New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: best70

312-38 Certified Network Defender (CND) Questions and Answers

Questions 4

Which of the following network security protocols protects from sniffing attacks by encrypting entire communication between the clients and server including user passwords?

Options:

A.

TACACS+

B.

RADIUS

C.

CHAP

D.

PAP

Buy Now
Questions 5

Bankofamerica Enterprise is working on an internet and usage policy in a way to control the

internet demand. What group of policy does this belong to?

Options:

A.

Enterprise Information Security Policy

B.

Issue Specific Security Policy

C.

Network Services Specific Security Policy

D.

System Specific Security Policy

Buy Now
Questions 6

You are tasked to perform black hat vulnerability assessment for a client. You received official written permission to work with: company site, forum, Linux server with LAMP, where this site is hosted.

Which vulnerability assessment tool should you consider using?

Options:

A.

OpenVAS

B.

hping

C.

wireshark

D.

dnsbrute

Buy Now
Questions 7

In ______ method, event logs are arranged in the form of a circular buffer.

Options:

A.

Non-wrapping method

B.

LIFO method

C.

Wrapping method

D.

FIFO method

Buy Now
Questions 8

Assume that you are a network administrator and the company has asked you to draft an Acceptable Use Policy (AUP) for employees. Under which category of an information security policy does AUP fall into?

Options:

A.

System Specific Security Policy (SSSP)

B.

Incident Response Policy (IRP)

C.

Enterprise Information Security Policy (EISP)

D.

Issue Specific Security Policy (ISSP)

Buy Now
Questions 9

How is application whitelisting different from application blacklisting?

Options:

A.

It allows all applications other than the undesirable applications

B.

It allows execution of trusted applications in a unified environment

C.

It allows execution of untrusted applications in an isolated environment

D.

It rejects all applications other than the allowed applications

Buy Now
Questions 10

HexCom, a leading IT Company in the USA, realized that their employees were having trouble accessing multiple servers with different passwords. Due to this, the centralized server was also being

overburdened by avoidable network traffic. To overcome the issue, what type of authentication can be given to the employees?

Options:

A.

Two-Factor Authentication

B.

Biometric Authentication

C.

Single Sign-on (SSO)

D.

Smart Card Authentication

Buy Now
Questions 11

Which of the following helps prevent executing untrusted or untested programs or code from untrusted or unverified third-parties?

Options:

A.

Application sandboxing

B.

Deployment of WAFS

C.

Application whitelisting

D.

Application blacklisting

Buy Now
Questions 12

Which of the following is not part of the recommended first response steps for network defenders?

Options:

A.

Restrict yourself from doing the investigation

B.

Extract relevant data from the suspected devices as early as possible

C.

Disable virus protection

D.

Do not change the state of the suspected device

Buy Now
Questions 13

Which among the following is used to limit the number of cmdlets or administrative privileges of administrator, user, or service accounts?

Options:

A.

Just Enough Administration (EA)

B.

User Account Control (UAC)

C.

Windows Security Identifier (SID)

D.

Credential Guard

Buy Now
Questions 14

John has been working a* a network administrator at an IT company. He wants to prevent misuse of accounts by unauthorized users. He wants to ensure that no accounts have empty passwords. Which of the following commands does John use to list all the accounts with an empty password?

Options:

A.

B.

C.

D.

Buy Now
Questions 15

Which type of wireless network attack is characterized by an attacker using a high gain amplifier from a nearby location to drown out the legitimate access point signal?

Options:

A.

Jamming signal attack

B.

Ad Hoc Connection attack

C.

Rogue access point attack

D.

Unauthorized association

Buy Now
Questions 16

Identify the network topology where each computer acts as a repeater and the data passes from one computer to the other in a single direction until it reaches the destination.

Options:

A.

Ring

B.

Mesh

C.

Bus

D.

Star

Buy Now
Questions 17

Which of the following provides a set of voluntary recommended cyber security features to include in network-capable loT devices?

Options:

A.

GCMA

B.

FCMA

C.

NIST

D.

GLBA

Buy Now
Questions 18

What cryptography technique can encrypt small amounts of data and applies it to digital signatures?

Options:

A.

Hashing

B.

Asymmetric encryption

C.

Symmetric encryption

D.

Digital certificates

Buy Now
Questions 19

If there is a fire incident caused by an electrical appliance short-circuit, which fire suppressant should be used to control it?

Options:

A.

Water

B.

Wet chemical

C.

Dry chemical

D.

Raw chemical

Buy Now
Questions 20

Which type of information security policy addresses the implementation and configuration of technology and user behavior?

Options:

A.

Enterprise information security policy

B.

Acceptable use policy

C.

System specific security policy

D.

Issue-specific security policy

Buy Now
Questions 21

On which layer of the OSI model does the packet filtering firewalls work?

Options:

A.

Network Layer

B.

Application Layer

C.

Session Layer

D.

Physical Layer

Buy Now
Questions 22

Individuals in the organization using system resources against acceptable usage policies indicates which of the following security incident:

Options:

A.

Malicious Code

B.

Denial-of-Service ( DoS )

C.

Improper Usage

D.

Unauthorized Access

Buy Now
Questions 23

Management asked Adam to implement a system allowing employees to use the same credentials to access multiple applications. Adam should implement the--------------------------authentication technique to satisfy the

management request.

Options:

A.

Two-factor Authentication

B.

Smart Card Authentication

C.

Single-sign-on

D.

Biometric

Buy Now
Questions 24

Match the following NIST security life cycle components with their activities:

Options:

A.

1-ii, 2-i, 3-v, 4-iv

B.

1-iii, 2-iv, 3-v, 4-i

C.

1-iv, 2-iii, 3-v, 4-i

D.

1-i, 2-v, 3-iii, 4-ii

Buy Now
Questions 25

Which of the following VPN topologies establishes a persistent connection between an organization's main office and its branch offices using a third-party network or the Internet?

Options:

A.

Star

B.

Point-to-Point

C.

Full Mesh

D.

Hub-and-Spoke

Buy Now
Questions 26

Katie has implemented the RAID level that split data into blocks and evenly write the data to multiple hard drives but does not provide data redundancy. This type of RAID level requires a minimum of________in order to

setup.

Options:

A.

Four drives

B.

Three drives

C.

Two drives

D.

Six drives

Buy Now
Questions 27

Which of the following network security controls can an administrator use to detect, deflect or study attempts to gain unauthorized access to information systems?

Options:

A.

IDS/IPS

B.

Network Protocol Analyzer

C.

Proxy Server

D.

Honeypot

Buy Now
Questions 28

Who acts as an intermediary to provide connectivity and transport services between cloud consumers and providers?

Options:

A.

Cloud Auditor

B.

Cloud Broker

C.

Cloud Carrier

D.

Cloud Consultant

Buy Now
Questions 29

John is a network administrator and is monitoring his network traffic with the help of Wireshark. He suspects that someone from outside is making a TCP OS fingerprinting attempt on his organization's network. Which

of the following Wireshark filter(s) will he use to locate the TCP OS fingerprinting attempt?

Options:

A.

Tcp.flags==0x2b

B.

Tcp.flags=0x00

C.

Tcp.options.mss_val<1460

D.

Tcp.options.wscale_val==20

Buy Now
Questions 30

Which of the following includes examining the probability, impact status, and exposure of risk?

Options:

A.

Risk Review

B.

Risk Tracking

C.

Risk Identification

D.

Risk Assessment

Buy Now
Questions 31

You are using Wireshark to monitor your network traffic and you see a lot of packages with FIN,

PUSH and URG flags activated; what can you infer about this behavior?

Options:

A.

The Layer 3 Controls are activated in the Switches

B.

The Spanning Tree Protocol is activated in the Switches

C.

One NIC is broadcasting erroneous traffic

D.

An attacker is running a XMAS scan against the network

Buy Now
Questions 32

Arman transferred some money to his friend’s account using a net banking service. After a few hours, his friend informed him that he hadn’t received the money yet. Arman logged on to the bank’s website to investigate and discovered that the amount had been transferred to an unknown account instead. The bank, upon receiving Arman’s complaint, discovered that someone had established a station between Arman’s and the bank server’s communication system. The station intercepted the communication and inserted another account number replacing his friend’s account number. What is

such an attack called?

Options:

A.

Privilege Escalation

B.

DNS Poisoning

C.

Man-in-the-Middle Attack

D.

DNS Cache Poisoning

Buy Now
Questions 33

Which of the following provides the target for designing DR and BC solutions?

Options:

A.

RCO

B.

RTO

C.

RPO

D.

RGO

Buy Now
Questions 34

Which RAID level does not provide data redundancy?

Options:

A.

RAID level 0

B.

RAID level 1

C.

RAID level 50

D.

RAID level 10

Buy Now
Questions 35

Which protocol would the network administrator choose for the wireless network design. If he

needs to satisfy the minimum requirement of 2.4 GHz, 22 MHz of bandwidth, 2 Mbits/s stream for data

rate and use DSSS for modulation.

Options:

A.

802.11a

B.

802.11g

C.

802.11b

D.

802.11n

Buy Now
Questions 36

The network administrator wants to strengthen physical security in the organization. Specifically, to

implement a solution stopping people from entering certain restricted zones without proper credentials.

Which of following physical security measures should the administrator use?

Options:

A.

Video surveillance

B.

Fence

C.

Mantrap

D.

Bollards

Buy Now
Questions 37

If Myron, head of network defense at Cyberdyne, wants to change the default password policy settings on the company’s Linux systems, which directory should he access?

Options:

A.

/etc/logrotate.conf

B.

/etc/hosts.allow

C.

/etc/crontab

D.

/etc/login.defs

Buy Now
Questions 38

Choose the correct order of steps to analyze the attack surface.

Options:

A.

Identify the indicators of exposure->visualize the attack surface->simulate the attack->reduce the attack surface

B.

Visualize the attack surface->simulate the attack->identify the indicators of exposure->reduce the attack surface

C.

Identify the indicators of exposure->simulate the attack->visualize the attack surface->reduce the attack surface

D.

Visualize the attack surface->identify the indicators of exposure->simulate the attack->reduce the attack surface

Buy Now
Questions 39

Which type of risk treatment process Includes not allowing the use of laptops in an organization to ensure its security?

Options:

A.

Risk avoidance

B.

Mitigate the risk

C.

Eliminate the risk

D.

Reduce the risk

Buy Now
Questions 40

Which of the following provides enhanced password protection, secured loT connections, and encompasses stronger encryption techniques?

Options:

A.

WPA3

B.

WEP

C.

WPA

D.

WPA2

Buy Now
Questions 41

USB ports enabled on a laptop is an example of____

Options:

A.

System Attack Surface

B.

Network Attack Surface

C.

Physical Attack Surface

D.

Software attack Surface

Buy Now
Questions 42

James was inspecting ARP packets in his organization's network traffic with the help of Wireshark. He is checking the volume of traffic containing ARP requests as well as the source IP address from which they are

originating. Which type of attack is James analyzing?

Options:

A.

ARP Sweep

B.

ARP misconfiguration

C.

ARP spoofinq

D.

ARP Poisioning

Buy Now
Questions 43

Who is responsible for conveying company details after an incident?

Options:

A.

PR specialist

B.

IR officer

C.

IR manager

D.

IR custodians

Buy Now
Questions 44

Management wants to calculate the risk factor for their organization. Kevin, a network administrator in the organization knows how to calculate the risk factor. Certain parameters are required before calculating risk

factor. What are they? (Select all that apply) Risk factor =.............X...............X...........

Options:

A.

Vulnerability

B.

Impact

C.

Attack

D.

Threat

Buy Now
Questions 45

The security network team is trying to implement a firewall capable of operating only in the session

layer, monitoring the TCP inter-packet link protocol to determine when a requested session is legitimate

or not. Using the type of firewall,they could be able to intercept the communication, making the

external network see that the firewall is the source, and facing the user, who responds from the outside

is the firewall itself. They are just limiting a requirements previous listed, because they have already

have a packet filtering firewall and they must add a cheap solution that meets the objective. What kind

of firewall would you recommend?

Options:

A.

Application Proxies

B.

Packet Filtering with NAT

C.

Circuit Level Gateway

D.

Application Level Gateways

Buy Now
Questions 46

Which of the following statement holds true in terms of containers?

Options:

A.

Container requires more memory space

B.

Each container runs in its own OS

C.

Container is fully isolated; hence, more secure

D.

Process-level isolation happens; a container in hence less secure

Buy Now
Questions 47

The--------------protocol works in the network layer and is responsible for handling the error codes during the delivery of packets. This protocol is also responsible for providing communication in the TCP/IP stack.

Options:

A.

RARP

B.

ICMP

C.

DHCP

D.

ARP

Buy Now
Questions 48

-----------is a group of broadband wireless communications standards for Metropolitan Area Networks (MANs)

Options:

A.

802.15.4

B.

802.15

C.

802.12

D.

802.16

Buy Now
Questions 49

Identify the Password Attack Technique in which the adversary attacks cryptographic hash functions based on the probability, that if a hashing process is used for creating a key, then the same is

used for other keys?

Options:

A.

Dictionary Attack

B.

Brute Forcing Attack

C.

Hybrid Attack

D.

Birthday Attack

Buy Now
Questions 50

Who is responsible for executing the policies and plans required for supporting the information technology and computer systems of an organization?

Options:

A.

Senior management

B.

IT security practitioners

C.

Business and functional managers

D.

Chief Information Officer (CIO)

Buy Now
Questions 51

Which of the following commands can be used to disable unwanted services on Debian, Ubuntu and other Debian-based Linux distributions?

Options:

A.

# chkconfig [service name]off

B.

# chkconfig [service name] –del

C.

# service [service name] stop

D.

# update-rc.d -f [service name] remove

Buy Now
Questions 52

Frank is a network technician working for a medium-sized law firm in Memphis. Frank and two other IT employees take care of all the technical needs for the firm. The firm's partners have asked that a secure wireless

network be implemented in the office so employees can move about freely without being tied to a network cable. While Frank and his colleagues are familiar with wired Ethernet technologies, 802.3, they are not familiar

with how to setup wireless in a business environment. What IEEE standard should Frank and the other IT employees follow to become familiar with wireless?

Options:

A.

The IEEE standard covering wireless is 802.9 and they should follow this.

B.

802.7 covers wireless standards and should be followed

C.

They should follow the 802.11 standard

D.

Frank and the other IT employees should follow the 802.1 standard.

Buy Now
Questions 53

Which of the following types of information can be obtained through network sniffing? (Select all that apply)

Options:

A.

Programming errors

B.

DNS traffic

C.

Telnet passwords

D.

Syslog traffic

Buy Now
Questions 54

Which of the following interfaces uses hot plugging technique to replace computer components without the need to shut down the system?

Options:

A.

SCSI

B.

SATA

C.

SDRAM

D.

IDE

Buy Now
Questions 55

James is working as a Network Administrator in a reputed company situated in California. He is monitoring his network traffic with the help of Wireshark. He wants to check and analyze the traffic against a PING sweep

attack. Which of the following Wireshark filters will he use?

Options:

A.

lcmp.type==0 and icmp.type==16

B.

lcmp.type==8 or icmp.type==16

C.

lcmp.type==8 and icmp.type==0

D.

lcmp.type==8 or icmp.type==0

Buy Now
Questions 56

The company has implemented a backup plan. James is working as a network administrator for the company and is taking full backups of the data every time a backup is initiated. Alex who is a senior security manager

talks to him about using a differential backup instead and asks him to implement this once a full backup of the data is completed. What is/are the reason(s) Alex is suggesting that James use a differential backup?

(Select all that apply)

Options:

A.

Less storage space is required

B.

Father restoration

C.

Slower than a full backup

D.

Faster than a full backup

E.

Less expensive than full backup

Buy Now
Questions 57

John, who works as a team lead in Zen Technologies, found that his team members were accessing social networking sites, shopping sites and watching movies during office hours. He approached the

network admin to block such websites. What kind of network security device can be used to implement John’s decision?

Options:

A.

Firewall

B.

Internet Content Filter

C.

Proxy server

D.

Network Protocol Analyzer

Buy Now
Questions 58

How is a “risk” represented?

Options:

A.

Asset + threat

B.

Motive (goal) + method

C.

Asset + threat + vulnerability

D.

Motive (goal) + method + vulnerability

Buy Now
Questions 59

Which of the following defines the extent to which an interruption affects normal business operations and the amount of revenue lost due to that interruption?

Options:

A.

RPO

B.

RFO

C.

RSP

D.

RTO

Buy Now
Questions 60

Implementing access control mechanisms, such as a firewall, to protect the network is an example of which of the following network defense approach?

Options:

A.

Proactive approach

B.

Retrospective approach

C.

Preventive approach

D.

Reactive approach

Buy Now
Questions 61

Who oversees all the incident response activities in an organization and is responsible for all actions of the IR team and IR function?

Options:

A.

IR officer

B.

Attorney

C.

IR custodians

D.

PR specialist

Buy Now
Questions 62

Which biometric technique authenticates people by analyzing the layer of blood vessels at the back of their eyes?

Options:

A.

Fingerprinting

B.

Iris Scanning

C.

Retina Scanning

D.

Vein Structure Recognition

Buy Now
Questions 63

Identify the firewall technology that monitors the TCP handshake between the packets to determine whether a requested session is legitimate.

Options:

A.

Packet Filtering Firewall

B.

Stateful Multilayer Inspection

C.

Circuit Level Gateway

D.

Network Address Translation

Buy Now
Questions 64

An insider in Hexagon, a leading IT company in USA, was testing a packet crafting tool. This tool

generated a lot of malformed TCP/IP packets which crashed the main server’s operating system leading

to restricting the employees’ accesses. Which attack did the insider use in the above situation?

Options:

A.

DoS attack

B.

Session Hijacking

C.

Man-in-the-Middle

D.

Cross-Site-Scripting

Buy Now
Questions 65

John wants to implement a firewall service that works at the session layer of the OSI model. The firewall must also have the ability to hide the private network information. Which type of firewall service is John thinking of

implementing?

Options:

A.

Application level gateway

B.

Stateful Multilayer Inspection

C.

Circuit level gateway

D.

Packet Filtering

Buy Now
Questions 66

A network designer needs to submit a proposal for a company, which has just published a web

portal for its clients on the internet. Such a server needs to be isolated from the internal network,

placing itself in a DMZ. Faced with this need, the designer will present a proposal for a firewall with

three interfaces, one for the internet network, another for the DMZ server farm and another for the

internal network. What kind of topology will the designer propose?

Options:

A.

Screened subnet

B.

DMZ, External-Internal firewall

C.

Multi-homed firewall

D.

Bastion host

Buy Now
Questions 67

Jason has set a firewall policy that allows only a specific list of network services and deny everything else. This strategy is known as a____________.

Options:

A.

Default allow

B.

Default deny

C.

Default restrict

D.

Default access

Buy Now
Questions 68

How does Windows’ in-built security component, AppLocker, whitelist applications?

Options:

A.

Using Path Rule

B.

Using Signature Rule

C.

Using Certificate Rule

D.

Using Internet Zone Rule

Buy Now
Questions 69

Which of the following refers to the data that is stored or processed by RAM, CPUs, or databases?

Options:

A.

Data is Use

B.

Data at Rest

C.

Data in Transit

D.

Data in Backup

Buy Now
Questions 70

How is the chip-level security of an loT device achieved?

Options:

A.

Encrypting JTAC interface

B.

Keeping the device on a that network

C.

Closing insecure network services

D.

Changing the password of the router

Buy Now
Questions 71

James, a network admin in a large US based IT firm, was asked to audit and implement security

controls over all network layers to achieve Defense-in-Depth. While working on this assignment, James

has implemented both blacklisting and whitelisting ACLs. Which layer of defense-in-depth architecture is

Jason working on currently?

Options:

A.

Application Layer

B.

Host Layer

C.

Internal Network Layer

D.

Perimeter Layer

Buy Now
Questions 72

You are an IT security consultant working on a contract for a large manufacturing company to audit their entire network. After performing all the tests and building your report, you present a number of recommendations

to the company and what they should implement to become more secure. One recommendation is to install a network-based device that notifies IT employees whenever malicious or questionable traffic is found. From

your talks with the company, you know that they do not want a device that actually drops traffic completely, they only want notification. What type of device are you suggesting?

Options:

A.

The best solution to cover the needs of this company would be a HIDS device.

B.

A NIDS device would work best for the company

C.

You are suggesting a NIPS device

D.

A HIPS device would best suite this company

Buy Now
Questions 73

Elden is working as a network administrator at an IT company. His organization opted for a virtualization technique in which the guest OS is aware of the virtual environment in which it is running and

communicates with the host machines for requesting resources. Identify the virtualization technique implemented by Elden’s organization.

Options:

A.

Hybrid virtualization

B.

Hardware-assisted virtualization

C.

Full virtualization

D.

Para virtualization

Buy Now
Questions 74

Fred is a network technician working for Johnson Services, a temporary employment agency in Boston. Johnson Services has three remote offices in New England and the headquarters in Boston where Fred works.

The company relies on a number of customized applications to perform daily tasks and unfortunately these applications require users to be local administrators. Because of this, Fred's supervisor wants to implement

tighter security measures in other areas to compensate for the inherent risks in making those users local admins. Fred's boss wants a solution that will be placed on all computers throughout the company and

monitored by Fred. This solution will gather information on all network traffic to and from the local computers without actually affecting the traffic. What type of solution does Fred's boss want to implement?

Options:

A.

Fred's boss wants a NIDS implementation.

B.

Fred's boss wants Fred to monitor a NIPS system.

C.

Fred's boss wants to implement a HIPS solution.

D.

Fred's boss wants to implement a HIDS solution.

Buy Now
Questions 75

Sean has built a site-to-site VPN architecture between the head office and the branch office of his company. When users in the branch office and head office try to communicate with each other, the traffic is

encapsulated. As the traffic passes though the gateway, it is encapsulated again. The header and payload both are encapsulated. This second encapsulation occurs only in the __________implementation of a VPN.

Options:

A.

Full Mesh Mode

B.

Point-to-Point Mode

C.

Transport Mode

D.

Tunnel Mode

Buy Now
Questions 76

An US-based organization decided to implement a RAID storage technology for their data backup plan. John wants to setup a RAID level that require a minimum of six drives but will meet high fault tolerance and with a

high speed for the data read and write operations. What RAID level is John considering to meet this requirement?

Options:

A.

RAID level 1

B.

RAID level 10

C.

RAID level 5

D.

RAID level 50

Buy Now
Questions 77

Which of the following best describes the Log Normalization process?

Options:

A.

It is a process of accepting logs from homogenous sources with the same formats and converting them into a different format

B.

It is a process of accepting logs from homogenous sources with different formats and converting them into a common format

C.

It is a process of accepting logs from heterogeneous sources with different formats and converting them into a common format

D.

It is a process of accepting logs from heterogeneous sources with the same formats and converting them into a different format

Buy Now
Questions 78

An organization needs to adhere to the______________rules for safeguarding and protecting the electronically stored health information of employees.

Options:

A.

HI PA A

B.

PCI DSS

C.

ISEC

D.

SOX

Buy Now
Questions 79

Emmanuel works as a Windows system administrator at an MNC. He uses PowerShell to enforce the script execution policy. He wants to allow the execution of the scripts that are signed by a trusted

publisher. Which of the following script execution policy setting this?

Options:

A.

AllSigned

B.

Restricted

C.

RemoteSigned

D.

Unrestricted

Buy Now
Questions 80

Identify the virtualization level that creates a massive pool of storage areas for different virtual machines running on the hardware.

Options:

A.

Fabric virtualization

B.

Storage device virtualization

C.

Server virtualization

D.

File system virtualization

Buy Now
Questions 81

In MacOS, how can the user implement disk encryption?

Options:

A.

By enabling BitLocker feature

B.

By executing dm-crypt command

C.

By turning on Device Encryption feature

D.

By enabling FileVault feature

Buy Now
Questions 82

Wallcot, a retail chain in US and Canada, wants to improve the security of their administration

offices. They want to implement a mechanism with two doors. Only one of the doors can be opened at a

time. Once people enter from the first door, they have to be authorized to open the next one. Failing

the authorization, the person will be locked between the doors until an authorized person lets him or

her out. What is such a mechanism called?

Options:

A.

Mantrap

B.

Physical locks

C.

Concealed detection device

D.

Alarm system

Buy Now
Questions 83

Which of the following statements holds true in terms of virtual machines?

Options:

A.

Hardware-level virtualization takes place in VMs

B.

All VMs share the host OS

C.

VMs are light weight than container

D.

OS-level virtualization takes place in VMs

Buy Now
Questions 84

Alex is administrating the firewall in the organization's network. What command will he use to check the ports applications open?

Options:

A.

Netstat -an

B.

Netstat -o

C.

Netstat -a

D.

Netstat -ao

Buy Now
Questions 85

John has successfully remediated the vulnerability of an internal application that could have caused a threat to the network. He is scanning the application for the existence of a remediated vulnerability, this process is

called a________and it has to adhere to the_________

Options:

A.

Verification, Security Policies

B.

Mitigation, Security policies

C.

Vulnerability scanning, Risk Analysis

D.

Risk analysis, Risk matrix

Buy Now
Questions 86

Sam wants to implement a network-based IDS in the network. Sam finds out the one IDS solution which works is based on patterns matching. Which type of network-based IDS is Sam implementing?

Options:

A.

Behavior-based IDS

B.

Anomaly-based IDS

C.

Stateful protocol analysis

D.

Signature-based IDS

Buy Now
Questions 87

How is the chip-level security of an IoT device achieved?

Options:

A.

By closing insecure network services

B.

By turning off the device when not needed or not in use

C.

By encrypting the JTAG interface

D.

By changing the password of the router

Buy Now
Questions 88

How can a WAF validate traffic before it reaches a web application?

Options:

A.

It uses a role-based filtering technique

B.

It uses an access-based filtering technique

C.

It uses a sandboxing filtering technique

D.

It uses a rule-based filtering technique

Buy Now
Questions 89

How can organizations obtain information about threats through human intelligence?

Options:

A.

By extracting information from security blogs and forums

B.

By discovering vulnerabilities through exploration, understanding malware behavior through malware processing, etc.

C.

From the data of past incidents and network monitoring

D.

From attackers through the dark web and honeypots

Buy Now
Questions 90

An attacker has access to password hashes of a Windows 7 computer. Which of the following attacks can the attacker use to reveal the passwords?

Options:

A.

Brute force

B.

XSS

C.

Dictionary attacks

D.

Rainbow table

Buy Now
Questions 91

Michelle is a network security administrator working in an MNC company. She wants to set a

resource limit for CPU in a container. Which command-line allows Michelle to limit a container to 2

CPUs?

Options:

A.

--cpu=“2”

B.

$cpu=“2”

C.

--cpus=“2”

D.

$cpus=“2”

Buy Now
Questions 92

Dan and Alex are business partners working together. Their Business-Partner Policy states that they should encrypt their emails before sending to each other. How will they ensure the authenticity of their emails?

Options:

A.

Dan will use his public key to encrypt his mails while Alex will use Dan's digital signature to verify the authenticity of the mails.

B.

Dan will use his private key to encrypt his mails while Alex will use his digital signature to verify the authenticity of the mails.

C.

Dan will use his digital signature to sign his mails while Alex will use his private key to verify the authenticity of the mails.

D.

Dan will use his digital signature to sign his mails while Alex will use Dan's public key to verify the authencity of the mails.

Buy Now
Questions 93

Ivan needs to pick an encryption method that is scalable even though it might be slower. He has settled on a method that works where one key is public and the other is private. What encryption method did Ivan settle

on?

Options:

A.

Ivan settled on the private encryption method.

B.

Ivan settled on the symmetric encryption method.

C.

Ivan settled on the asymmetric encryption method

D.

Ivan settled on the hashing encryption method

Buy Now
Questions 94

Which OSI layer does a Network Interface Card (NIC) work on?

Options:

A.

Physical layer

B.

Presentation layer

C.

Network layer

D.

Session layer

Buy Now
Questions 95

John, a network administrator, is configuring Amazon EC2 cloud service for his organization. Identify the type of cloud service modules his organization adopted.

Options:

A.

Software-as-a-Service (SaaS)

B.

Infrastructure-as-a-Service (IaaS)

C.

Platform-as-a-Service (PaaS)

D.

Storage-as-a-Service (SaaS)

Buy Now
Questions 96

Which of the following is an example of MAC model?

Options:

A.

Chinese Waterfall model

B.

Clark-Beason integrity model

C.

Access control matrix model

D.

Bell-LaPadula model

Buy Now
Questions 97

Blake is working on the company's updated disaster and business continuity plan. The last section of the plan covers computer and data incidence response. Blake is outlining the level of severity for each type of

incident in the plan. Unsuccessful scans and probes are at what severity level?

Options:

A.

Extreme severity level

B.

Low severity level

C.

Mid severity level

D.

High severity level

Buy Now
Questions 98

Identify the minimum number of drives required to setup RAID level 5.

Options:

A.

Multiple

B.

3

C.

4

D.

2

Buy Now
Questions 99

Identity the correct order for a successful black hat operation.

Options:

A.

Reconnaissance. Scanning, Gaining Access. Maintaining Access, and Covering Tracks

B.

Scanning, Reconnaissance, Gaining Access. Maintaining Access and Covering Tracks

C.

Reconnaissance. Gaming Access, Scanning. Maintaining Access, and Covering Tracks

D.

Reconnaissance, Scanning, Gaining Access, Covering Tracks, and Maintaining Access

Buy Now
Questions 100

A stateful multilayer inspection firewall combines the aspects of Application level gateway, Circuit level gateway and Packet filtering firewall. On which layers of the OSI model, does the Stateful

multilayer inspection firewall works?

Options:

A.

Network, Session & Application

B.

Physical & application

C.

Session & network

D.

Physical, session & application

Buy Now
Questions 101

Daniel works as a network administrator in an Information Security company. He has just deployed

an IDS in his organization’s network and wants to calculate the false positive rate for his

implementation. Which of the following formulae can he use to so?

Options:

A.

False Negative/False Negative+True Positive

B.

False Positive/False Positive+True Negative

C.

True Negative/False Negative+True Positive

D.

False Negative/True Negative+True positive

Buy Now
Questions 102

An employee of a medical service company clicked a malicious link in an email sent by an attacker. Suddenly, employees of the company are not able to access billing information or client record as it is

encrypted. The attacker asked the company to pay money for gaining access to their data. Which type of malware attack is described above?

Options:

A.

Logic bomb

B.

Rootkits

C.

Trojan

D.

Ransomware

Buy Now
Questions 103

Michelle is a network security administrator working at a multinational company. She wants to provide secure access to corporate data (documents, spreadsheets, email, schedules, presentations, and other enterprise data) on mobile devices across organizations networks without being slowed down and also wants to enable easy and secure sharing of information between devices within an enterprise. Based on the above mentioned requirements, which among the following solution should Michelle implement?

Options:

A.

MEM

B.

MAM

C.

MCM

D.

MDM

Buy Now
Questions 104

Sam, a network administrator is using Wireshark to monitor the network traffic of the organization. He wants to detect TCP packets with no flag set to check for a specific attack attempt. Which filter will he use to view

the traffic?

Options:

A.

Tcp.flags==0x000

B.

Tcp.flags==0000x

C.

Tcp.flags==000x0

D.

Tcp.flags==x0000

Buy Now
Questions 105

Harry has sued the company claiming they made his personal information public on a social networking site in the United States. The company denies the allegations and consulted a/an ______for legal advice to defend

them against this allegation.

Options:

A.

PR Specialist

B.

Attorney

C.

Incident Handler

D.

Evidence Manager

Buy Now
Questions 106

James wants to implement certain control measures to prevent denial-of-service attacks against the organization. Which of the following control measures can help James?

Options:

A.

Strong passwords

B.

Reduce the sessions time-out duration for the connection attempts

C.

A honeypot in DMZ

D.

Provide network-based anti-virus

Buy Now
Questions 107

Which of the following is a database encryption feature that secures sensitive data by encrypting it in client applications without revealing the encrypted keys to the data engine in MS SQL Server?

Options:

A.

IsEncrypted Enabled

B.

NeverEncrypted disabled

C.

Allow Encrypted

D.

Always Encrypted

Buy Now
Questions 108

Patrick wants to change the file permission of a file with permission value 755 to 744. He used a Linux command chmod [permission Value] [File Name] to make these changes. What will be the change

in the file access?

Options:

A.

He changed the file permission from rwxr-xr-x to rwx-r--r--

B.

He changes the file permission from rwxr-xr-x to rw-rw-rw-

C.

He changed the file permission from rw------- to rw-r--r--

D.

He changed the file permission from rwxrwxrwx to rwx------

Buy Now
Exam Code: 312-38
Exam Name: Certified Network Defender (CND)
Last Update: Dec 21, 2024
Questions: 362

PDF + Testing Engine

$134.99

Testing Engine

$99.99

PDF (Q&A)

$84.99