Free 2021 Certified Ethical Hacker 312-38 dumps are available by DumpsValid [Q65-Q85]

Free 2021 Certified Ethical Hacker 312-38 dumps are available on Google Drive shared by DumpsValid

Welcome to download the newest DumpsValid 312-38 PDF dumps: https://www.dumpsvalid.com/312-38-still-valid-exam.html ( 171  Q&As)

NEW QUESTION 65
Which of the following is a standard-based protocol that provides the highest level of VPN security?

• A. IP
• B. IPSec
• C. L2TP
• D. PPP

Answer: B

Explanation:
Internet Protocol Security (IPSec) is a standard-based protocol that provides the highest level of VPN security. IPSec can encrypt virtually everything above the networking layer. It is used for VPN connections that use the L2TP protocol. It secures both data and password. IPSec cannot be used with Point-to-Point Tunneling Protocol (PPTP). Answer option B is incorrect. The Internet Protocol (IP) is a protocol used for communicating data across a packet-switched inter-network using the Internet Protocol Suite, also referred to as TCP/IP.IP is the primary protocol in the Internet Layer of the Internet Protocol Suite and has the task of delivering distinguished protocol datagrams (packets) from the source host to the destination host solely based on their addresses. For this purpose, the Internet Protocol defines addressing methods and structures for datagram encapsulation. The first major version of addressing structure, now referred to as Internet Protocol Version 4 (IPv4), is still the dominant protocol of the Internet, although the successor, Internet Protocol Version 6 (IPv6), is being deployed actively worldwide. Answer option C is incorrect. Point-to-Point Protocol (PPP) is a remote access protocol commonly used to connect to the Internet. It supports compression and encryption and can be used to connect to a variety of networks. It can connect to a network running on the IPX, TCP/IP, or NetBEUI protocol. It supports multi-protocol and dynamic IP assignments. It is the default protocol for the Microsoft Dial-Up adapter. Answer option A is incorrect. Layer 2 Tunneling Protocol (L2TP) is a more secure version of Point-to-Point Tunneling Protocol (PPTP). It provides tunneling, address assignment, and authentication. It allows the transfer of Point-to-Point Protocol (PPP) traffic between different networks.L2TP combines with IPSec to provide tunneling and security for Internet Protocol (IP), Internetwork Packet Exchange (IPX), and other protocol packets across IP networks.

 

NEW QUESTION 66
Which of the following is a passive attack?

• A. Session hijacking
• B. Unauthorized access
• C. Traffic analysis
• D. Replay attack

Answer: C

 

NEW QUESTION 67
Which of the following IEEE standards is also called Fast Basic Service Set Transition?

• A. 802.11b
• B. 802.11r
• C. 802.11e
• D. 802.11a

Answer: B

 

NEW QUESTION 68
Attacks are classified into which of the following? Each correct answer represents a complete solution. Choose all that apply.

• A. Active attack
• B. Passive attack
• C. Session hijacking
• D. Replay attack

Answer: A,B

Explanation:
An attack is an action against an information system or network that attempts to violate the system's security policy. Attacks can be broadly classified as being either active or passive. 1.Active attacks modify the target system or message, i.e. they violate the integrity of the system or message. 2.Passive attacks violate confidentiality without affecting the state of the system. An example of such an attack is the electronic eavesdropping on network transmissions to release message contents or to gather unprotected passwords.
Answer options B and D are incorrect. Session hijacking and replay attacks come under the category of active attacks.

 

NEW QUESTION 69
Which of the following layers performs routing of IP datagrams?

• A. Transport layer
• B. Application layer
• C. Link layer
• D. Internet layer

Answer: D

 

NEW QUESTION 70
Which of the following is a credit card-sized device used to securely store personal information and used in
conjunction with a PIN number to authenticate users?

• A. Java card
• B. SD card
• C. Proximity card
• D. Smart card

Answer: D

Explanation:
A smart card is a credit card-sized device used to securely store personal information such as certificates,
public and private keys, passwords, etc. It is used in conjunction with a PIN number to authenticate users. In
Windows, smart cards are used to enable certificate-based authentication. To use smart cards, Extensible
Authentication Protocol (EAP) must be configured in Windows.
Answer option B is incorrect. Java Card is a technology that allows Java-based applications to be run securely
on smart cards and small memory footprint devices. Java Card gives a user the ability to program devices and
make them application specific. It is widely used in SIM
cards and ATM cards. Java Card products are based on the Java Card Platform specifications developed by
Sun Microsystems, a supplementary of Oracle Corporation. Many Java card products also rely on the global
platform specifications for the secure management of applications on the card. The main goals of the Java
Card technology are portability and security.
Answer option A is incorrect. Proximity card (or Prox Card) is a generic name for contactless integrated circuit
devices used for security access or payment systems. It can refer to the older 125 kHz devices or the newer
13.56 MHz contactless RFID cards, most commonly known as contactless smartcards. Modern proximity cards
are covered by the ISO/IEC 14443 (Proximity Card) standard. There is also a related ISO/IEC 15693 (Vicinity
Card) standard. Proximity cards are powered by resonant energy transfer and have a range of 0-3 inches in
most instances. The user will usually be able to leave the card inside a wallet or purse. The price of the cards is
also low, usually US$2-$5, allowing them to be used in applications such as identification cards, keycards,
payment cards and public transit fare cards.
Answer option C is incorrect. Secure Digital (SD) card is a non-volatile memory card format used in portable
devices such as mobile phones, digital cameras, and handheld computers. SD cards are based on the older
MultiMediaCard (MMC) format, but they are a little thicker than MMC cards. Generally an SD card offers a
write-protect switch on its side. SD cards generally measure 32 mm x 24 mm x 2.1 mm, but they can be as thin
as 1.4 mm. The devices that have SD card slots can use the thinner MMC cards, but the standard SD cards
will not fit into the thinner MMC slots. Some SD cards are also available with a USB connector. SD card
readers allow SD cards to be accessed via many connectivity ports such as USB, FireWire, and the common
parallel port.

 

NEW QUESTION 71
Which of the following represents a network that connects two or more LANs in the same geographic area?

• A. SAN
• B. MAN
• C. PAN
• D. WAN

Answer: B

 

NEW QUESTION 72
Which of the following is also known as slag code?

• A. Worm
• B. Trojan
• C. IRC bot
• D. Logic bomb

Answer: D

 

NEW QUESTION 73
CORRECT TEXT
Fill in the blank with the appropriate term. ______________is the use of sensitive words in e-mails to jam the authorities that listen in on them by providing a form of a red herring and an intentional annoyance.

Answer:

Explanation:
Email jamming
Explanation:
Email jamming is the use of sensitive words in e-mails to jam the authorities that listen in on them by providing a form of a red herring and an intentional annoyance. In this attack, an attacker deliberately includes "sensitive" words and phrases in otherwise innocuous emails to ensure that these are picked up by the monitoring systems. As a result the senders of these emails will eventually be added to a "harmless" list and their emails will be no longer intercepted, hence it will allow them to regain some privacy.

 

NEW QUESTION 74
Which of the following is the full form of SAINT?

• A. Security Admin Integrated Network Tool
• B. System Automated Integrated Network Tool
• C. System Administrators Integrated Network Tool
• D. System Admin Integrated Network Tool

Answer: C

Explanation:
Explanation

 

NEW QUESTION 75
What is the range for registered ports?

• A. 49152 through 65535
• B. 1024 through 49151
• C. Above 65535
• D. 0 through 1023

Answer: B

 

NEW QUESTION 76
Which of the following is an attack on a website that changes the visual appearance of the site and seriously damages the trust and reputation of the website?

• A. Spoofing
• B. Website defacement
• C. Buffer overflow
• D. Zero-day attack

Answer: B

Explanation:
Website defacement is an attack on a website that changes the visual appearance of the site. These are typically the work of system crackers, who break into a Web server and replace the hosted website with one of their own. Sometimes, the Defacer makes fun of the system administrator for failing to maintain server security. Most times, the defacement is harmless; however, it can sometimes be used as a distraction to cover up more sinister actions such as uploading malware.
A high-profile website defacement was carried out on the website of the company SCO Group following its assertion that Linux contained stolen code. The title of the page was changed from Red Hat vs. SCO to SCO vs. World with various satirical content.
Answer option D is incorrect. Buffer overflow is a condition in which an application receives more data than it is configured to accept. This usually occurs due to programming errors in the application. Buffer overflow can terminate or crash the application.
Answer option B is incorrect. A zero-day attack, also known as zero-hour attack, is a computer threat that tries to exploit computer application vulnerabilities which are unknown to others, undisclosed to the software vendor, or for which no security fix is available. Zero-day exploits (actual code that can use a security hole to carry out an attack) are used or shared by attackers before the software vendor knows about the vulnerability. User awareness training is the most effective technique to mitigate such attacks.
Answer option C is incorrect. Spoofing is a technique that makes a transmission appear to have come from an authentic source by forging the IP address, email address, caller ID, etc. In IP spoofing, a hacker modifies packet headers by using someone else's IP address to hide his identity. However, spoofing cannot be used while surfing the Internet, chatting on-line, etc. because forging the source IP address causes the responses to be misdirected.

 

NEW QUESTION 77
Which of the following is a credit card-sized device used to securely store personal information and used in conjunction with a PIN number to authenticate users?

• A. Java card
• B. SD card
• C. Proximity card
• D. Smart card

Answer: D

Explanation:
A smart card is a credit card-sized device used to securely store personal information such as certificates, public and private keys, passwords, etc. It is used in conjunction with a PIN number to authenticate users. In Windows, smart cards are used to enable certificate-based authentication. To use smart cards, Extensible Authentication Protocol (EAP) must be configured in Windows. Answer option B is incorrect. Java Card is a technology that allows Java-based applications to be run securely on smart cards and small memory footprint devices. Java Card gives a user the ability to program devices and make them application specific. It is widely used in SIM cards and ATM cards. Java Card products are based on the Java Card Platform specifications developed by Sun Microsystems, a supplementary of Oracle Corporation. Many Java card products also rely on the global platform specifications for the secure management of applications on the card. The main goals of the Java Card technology are portability and security. Answer option A is incorrect. Proximity card (or Prox Card) is a generic name for contactless integrated circuit devices used for security access or payment systems. It can refer to the older 125 kHz devices or the newer 13.56 MHz contactless RFID cards, most commonly known as contactless smartcards.Modern proximity cards are covered by the ISO/IEC 14443 (Proximity Card) standard. There is also a related ISO/IEC 15693 (Vicinity Card) standard. Proximity cards are powered by resonant energy transfer and have a range of 0-3 inches in most instances. The user will usually be able to leave the card inside a wallet or purse. The price of the cards is also low, usually US$2-$5, allowing them to be used in applications such as identification cards, keycards, payment cards and public transit fare cards. Answer option C is incorrect. Secure Digital (SD) card is a non-volatile memory card format used in portable devices such as mobile phones, digital cameras, and handheld computers. SD cards are based on the older MultiMediaCard (MMC) format, but they are a little thicker than MMC cards. Generally an SD card offers a write-protect switch on its side. SD cards generally measure 32 mm x 24 mm x 2.1 mm, but they can be as thin as 1.4 mm. The devices that have SD card slots can use the thinner MMC cards, but the standard SD cards will not fit into the thinner MMC slots. Some SD cards are also available with a USB connector. SD card readers allow SD cards to be accessed via many connectivity ports such as USB, FireWire, and the common parallel port.

 

NEW QUESTION 78
Chris is a senior network administrator. Chris wants to measure the Key Risk Indicator (KRI) to assess the organization. Why is Chris calculating the KRI for his organization? It helps Chris to:

• A. Facilitates backward
• B. Identifies adverse events
• C. Facilitates post Incident management
• D. Notifies when risk has reached threshold levels

Answer: B,D

 

NEW QUESTION 79
Which of the following is a 16-bit field that identifies the source port number of the application program in the host that is sending the segment?

• A. Header Length
• B. Acknowledgment Number
• C. Source Port Address
• D. Sequence Number

Answer: C

Explanation:
Source Port Address is a 16-bit field that identifies the source port number of the application
program in the host that is sending the segment.
Answer option A is incorrect. This is a 32-bit field that identifies the byte number that the sender of
the segment is expecting to receive from the receiver.
Answer option C is incorrect. This is a 4-bit field that defines the 4-byte words in the TCP header.
The header length can be between 20 and 60 bytes. Therefore, the value of this field can be
between 5 and 15.
Answer option D is incorrect. This is a 32-bit field that identifies the number assigned to the first
byte of data contained in the segment.

 

NEW QUESTION 80
CORRECT TEXT
Fill in the blank with the appropriate term. ______________management is an area of systems management that involves acquiring, testing, and installing multiple patches (code changes) to an administered computer system.

Answer:

Explanation:
Patch
Explanation:
Patch management is an area of systems management that involves acquiring, testing, and installing multiple patches (code changes) to an administered computer system. Patch management includes the following tasks: Maintaining current knowledge of available patches Deciding what patches are appropriate for particular systems Ensuring that patches are installed properly Testing systems after installation, and documenting all associated procedures, such as specific configurations required A number of products are available to automate patch management tasks, including RingMaster's Automated Patch Management, PatchLink Update, and Gibraltar's Everguard.

 

NEW QUESTION 81
Which of the following sets of incident response practices is recommended by the CERT/CC?

• A. Prepare, handle, and notify
• B. Notify, handle, and follow up
• C. Prepare, notify, and follow up
• D. Prepare, handle, and follow up

Answer: D

 

NEW QUESTION 82
What command is used to terminate certain processes in an Ubuntu system?

• A. # netstat Kill [Target Process]
• B. #grep Kill [Target Process}
• C. #kill-9[PID]
• D. #ps ax Kill

Answer: D

 

NEW QUESTION 83
Adam works as a Professional Penetration Tester. A project has been assigned to him to test the vulnerabilities of the CISCO Router of Umbrella Inc. Adam finds out that HTTP Configuration Arbitrary Administrative Access Vulnerability exists in the router. By applying different password cracking tools, Adam gains access to the router. He analyzes the router config file and notices the following lines:
logging buffered errors
logging history critical
logging trap warnings
logging 10.0.1.103
By analyzing the above lines, Adam concludes that this router is logging at log level 4 to the syslog server 10.0.1.103. He decides to change the log level from 4 to 0.
Which of the following is the most likely reason of changing the log level?

• A. Changing the log level from 4 to 0 will result in the logging of only emergencies. This way the modification in the router is not sent to the syslog server.
• B. Changing the log level grants access to the router as an Administrator.
• C. Changing the log level from 4 to 0 will result in the termination of logging. This way the modification in the router is not sent to the syslog server.
• D. By changing the log level, Adam can easily perform a SQL injection attack.

Answer: A

Explanation:
The Router Log Level directive is used by the sys log server to specify the level of severity of the log. This directive is used to control the types of errors that are sent to the error log by constraining the severity level. Eight different levels are present in the Log Level directive, which are shown below in order of their descending significance: Number Level Description 0emergEmergencies - system is unusable 1alertAction must be taken immediately 2critCritical Conditions 3errorError conditions 4warnWarning conditions 5notice Normal but significant condition 6infoInformational 7debug Debug-level messages Note: When a certain level is specified, the messages from all other levels of higher significance will also be reported. For example, when Log Level crit is specified, then messages with log levels of alert and emerg will also be reported.

 

NEW QUESTION 84
Which of the following statements are TRUE about Demilitarized zone (DMZ)? Each correct answer represents a complete solution. Choose all that apply.

• A. The purpose of a DMZ is to add an additional layer of security to the Local Area Network of an organization.
• B. In a DMZ configuration, most computers on the LAN run behind a firewall connected to a public network like the Internet.
• C. Hosts in the DMZ have full connectivity to specific hosts in the internal network.
• D. Demilitarized zone is a physical or logical sub-network that contains and exposes external services of an organization to a larger un-trusted network.

Answer: A,B,D

Explanation:
A demilitarized zone (DMZ) is a physical or logical subnetwork that contains and exposes external services of an organization to a larger network, usually the Internet. The purpose of a DMZ is to add an additional layer of security to an organization's Local Area Network (LAN); an external attacker only has access to equipment in the DMZ, rather than the whole of the network. Hosts in the DMZ have limited connectivity to specific hosts in the internal network, though communication with other hosts in the DMZ and to the external network is allowed.
This allows hosts in the DMZ to provide services to both the internal and external networks, while an intervening firewall controls the traffic between the DMZ servers and the internal network clients. In a DMZ configuration, most computers on the LAN run behind a firewall connected to a public network such as the Internet.

 

NEW QUESTION 85
......

Tested Material Used To 312-38: https://www.dumpsvalid.com/312-38-still-valid-exam.html

Following are some new 312-38 Real Exam Questions!: https://drive.google.com/open?id=10EYI4gRWgEzrLTNiyLRydFu-w5VMuMyH