPA) had previously been introduced by the Wi-Fi Alliance as an intermediate
solution to WEP insecurities. The Wi-Fi Alliance refers to their approved, interoperable implementation of the
full 802.11i as WPA2, also called RSN (Robust Security Network). 802.11i makes use of the Advanced
Encryption Standard (AES) block cipher, whereas WEP and WPA use the RC4 stream cipher.
Answer option D is incorrect. 802.11a is an amendment to the IEEE 802.11 specification that added a higher
data rate of up to 54 Mbit/s using the 5 GHz band. It has seen widespread worldwide implementation,
particularly within the corporate workspace. Using the 5 GHz band gives 802.11a a significant advantage, since
the 2.4 GHz band is heavily used to the point of being crowded. Degradation caused by such conflicts can
cause frequent dropped connections and degradation of service.
Answer option A is incorrect. 802.11b is an amendment to the IEEE 802.11 specification that extended
throughput up to 11 Mbit/s using the same 2.4 GHz band. This specification under the marketing name of Wi-Fi
has been implemented all over the world. 802.11b is used in a point-to-multipoint configuration, wherein an
access point communicates via an omni-directional antenna with one or more nomadic or mobile clients that
are located in a coverage area around the access point.
Answer option B is incorrect. The 802.11e standard is a proposed enhancement to the 802.11a and 802.11b
wireless LAN (WLAN) specifications. It offers quality of service (QoS) features, including the prioritization of
data, voice, and video transmissions. 802.11e enhances the 802.11 Media Access Control layer (MAC layer)
with a coordinated time division multiple access (TDMA) construct, and adds error-correcting mechanisms for
delay-sensitive applications such as voice and video.

NEW QUESTION # 142
Paul is a network security technician working on a contract for a laptop manufacturing company in Chicago.
He has focused primarily on securing network devices, firewalls, and traffic traversing in and out of the network. He just finished setting up a server a gateway between the internal private network and the outside public network. This server will act as a proxy, limited amount of services, and will filter packets. What is this type of server called?

• A. Bastion host
• B. Edge transport server
• C. SOCKS hsot
• D. Session layer firewall

Answer: A

Explanation:
The server described in the question is known as a Bastion host. A Bastion host is a special-purpose computer on a network specifically designed and configured to withstand attacks. It is typically placed in a network's demilitarized zone (DMZ) and acts as a proxy server, offering limited services and filtering packets to protect the internal private network from the public network. It is hardened due to its exposure to potential attacks and usually hosts a single application, like a proxy server, while all other services are removed or limited to reduce the threat surface1.
References: The definition and role of a Bastion host align with the objectives and documents of the EC-Council's Certified Network Defender (CND) course, which emphasizes the importance of securing network devices and managing traffic between internal and external networks1

NEW QUESTION # 143
How can one identify the baseline for normal traffic?

• A. When the ACK flag appears at the beginning and the RST flag appears at the end of the connection
• B. When the FIN flag appears at the beginning and the SYN flag appears at the end of the connection
• C. When the SYN flag appears at the beginning and the FIN flag appears at the end of the connection
• D. When the RST flag appears at the beginning and the ACK flag appears at the end of the connection

Answer: B

NEW QUESTION # 144
HexCom, a leading IT Company in the USA, realized that their employees were having trouble accessing multiple servers with different passwords. Due to this, the centralized server was also being overburdened by avoidable network traffic. To overcome the issue, what type of authentication can be given to the employees?

• A. Biometric Authentication
• B. Single Sign-on (SSO)
• C. Two-Factor Authentication
• D. Smart Card Authentication

Answer: B

Explanation:
Single Sign-on (SSO) is an authentication process that allows a user to access multiple applications with one set of login credentials, thereby reducing the need for multiple passwords. This not only simplifies the user experience but also reduces the load on the centralized server by decreasing the network traffic caused by repeated authentication requests. SSO is particularly beneficial in an environment like HexCom's, where employees need to access various servers and systems, as it streamlines the login process and improves security by minimizing the chances of password fatigue and the resultant poor password practices.
References: The explanation aligns with the principles of network security and access management, which are core components of the Certified Network Defender (CND) curriculum. The benefits of SSO in reducing network traffic and improving user experience are well-documented in network security literature12.

NEW QUESTION # 145
According to the company's security policy, all access to any network resources must use Windows Active Directory Authentication. A Linux server was recently installed to run virtual servers and it is not using Windows Authentication. What needs to happen to force this server to use Windows Authentication?

• A. Edit the shadow file.
• B. Edit the ADLIN file.
• C. Edit the PAM file to enforce Windows Authentication
• D. Remove the /var/bin/localauth.conf file.

Answer: C

NEW QUESTION # 146
Bryson is the IT manager and sole IT employee working for a federal agency in Californi a. The agency was just given a grant and was able to hire on 30 more employees for a new extended project. Because of this, Bryson has hired on two more IT employees to train up and work. Both of his new hires are straight out of college and do not have any practical IT experience. Bryson has spent the last two weeks teaching the new employees the basics of computers, networking, troubleshooting techniques etc. To see how these two new hires are doing, he asks them at what layer of the OSI model do Network Interface Cards (NIC) work on. What should the new employees answer?

• A. They should answer with the Presentation layer.
• B. The new employees should say that NICs perform on the Network layer.
• C. They should tell Bryson that NICs perform on the Physical layer
• D. NICs work on the Session layer of the OSI model.

Answer: C

NEW QUESTION # 147
With which of the following forms of acknowledgment can the sender be informed by the data receiver about all segments that have arrived successfully?

• A. Selective Acknowledgment
• B. Negative Acknowledgment
• C. Cumulative Acknowledgment
• D. Block Acknowledgment

Answer: A

NEW QUESTION # 148
In which of the following transmission modes is data sent and received alternatively?

• A. Half-duplex mode
• B. Bridge mode
• C. Simplex mode
• D. Full-duplex mode

Answer: A

NEW QUESTION # 149
What are the responsibilities of the following disaster recovery team? Each correct answer represents a complete solution. Choose all that apply.

• A. Amend and update the disaster recovery plan according to lessons learned from previous disaster recovery efforts.
• B. To inform the management, the injured and the third parties about the disaster.
• C. Monitor the implementation of a disaster recovery plan and evaluate the results.
• D. Starts execution disaster recovery procedures.

Answer: A,B,C,D

NEW QUESTION # 150
Which of the following layers refers to the higher-level protocols used by most applications for network communication?

• A. Application layer
• B. Internet layer
• C. Transport layer
• D. Link layer

Answer: A

NEW QUESTION # 151
In which of the following conditions does the system enter ROM monitor mode? Each correct answer represents a complete solution. Choose all that apply.

• A. The user interrupts the boot sequence.
• B. The router does not find a valid operating system image.
• C. There is a need to set operating parameters.
• D. The router does not have a configuration file.

Answer: A,B

NEW QUESTION # 152
......

Real 312-38 Quesions Pass Certification Exams Easily: https://lead2pass.real4prep.com/312-38-exam.html