Updated Free EC-COUNCIL 312-38 Test Engine Questions with 232 Q&As [Q50-Q75]

Updated Free EC-COUNCIL 312-38 Test Engine Questions with 232 Q&As

The Best Certified Ethical Hacker 312-38 Professional Exam Questions

NEW QUESTION # 50
Kyle is an IT technician managing 25 workstations and 4 servers. The servers run applications and mostly store confidential data. Kyle must backup the server's data daily to ensure nothing is lost. The power in the company's office is not always reliable, Kyle needs to make sure the servers do not go down or are without power for too long. Kyle decides to purchase an Uninterruptible Power Supply (UPS) that has a pair of inverters and converters to charge the battery and provides power when needed. What type of UPS has Kyle purchased?

• A. He has bought a Standby UPS
• B. Kyle purchased a Ferro resonant Standby UPS.
• C. Kyle purchased a Line-Interactive UPS
• D. He purchased a True Online UPS.

Answer: A

NEW QUESTION # 51
Identify the minimum number of drives required to setup RAID level 5.

• A. 0
• B. 1
• C. 2
• D. Multiple

Answer: C

NEW QUESTION # 52
Which of the following protocols is used by the Remote Authentication Dial In User Service (RADIUS) client/server protocol for data transmission?

• A. FTP
• B. DCCP
• C. UDP
• D. FCP

Answer: C

NEW QUESTION # 53
Which of the following is designed to detect unwanted changes by observing the flame of the environment associated with combustion?

• A. Gaseous fire-extinguishing systems
• B. sprinkler
• C. Fire extinguishing system
• D. None
• E. Smoke alarm system

Answer: E

NEW QUESTION # 54
In which of the following transmission modes is communication uni-directional?

• A. Full-duplex mode
• B. Simplex mode
• C. Root mode
• D. Half-duplex mode

Answer: B

NEW QUESTION # 55
Which of the following attacks are computer threats that try to exploit computer application vulnerabilities that are unknown to others or undisclosed to the software developer? Each correct answer represents a complete solution. Choose all that apply.

• A. Zero-hour
• B. Buffer overflow
• C. Spoofing
• D. Zero-day

Answer: A,D

Explanation:
A zero-day attack, also known as zero-hour attack, is a computer threat that tries to exploit computer application vulnerabilities which are unknown to others, undisclosed to the software vendor, or for which no security fix is available. Zero-day exploits (actual code that can use a security hole to carry out an attack) are used or shared by attackers before the software vendor knows about the vulnerability. User awareness training is the most effective technique to mitigate such attacks.
Answer option C is incorrect. Spoofing is a technique that makes a transmission appear to have come from an authentic source by forging the IP address, email address, caller ID, etc. In IP spoofing, a hacker modifies packet headers by using someone else's IP address to hide his identity. However, spoofing cannot be used while surfing the Internet, chatting on-line, etc. because forging the source IP address causes the responses to be misdirected.
Answer option A is incorrect. Buffer overflow is a condition in which an application receives more data than it is configured to accept. This usually occurs due to programming errors in the application. Buffer overflow can terminate or crash the application.

NEW QUESTION # 56
Which of the following is a network that supports mobile communications across an arbitrary number of wireless LANs and satellite coverage areas?

• A. WAN
• B. GAN
• C. LAN
• D. HAN

Answer: B

Explanation:
A global area network (GAN) is a network that is used for supporting mobile communications across an arbitrary number of wireless LANs, satellite coverage areas, etc. The key challenge in mobile communications is handing off the user communications from one local coverage area to the next.
Answer option B is incorrect. A wide area network (WAN) is a geographically dispersed telecommunications network. The term distinguishes a broader telecommunication structure from a local area network (LAN). A wide area network may be privately owned or rented, but the term usually connotes the inclusion of public (shared user) networks. An intermediate form of network in terms of geography is a metropolitan area network (MAN). A wide area network is also defined as a network of networks, as it interconnects LANs over a wide geographical area.
Answer option D is incorrect. A home area network (HAN) is a residential LAN that is used for communication between digital devices typically deployed in the home, usually a small number of personal computers and accessories, such as printers and mobile computing devices.
Answer option A is incorrect. The Local Area Network (LAN) is a group of computers connected within a restricted geographic area, such as residence, educational institute, research lab, and various other organizations. It allows the users to share files and services, and is commonly used for intra-office communication. The LAN has connections with other LANs via leased lines, leased services, or by tunneling across the Internet using the virtual private network technologies.

NEW QUESTION # 57
Peter, a malicious hacker, obtains e-mail addresses by harvesting them from postings, blogs, DNS listings, and Web pages. He then sends a large number of unsolicited commercial e-mail (UCE) messages to these addresses. Which of the following e-mail crimes is Peter committing?

• A. E-mail spam
• B. E-mail spoofing
• C. E-mail bombing
• D. E-mail storm

Answer: A

Explanation:
Peter is performing spamming activity. Spam is a term that refers to the unsolicited e-mails sent to a large number of e-mail users. The number of such e-mails is increasing day by day, as most companies now prefer to use e-mails for promoting their products. Because of these unsolicited e-mails, legitimate e-mails take a much longer time to deliver to their destination. The attachments sent through spam may also contain viruses. However, spam can be stopped by implementing spam filters on servers and e-mail clients. Answer option C is incorrect. Mail bombing is an attack that is used to overwhelm mail servers and clients by sending a large number of unwanted e-mails. The aim of this type of attack is to completely fill the recipient's hard disk with immense, useless files, causing at best irritation, and at worst total computer failure. E-mail filtering and properly configuring email relay functionality on mail servers can be helpful for protection against this type of attack. Answer option B is incorrect. An e-mail storm is a sudden spike of Reply All messages on an e-mail distribution list, usually caused by a controversial or misdirected message. Such storms start when multiple members of the distribution list reply to the entire list at the same time in response to an instigating message. Other members soon respond, usually adding vitriol to the discussion, asking to be removed from the list, or pleading for the cessation of messages. If enough members reply to these unwanted messages, this triggers a chain reaction of e-mail messages. The sheer load of traffic generated by these storms can render the e-mail servers carrying them inoperative, similar to a DDoS attack. Some e-mail viruses also have the capacity to create e-mail storms, by sending copies of themselves to an infected user's contacts, including distribution lists, infecting the contacts in turn. Answer option D is incorrect. E-mail spoofing is a term used to describe e-mail activity in which the sender address and other parts of the e-mail header are altered to appear as though the e-mail originated from a different source. E-mail spoofing is a technique commonly used for spam e-mail and phishing to hide the origin of an e-mail message. By changing certain properties of the e-mail, such as the From, Return-Path, and Reply-To fields (which can be found in the message header), ill-intentioned users can make the e-mail appear to be from someone other than the actual sender. The result is that, although the e-mail appears to come from the address indicated in the From field, it actually comes from another source.

NEW QUESTION # 58
Steven is a Linux system administrator at an IT company. He wants to disable unnecessary services in the system, which can be exploited by the attackers. Which among the following is the correct syntax for disabling a service?

• A. $ sudo system ctl disable [service]
• B. $ sudo system.ctl disable [service]
• C. $ sudo system-ctl disable [service]
• D. $ sudo systemctl disable [service]

Answer: D

NEW QUESTION # 59
Which of the following is a non-profit organization that oversees the allocation of IP addresses, management of
the DNS infrastructure, protocol parameter assignment, and root server system management?

• A. ANSI
• B. ITU
• C. IEEE
• D. ICANN

Answer: D

Explanation:
ICANN stands for Internet Corporation for Assigned Names and Numbers. ICANN is responsible for managing
the assignment of domain names and IP addresses. ICANN's tasks include responsibility for IP address space
allocation, protocol identifier assignment, top-level domain name system management, and root server system
management functions. Internet Corporation for Assigned Names and Numbers (ICANN) is a non-profit
organization that oversees the allocation of IP addresses, management of the DNS infrastructure, protocol
parameter assignment, and root server system management.
Answer option B is incorrect. Institute of Electrical and Electronics Engineers (IEEE) is an organization of
engineers and electronics professionals who develop standards for hardware and software.
Answer option C is incorrect. The International Telecommunication Union is an agency of the United Nations
which regulates information and communication technology issues. ITU coordinates the shared global use of
the radio spectrum, promotes international cooperation in assigning satellite orbits, works to improve
telecommunication infrastructure in the developing world and establishes worldwide standards. ITU is active in
areas including broadband Internet, latest-generation wireless technologies, aeronautical and maritime
navigation, radio astronomy, satellite-based meteorology, convergence in fixed-mobile phone, Internet access,
data, voice, TV broadcasting, and next-generation networks.
Answer option A is incorrect. ANSI (American National Standards Institute) is the primary organization for
fostering the development of technology standards in the United States. ANSI works with industry groups and
is the U.S. member of the International Organization for Standardization (ISO) and the International
Electrotechnical Commission (IEC). Long-established computer standards from ANSI include the American
Standard Code for Information Interchange (ASCII) and the Small Computer System Interface (SCSI).

NEW QUESTION # 60
You are using more than the safety of the existing network. You'll find a machine that is not in use as such, but is a software that emulates the operation of a sensitive database server. What is this?

• A. Virus
• B. The polymorphic virus
• C. Honey Pot
• D. The reactive IDS
• E. None

Answer: C

NEW QUESTION # 61
Based on which of the following registry key, the Windows Event log audit configurations are recorded?

• A. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\EventLog\ < EntAppsvc >
• B. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\ < Event Log >
• C. HKEY_LOCAL_MACHINE\SYSTEM\Services\EventLog\ < ErrDev >
• D. HKEY_LOCAL_MACHINE\CurrentControlSet\Services\EventLog\< ESENT >

Answer: B

NEW QUESTION # 62
Which of the following UTP cables uses four pairs of twisted cable and provides transmission speeds of up to
16 Mbps?

• A. Category 3
• B. Category 5
• C. Category 6
• D. Category 5e

Answer: A

Explanation:
Category 3 type of UTP cable uses four pairs of twisted cable and provides transmission speeds of up to 16
Mbps. They are commonly used in Ethernet networks that operate at the speed of 10 Mbps. A higher speed is
also possible by these cables implementing the Fast Ethernet (100Base-T4) specifications. This cable is used
mainly for telephone systems.
Answer option C is incorrect. This category of UTP cable is the most commonly used cable in present day
networks. It consists of four twisted pairs and is used in those Ethernet networks that run at the speed of 100
Mbps. Category 5 cable can also provide a higher speed of up to 1000 Mbps.
Answer option A is incorrect. It is also known as Category 5 Enhanced cable. Its specification is the same as
category 5, but it has some enhanced features and is used in Ethernets that run at the speed of 1000 Mbps.
Answer option D is incorrect. This category of UTP cable is designed to support high-speed networks that run
at the speed of 1000 Mbps. It consists of four pairs of wire and uses all of them for data transmission. Category
6 provides more than twice the speed of Category 5e, but is also more expensive.

NEW QUESTION # 63
Which of the following biometric devices is used to take impressions of the friction ridges of the skin on the underside of the tip of the fingers?

• A. Voice recognition voiceprint
• B. Facial recognition device
• C. Iris camera
• D. Fingerprint reader

Answer: D

Explanation:
A fingerprint reader is used to take impressions of the friction ridges of the skin on the underside of the tip of the fingers. Fingerprints help in identifying users and are unique and different to everyone and do not change over time. Even identical twins who share their DNA do not have the same fingerprints. Police and Government agencies have used these modes in order to identify humans for many years, but other agencies are starting to use biometric fingerprint readers for identification in many different applications. A fingerprint is created when the friction ridges of the skin come in contact with a surface that is receptive to a print by means of an agent to form the print like perspiration, oil, ink, grease, and many more. The agent is then transferred to the surface and leaves an impression which creates the fingerprint.
Answer option B is incorrect. An iris camera is used to perform recognition detection of a user's identity by mathematical analysis of the random patterns that are visible within the iris of an eye from some distance. It is used to combine computer vision, pattern recognition, statistical inference, and optics.
Answer option A is incorrect. A facial recognition device helps in viewing an image or video of a person and compares it to one that is in the database. It performs facial recognition by comparing the following: Structure, shape, and proportions of the face Distance between the eyes, nose, mouth, and jaw Upper outlines of the eye sockets The sides of the mouth Location of the nose and eyes The area surrounding the check bones. Answer option C is incorrect. A voice recognition voiceprint is a spectrogram, which is a graph that shows a sound's frequency on the vertical axis and time on the horizontal axis. Different speech sounds help in creating different shapes on the graph. Spectrograms also use color or shades of gray to represent the acoustical qualities of sound.

NEW QUESTION # 64
Which of the following is a centralized collection of honeypots and analysis tools?

• A. Production honeypot
• B. Honeyfarm
• C. Honeynet
• D. Research honeypot

Answer: B

NEW QUESTION # 65
Which of the following is a process of transformation where the old system can no longer be maintained?

• A. Disaster
• B. Risk
• C. Threat
• D. Crisis

Answer: D

NEW QUESTION # 66
CORRECT TEXT
Fill in the blank with the appropriate term.The ______________is a communication protocol that communicates information between the network routers and the multicast end stations.

Answer:

Explanation:
IGMP
Explanation:
The Internet Group Management Protocol (IGMP) is a communication protocol that communicates information between the network routers and the multicast end stations. It allows the receivers to request a multicast data stream from a specific group address. However, multicast traffic is sent to a single MAC address but is processed by multiple hosts.The IGMP allows an end station to connect to a multicast group and leave it, while being connected to the group address. It can be effectively used for gaming and showing online videos. Although it does not actually act as a transport protocol, it operates above the network layer. It is analogous to ICMP for unicast connections. It is susceptible to some attacks, so firewalls commonly allow the user to disable it if not needed.

NEW QUESTION # 67
Which of the following can be performed with software or hardware devices in order to record everything a person types using his keyboard?

• A. Warchalking
• B. Keystroke logging
• C. War dialing
• D. IRC bot

Answer: B

Explanation:
Keystroke logging is a method of logging and recording user keystrokes. It can be performed with software or hardware devices. Keystroke logging devices can record everything a person types using his keyboard, such as to measure employee's productivity on certain clerical tasks. These types of devices can also be used to get usernames, passwords, etc. Answer option C is incorrect. War dialing is a technique of using a modem to automatically scan a list of telephone numbers, usually dialing every number in a local area code to search for computers, BBS systems, and fax machines. Hackers use the resulting lists for various purposes, hobbyists for exploration, and crackers (hackers that specialize in computer security) for password guessing. Answer option A is incorrect. Warchalking is the drawing of symbols in public places to advertise an open Wi-Fi wireless network. Having found a Wi-Fi node, the warchalker draws a special symbol on a nearby object, such as a wall, the pavement, or a lamp post. The name warchalking is derived from the cracker terms war dialing and war driving. Answer option D is incorrect. An Internet Relay Chat (IRC) bot is a set of scripts or an independent program that connects to Internet Relay Chat as a client, and so appears to other IRC users as another user. An IRC bot differs from a regular client in that instead of providing interactive access to IRC for a human user, it performs automated functions.

NEW QUESTION # 68
Which of the following tools are NOT used for logging network activities in the Linux operating system? Each correct answer represents a complete solution. Choose all that apply.

• A. Swatch
• B. Timbersee
• C. PsLoggedOn
• D. PsGetSid

Answer: C,D

Explanation:
PsLoggedOn and PsGetSid are not logging tools. They are command-line utilities used in the Windows operating system.
PsLoggedOn is an applet that displays both the local and remote logged on users. If an attacker specifies a user name instead of a computer, PsLoggedOn searches the computers in the network and tells whether the user is currently logged on or not. The command syntax for PsLoggedOn is as follows:
psloggedon [- ] [-l] [-x] [\\computername | username]
PsGetSid is a tool that is used to query SIDs remotely. Using PsGetSid, the attacker can access the SIDs of user accounts and translate an SID into the user name. The command syntax for PsGetSid is as follows:
psgetsid [\\computer[,computer[,...] | @file] [-u username [-p password]]] [account|SID] Answer options C and D are incorrect. Timbersee and Swatch are tools used for logging network activities in the Linux operating system.

NEW QUESTION # 69
CORRECT TEXT
Fill in the blank with the appropriate term. A ______________ is a physical or logical subnetwork that adds an additional layer of security to an organization's Local Area Network (LAN).

Answer:

Explanation:
demilitarized zone
Explanation:
A demilitarized zone (DMZ) is a physical or logical subnetwork that contains and exposes external services of an organization to a larger network, usually the Internet. The purpose of a DMZ is to add an additional layer of security to an organization's Local Area Network (LAN); an external attacker only has access to equipment in the DMZ, rather than the whole of the network. Hosts in the DMZ have limited connectivity to specific hosts in the internal network, though communication with other hosts in the DMZ and to the external network is allowed. This allows hosts in the DMZ to provide services to both the internal and external networks, while an intervening firewall controls the traffic between the DMZ servers and the internal network clients. In a DMZ configuration, most computers on the LAN run behind a firewall connected to a public network such as the Internet.

NEW QUESTION # 70
Henry, head of network security at Gentech, has discovered a general report template that someone has reserved only for the CEO. Since the file has to be editable, viewable, and deletable by everyone, what permission value should he set?

• A. 0
• B. 1
• C. 2
• D. 3

Answer: D

NEW QUESTION # 71
Which of the following is a network that supports mobile communications across an arbitrary number of wireless LANs and satellite coverage areas?

• A. WAN
• B. GAN
• C. LAN
• D. HAN

Answer: B

NEW QUESTION # 72
In Public Key Infrastructure (PKI), which authority is responsible for issuing and verifying the certificates?

• A. Certificate authority
• B. Digital signature authority
• C. Registration authority
• D. Digital Certificate authority

Answer: A

NEW QUESTION # 73
Which of the following standards is a proposed enhancement to the 802.11a and 802.11b wireless LAN (WLAN) specifications that offers quality of service (QoS) features, including the prioritization of data, voice, and video transmissions?

• A. 802.11n
• B. 802.11e
• C. 802.11h
• D. 802.15

Answer: B

NEW QUESTION # 74
Which of the following protocols is a method of implementing virtual private networks?

• A. IRDP
• B. PPTP
• C. OSPF
• D. DHCP

Answer: B

NEW QUESTION # 75
......

Try 100% Updated 312-38 Exam Questions [2024]: https://www.realvalidexam.com/312-38-real-exam-dumps.html

Pass 312-38 Exam - Real Questions and Answers: https://drive.google.com/open?id=1Cq5HCvper908An8LRiR5L7AHGQraiL4A