New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: cramtick70

312-38 Certified Network Defender (CND) Questions and Answers

Questions 4

Daniel who works as a network administrator has just deployed an in his organizations network. He wants to calculate the False Positive rate for his implementation. Which of the following formulas will he use to calculate the False Positive rate?

Options:

A.

False Positive/False Positive+True Negative

B.

True Negative/False Negative+True Positive

C.

False Negative/False Negative+True Positive

D.

False Negative/True Negative+True Positive

Buy Now
Questions 5

Which technique is used in RAID level 0 where the data is split into blocks and written evenly across multiple disks?

Options:

A.

Disk mirroring

B.

Disk stripping

C.

Data splitting

D.

Disk partition

Buy Now
Questions 6

Which of the following includes examining the probability, impact status, and exposure of risk?

Options:

A.

Risk Review

B.

Risk Tracking

C.

Risk Identification

D.

Risk Assessment

Buy Now
Questions 7

A stateful multilayer inspection firewall combines the aspects of Application level gateway, Circuit level gateway and Packet filtering firewall. On which layers of the OSI model, does the Stateful

multilayer inspection firewall works?

Options:

A.

Network, Session & Application

B.

Physical & application

C.

Session & network

D.

Physical, session & application

Buy Now
Questions 8

Which of the following attack surface increase when you keep USB ports enabled on your laptop unnecessarily?

Options:

A.

Human attack surface

B.

Network attack surface

C.

Physical attack surface

D.

Software attack surface

Buy Now
Questions 9

Lyle is the IT director for a medium-sized food service supply company in Nebraska. Lyle's company employs over 300 workers, half of which use computers. He recently came back from a security training seminar on

logical security. He now wants to ensure his company is as secure as possible. Lyle has many network nodes and workstation nodes across the network. He does not have much time for implementing a network-wide

solution. He is primarily concerned about preventing any external attacks on the network by using a solution that can drop packets if they are found to be malicious. Lyle also wants this solution to be easy to implement

and be network-wide. What type of solution would be best for Lyle?

Options:

A.

A NEPT implementation would be the best choice.

B.

To better serve the security needs of his company, Lyle should use a HIDS system.

C.

Lyle would be best suited if he chose a NIPS implementation

D.

He should choose a HIPS solution, as this is best suited to his needs.

Buy Now
Questions 10

Which of the following standards does a cloud service provider has to comply with, to protect the privacy of its customer’s personal information?

Options:

A.

ISO/IEC 27018

B.

ISO/IEC 27019

C.

ISO/IEC 27020

D.

ISO/IEC 27021

Buy Now
Questions 11

Which among the following control and manage the communication between VNF with computing, storage, and network resources along with virtualization?

Options:

A.

Orchestrator

B.

VNF Manager(s)

C.

Virtualized Infrastructure Manager(s)

D.

Element Management System (EMS)

Buy Now
Questions 12

Rosa is working as a network defender at Linda Systems. Recently, the company migrated from Windows to MacOS. Rosa wants to view the security related logs of her system, where con she find these logs?

Options:

A.

/private/var/log

B.

/var/log/cups/access-log

C.

/Library/Logs/Sync

D.

/Library/Logs

Buy Now
Questions 13

James, a network admin in a large US based IT firm, was asked to audit and implement security

controls over all network layers to achieve Defense-in-Depth. While working on this assignment, James

has implemented both blacklisting and whitelisting ACLs. Which layer of defense-in-depth architecture is

Jason working on currently?

Options:

A.

Application Layer

B.

Host Layer

C.

Internal Network Layer

D.

Perimeter Layer

Buy Now
Questions 14

You are an IT security consultant working on a contract for a large manufacturing company to audit their entire network. After performing all the tests and building your report, you present a number of recommendations

to the company and what they should implement to become more secure. One recommendation is to install a network-based device that notifies IT employees whenever malicious or questionable traffic is found. From

your talks with the company, you know that they do not want a device that actually drops traffic completely, they only want notification. What type of device are you suggesting?

Options:

A.

The best solution to cover the needs of this company would be a HIDS device.

B.

A NIDS device would work best for the company

C.

You are suggesting a NIPS device

D.

A HIPS device would best suite this company

Buy Now
Questions 15

Which of the following is a windows in-built feature that provides filesystem-level encryption in the OS (starting from Windows 2000). except the Home version of Windows?

Options:

A.

Bit Locker

B.

EFS

C.

Disk Utility

D.

FileVault

Buy Now
Questions 16

Dan and Alex are business partners working together. Their Business-Partner Policy states that they should encrypt their emails before sending to each other. How will they ensure the authenticity of their emails?

Options:

A.

Dan will use his public key to encrypt his mails while Alex will use Dan's digital signature to verify the authenticity of the mails.

B.

Dan will use his private key to encrypt his mails while Alex will use his digital signature to verify the authenticity of the mails.

C.

Dan will use his digital signature to sign his mails while Alex will use his private key to verify the authenticity of the mails.

D.

Dan will use his digital signature to sign his mails while Alex will use Dan's public key to verify the authencity of the mails.

Buy Now
Questions 17

Brendan wants to implement a hardware based RAID system in his network. He is thinking of choosing a suitable RAM type for the architectural setup in the system. The type he is interested in provides access times of

up to 20 ns. Which type of RAM will he select for his RAID system?

Options:

A.

NVRAM

B.

SDRAM

C.

NAND flash memory

D.

SRAM

Buy Now
Questions 18

Daniel works as a network administrator in an Information Security company. He has just deployed

an IDS in his organization’s network and wants to calculate the false positive rate for his

implementation. Which of the following formulae can he use to so?

Options:

A.

False Negative/False Negative+True Positive

B.

False Positive/False Positive+True Negative

C.

True Negative/False Negative+True Positive

D.

False Negative/True Negative+True positive

Buy Now
Questions 19

In Public Key Infrastructure (PKI), which authority is responsible for issuing and verifying the certificates?

Options:

A.

Registration authority

B.

Certificate authority

C.

Digital Certificate authority

D.

Digital signature authority

Buy Now
Questions 20

Tom works as a network administrator in a multinational organization having branches across North America and Europe. Tom wants to implement a storage technology that can provide centralized data storage and

provide free data backup on the server. He should be able to perform data backup and recovery more efficiently with the selected technology. Which of the following storage technologies best suits Tom's requirements?

Options:

A.

DAS

B.

PAS

C.

RAID

D.

NAS

Buy Now
Questions 21

------------is a group of broadband wireless communications standards for Metropolitan Area Networks (MANs)

Options:

A.

802.15

B.

802.16

C.

802.15.4

D.

802.12

Buy Now
Questions 22

Which antenna's characteristic refer to the calculation of radiated in a particular direction. It is generally the ratio of radiation intensity in a given direction to the average radiation intensity?

Options:

A.

Radiation pattern

B.

Polarization

C.

Directivity

D.

Typical gain

Buy Now
Questions 23

Which of the following can be used to disallow a system/user from accessing all applications except a specific folder on a system?

Options:

A.

Hash rule

B.

Path rule

C.

Internet zone rule

D.

Certificate rule

Buy Now
Questions 24

Which type of training can create awareness among employees regarding compliance issues?

Options:

A.

Social engineering awareness training

B.

Security policy training

C.

Physical security awareness training

D.

Training on data classification

Buy Now
Questions 25

A local bank wants to protect their cardholder data. Which standard should the bark comply with in order to ensure security of this data?

Options:

A.

GDPR

B.

HIPAA

C.

SOX

D.

PCI DSS

Buy Now
Questions 26

Cindy is the network security administrator for her company. She just got back from a security conference in Las Vegas where they talked about all kinds of old and new security threats; many of which she did not know

of. She is worried about the current security state of her company's network so she decides to start scanning the network from an external IP address. To see how some of the hosts on her network react, she sends out

SYN packets to an IP range. A number of IPs responds with a SYN/ACK response. Before the connection is established, she sends RST packets to those hosts to stop the session. She has done this to see how her

intrusion detection system will log the traffic. What type of scan is Cindy attempting here?

Options:

A.

The type of scan she is usinq is called a NULL scan.

B.

Cindy is using a half-open scan to find live hosts on her network.

C.

Cindy is attempting to find live hosts on her company's network by using a XMAS scan.

D.

She is utilizing a RST scan to find live hosts that are listening on her network.

Buy Now
Questions 27

Which of the following is not part of the recommended first response steps for network defenders?

Options:

A.

Restrict yourself from doing the investigation

B.

Extract relevant data from the suspected devices as early as possible

C.

Disable virus protection

D.

Do not change the state of the suspected device

Buy Now
Questions 28

Emmanuel works as a Windows system administrator at an MNC. He uses PowerShell to enforce the script execution policy. He wants to allow the execution of the scripts that are signed by a trusted

publisher. Which of the following script execution policy setting this?

Options:

A.

AllSigned

B.

Restricted

C.

RemoteSigned

D.

Unrestricted

Buy Now
Questions 29

Oliver is a Linux security administrator at an MNC. An employee named Alice has resigned from his organization and Oliver wants to disable this user in Ubuntu. Which of the following commands can be used to accomplish this?

Options:

A.

usermod -3 alice

B.

uscrmod- K alice

C.

usermod- L alice

D.

usermod- M alice

Buy Now
Questions 30

Assume that you are a network administrator and the company has asked you to draft an Acceptable Use Policy (AUP) for employees. Under which category of an information security policy does AUP fall into?

Options:

A.

System Specific Security Policy (SSSP)

B.

Incident Response Policy (IRP)

C.

Enterprise Information Security Policy (EISP)

D.

Issue Specific Security Policy (ISSP)

Buy Now
Questions 31

Which of the following technologies can be used to leverage zero-trust model security?

Options:

A.

Software defined networking (SDN)

B.

Network function visualization (NFV)

C.

Network visualization (NV)

D.

Software defined perimeter (SDP)

Buy Now
Questions 32

In MacOS, how can the user implement disk encryption?

Options:

A.

By enabling BitLocker feature

B.

By executing dm-crypt command

C.

By turning on Device Encryption feature

D.

By enabling FileVault feature

Buy Now
Questions 33

An enterprise recently moved to a new office and the new neighborhood is a little risky. The CEO wants to monitor the physical perimeter and the entrance doors 24 hours. What is the best option to do this job?

Options:

A.

Install a CCTV with cameras pointing to the entrance doors and the street

B.

Use fences in the entrance doors

C.

Use lights in all the entrance doors and along the company's perimeter

D.

Use an IDS in the entrance doors and install some of them near the corners

Buy Now
Questions 34

How can one identify the baseline for normal traffic?

Options:

A.

When the ACK flag appears at the beginning and the RST flag appears at the end of the connection

B.

When the SYN flag appears at the beginning and the FIN flag appears at the end of the connection

C.

When the RST flag appears at the beginning and the ACK flag appears at the end of the connection

D.

When the FIN flag appears at the beginning and the SYN flag appears at the end of the connection

Buy Now
Questions 35

Which authentication technique involves mathematical pattern-recognition of the colored part of the eye behind the cornea?

Options:

A.

Iris Scanning

B.

Retinal Scanning

C.

Facial Recognition

D.

Vein Scanning

Buy Now
Questions 36

Which BC/DR activity includes action taken toward resuming all services that are dependent on business-critical applications?

Options:

A.

Response

B.

Recovery

C.

Resumption

D.

Restoration

Buy Now
Questions 37

Which of the following characteristics represents a normal TCP packet?

Options:

A.

SYN and FIN bits are set

B.

Source or destination port b zero

C.

FIN ACK and ACK are used in terminating the connection

D.

The destination address is a broadcast address

Buy Now
Questions 38

If Myron, head of network defense at Cyberdyne, wants to change the default password policy settings on the company’s Linux systems, which directory should he access?

Options:

A.

/etc/logrotate.conf

B.

/etc/hosts.allow

C.

/etc/crontab

D.

/etc/login.defs

Buy Now
Questions 39

A VPN Concentrator acts as a bidirectional tunnel endpoint among host machines. What are the other f unction(s) of the device? (Select all that apply)

Options:

A.

Provides access memory, achieving high efficiency

B.

Assigns user addresses

C.

Enables input/output (I/O) operations

D.

Manages security keys

Buy Now
Questions 40

Which of the following network security controls can an administrator use to detect, deflect or study attempts to gain unauthorized access to information systems?

Options:

A.

IDS/IPS

B.

Network Protocol Analyzer

C.

Proxy Server

D.

Honeypot

Buy Now
Questions 41

An US-based organization decided to implement a RAID storage technology for their data backup plan. John wants to setup a RAID level that require a minimum of six drives but will meet high fault tolerance and with a

high speed for the data read and write operations. What RAID level is John considering to meet this requirement?

Options:

A.

RAID level 1

B.

RAID level 10

C.

RAID level 5

D.

RAID level 50

Buy Now
Questions 42

Which of the following is a drawback of traditional perimeter security?

Options:

A.

Traditional firewalls are static in nature

B.

Traditional VPNs follow identity centric instead of trust based network centric approach

C.

Traditional perimeter security is identity-centric

D.

Traditional firewalls are dynamic in nature

Buy Now
Questions 43

Which of the following indicators are discovered through an attacker's intent, their end goal or purpose, and a series of actions that they must take before being able to successfully launch an attack?

Options:

A.

Key risk indicators

B.

Indicators of compromise

C.

Indicators of attack

D.

Indicators of exposure

Buy Now
Questions 44

Which encryption algorithm is used by WPA3 encryption?

Options:

A.

RC4

B.

RC4, TKIP

C.

AES-CCMP

D.

AES-GCMP 256

Buy Now
Questions 45

Xenon is a leading real estate firm located in Australia. Recently, the company had decided a bid

amount for a prestigious construction project and was sure of being awarded the project. Unfortunately,

the company lost the tender to one of its competitors. A few days later, while performing a network

scan, the network admin identified that somebody had captured the confidential e-mails conversions

related to the tender. Upon further investigation, the admin discovered that one of the switch ports was

left open and an employee had plugged into the network using an Ethernet cable.

Which attack did the employee perform in the above situation?

Options:

A.

Network Sniffing

B.

Password Attack

C.

Social Engineering Attack

D.

Man-in-the-Middle Attack

Buy Now
Questions 46

Albert works as a Windows system administrator at an MNC. He uses PowerShell logging to identify any suspicious scripting activity across the network. He wants to record pipeline execution details as

PowerShell executes, including variable initialization and command invocations. Which PowerShell logging component records pipeline execution details as PowerShell executes?

Options:

A.

Module logging

B.

Script block logging

C.

Event logging

D.

Transcript logging

Buy Now
Questions 47

How is application whitelisting different from application blacklisting?

Options:

A.

It allows all applications other than the undesirable applications

B.

It allows execution of trusted applications in a unified environment

C.

It allows execution of untrusted applications in an isolated environment

D.

It rejects all applications other than the allowed applications

Buy Now
Questions 48

Identify the type of event that is recorded when an application driver loads successfully in Windows.

Options:

A.

Success Audit

B.

Error

C.

Warning

D.

Information

Buy Now
Questions 49

An organization’s web server was recently compromised triggering its admin team into action to

defend the network. The admin team wants to place the web server in such a way that, even if it is

attacked, the other network resources will be unavailable to the attacker. Moreover, the network

monitoring will easily detect the future attacks. How can the admin team implement this plan?

Options:

A.

They can place the web server outside of the organization in a remote place

B.

They can remove the web server from their organization

C.

They can place it in a separate DMZ area behind the firewall

D.

They can place it beside the firewall

Buy Now
Questions 50

Kelly is taking backups of the organization's data. Currently, he is taking backups of only those files which are created or modified after the last backup. What type of backup is Kelly using?

Options:

A.

Full backup

B.

Incremental backup

C.

Differential Backup

D.

Normal Backup

Buy Now
Questions 51

The network administrator wants to strengthen physical security in the organization. Specifically, to

implement a solution stopping people from entering certain restricted zones without proper credentials.

Which of following physical security measures should the administrator use?

Options:

A.

Video surveillance

B.

Fence

C.

Mantrap

D.

Bollards

Buy Now
Questions 52

You want to increase your network security implementing a technology that only allows certain MAC addresses in specific ports in the switches; which one of the above is the best choice?

Options:

A.

Port Security

B.

Port Detection

C.

Port Authorization

D.

Port Knocking

Buy Now
Questions 53

An organization needs to adhere to the______________rules for safeguarding and protecting the electronically stored health information of employees.

Options:

A.

HI PA A

B.

PCI DSS

C.

ISEC

D.

SOX

Buy Now
Questions 54

Match the following NIST security life cycle components with their activities:

Options:

A.

1-ii, 2-i, 3-v, 4-iv

B.

1-iii, 2-iv, 3-v, 4-i

C.

1-iv, 2-iii, 3-v, 4-i

D.

1-i, 2-v, 3-iii, 4-ii

Buy Now
Questions 55

John wants to implement a firewall service that works at the session layer of the OSI model. The firewall must also have the ability to hide the private network information. Which type of firewall service is John thinking of

implementing?

Options:

A.

Application level gateway

B.

Stateful Multilayer Inspection

C.

Circuit level gateway

D.

Packet Filtering

Buy Now
Questions 56

Which type of risk treatment process Includes not allowing the use of laptops in an organization to ensure its security?

Options:

A.

Risk avoidance

B.

Mitigate the risk

C.

Eliminate the risk

D.

Reduce the risk

Buy Now
Questions 57

How is the chip-level security of an IoT device achieved?

Options:

A.

By closing insecure network services

B.

By turning off the device when not needed or not in use

C.

By encrypting the JTAG interface

D.

By changing the password of the router

Buy Now
Questions 58

A network designer needs to submit a proposal for a company, which has just published a web

portal for its clients on the internet. Such a server needs to be isolated from the internal network,

placing itself in a DMZ. Faced with this need, the designer will present a proposal for a firewall with

three interfaces, one for the internet network, another for the DMZ server farm and another for the

internal network. What kind of topology will the designer propose?

Options:

A.

Screened subnet

B.

DMZ, External-Internal firewall

C.

Multi-homed firewall

D.

Bastion host

Buy Now
Questions 59

Which of the following filters car be applied to detect an ICMP ping sweep attempt using Wireshark?

Options:

A.

icmp.type==8

B.

icmp.type==13

C.

icmp.type==17

D.

icmp.type==15

Buy Now
Questions 60

Ryan, a network security engineer, after a recent attack, is trying to get information about the kind

of attack his users were facing. He has decided to put into production one honeypot called Kojoney. He

is interested in emulating the network vulnerability, rather than the real vulnerability system, making

this probe safer and more flexible. Which type of honeypot is he trying to implement?

Options:

A.

Research honeypot

B.

High interaction honeypots

C.

Low interaction honeypots

D.

Pure honeypots

Buy Now
Questions 61

What is Azure Key Vault?

Options:

A.

It is secure storage for the keys used to encrypt data at rest in Azure services

B.

It is secure storage for the keys used to encrypt data in motion in Azure services

C.

It is secure storage for the keys used to encrypt data in use in Azure services

D.

It is secure storage for the keys used to configure IAM in Azure services

Buy Now
Questions 62

Which of the following statements holds true in terms of virtual machines?

Options:

A.

Hardware-level virtualization takes place in VMs

B.

All VMs share the host OS

C.

VMs are light weight than container

D.

OS-level virtualization takes place in VMs

Buy Now
Questions 63

Which type of antenna is based on the principle of a satellite dish and can pick up Wi-Fi signals from a distance of ten miles of more?

Options:

A.

Yagi antenna

B.

Directional antenna

C.

Omnidirectional antenna

D.

Parabolic Grid antenna

Buy Now
Questions 64

Which of the following is an example of Indicators of Attack?

Options:

A.

Malware

B.

Signatures

C.

Exploits

D.

Remote code execution

Buy Now
Questions 65

Andrew would like to configure IPsec in a manner that provides confidentiality for the content of packets. What component of IPsec provides this capability?

Options:

A.

ESP

B.

AH

C.

IKE

D.

ISAKMP

Buy Now
Questions 66

Who acts as an intermediary to provide connectivity and transport services between cloud consumers and providers?

Options:

A.

Cloud Auditor

B.

Cloud Broker

C.

Cloud Carrier

D.

Cloud Consultant

Buy Now
Questions 67

Which of the following network monitoring techniques requires extra monitoring software or hardware?

Options:

A.

Non-router based

B.

Switch based

C.

Hub based

D.

Router based

Buy Now
Questions 68

Under which of the following acts can an international financial institution be prosecuted if it fails to maintain the privacy of its customer’s information?

Options:

A.

GLBA

B.

FISMA

C.

DMCA

D.

SOX

Buy Now
Questions 69

Cindy is the network security administrator for her company. She just got back from a security

conference in Las Vegas where they talked about all kinds of old and new security threats; many of

which she did not know of. She is worried about the current security state of her company's network so

she decides to start scanning the network from an external IP address. To see how some of the hosts on

her network react, she sends out SYN packets to an IP range. A number of IPs responds with a SYN/ACK

response. Before the connection is established, she sends RST packets to those hosts to stop the session.

She has done this to see how her intrusion detection system will log the traffic. What type of scan is

Cindy attempting here?

Options:

A.

Cindy is using a half-open scan to find live hosts on her network.

B.

The type of scan she is using is called a NULL scan

C.

She is utilizing a RST scan to find live hosts that are listening on her network

D.

Cindy is attempting to find live hosts on her company’s network by using a XMAS scan

Buy Now
Questions 70

Blake is working on the company's updated disaster and business continuity plan. The last section of the plan covers computer and data incidence response. Blake is outlining the level of severity for each type of

incident in the plan. Unsuccessful scans and probes are at what severity level?

Options:

A.

High severity level

B.

Extreme severity level

C.

Mid severity level

D.

Low severity level

Buy Now
Questions 71

Which firewall technology provides the best of both packet filtering and application-based filtering and is used in Cisco Adaptive Security Appliances?

Options:

A.

VPN

B.

Stateful multilayer inspection

C.

Application level gateway

D.

Network address translation

Buy Now
Questions 72

John wants to implement a firewall service that works at the session layer of the OSI model. The firewall must also have the ability to hide the private network information. Which type of firewall service is John thinking of

implementing?

Options:

A.

Application level gateway

B.

Circuit level gateway

C.

Stateful Multilayer Inspection

D.

Packet Filtering

Buy Now
Questions 73

John, a network administrator, is configuring Amazon EC2 cloud service for his organization. Identify the type of cloud service modules his organization adopted.

Options:

A.

Software-as-a-Service (SaaS)

B.

Infrastructure-as-a-Service (IaaS)

C.

Platform-as-a-Service (PaaS)

D.

Storage-as-a-Service (SaaS)

Buy Now
Questions 74

Which of the following creates passwords for individual administrator accounts and stores them in Windows AD?

Options:

A.

LSASS

B.

SRM

C.

SAM

D.

LAPS

Buy Now
Questions 75

Which of the following intrusion detection techniques observes the network for abnormal usage patterns by determining the performance parameters for regular activities and monitoring for actions

beyond the normal parameters?

Options:

A.

Signature/Pattern matching

B.

Stateful protocol analysis

C.

None of these

D.

Statistical anomaly detection

Buy Now
Questions 76

Your company is planning to use an uninterruptible power supply (UPS) to avoid damage from power fluctuations. As a network administrator, you need to suggest an appropriate UPS solution suitable for specific resources or conditions. Match the type of UPS with the use and advantage:

Options:

A.

1-v,2-iv,3-iii,4-i

B.

1-v,2-iii,3-i,4-ii

C.

1-iii,2-iv,3-v,4-iv

D.

1-i,2-iv,3-ii,4-v

Buy Now
Questions 77

A network administrator is monitoring the network traffic with Wireshark. Which of the following filters will she use to view the packets moving without setting a flag to detect TCP Null Scan attempts?

Options:

A.

TCRflags==0x000

B.

Tcp.flags==0X029

C.

Tcp.dstport==7

D.

Tcp.flags==0x003

Buy Now
Questions 78

Who is responsible for executing the policies and plans required for supporting the information technology and computer systems of an organization?

Options:

A.

Senior management

B.

IT security practitioners

C.

Business and functional managers

D.

Chief Information Officer (CIO)

Buy Now
Questions 79

Michael decides to view the-----------------to track employee actions on the organization's network.

Options:

A.

Firewall policy

B.

Firewall log

C.

Firewall settings

D.

Firewall rule set

Buy Now
Questions 80

Jason has set a firewall policy that allows only a specific list of network services and deny everything else. This strategy is known as a____________.

Options:

A.

Default allow

B.

Default deny

C.

Default restrict

D.

Default access

Buy Now
Questions 81

Frank is a network technician working for a medium-sized law firm in Memphis. Frank and two other IT employees take care of all the technical needs for the firm. The firm's partners have asked that a secure wireless

network be implemented in the office so employees can move about freely without being tied to a network cable. While Frank and his colleagues are familiar with wired Ethernet technologies, 802.3, they are not familiar

with how to setup wireless in a business environment. What IEEE standard should Frank and the other IT employees follow to become familiar with wireless?

Options:

A.

The IEEE standard covering wireless is 802.9 and they should follow this.

B.

802.7 covers wireless standards and should be followed

C.

They should follow the 802.11 standard

D.

Frank and the other IT employees should follow the 802.1 standard.

Buy Now
Questions 82

Identify the password cracking attempt involving precomputed hash values stored as plaintext and using these to crack the password.

Options:

A.

Bruteforce

B.

Rainbow table

C.

Dictionary

D.

Hybrid

Buy Now
Questions 83

Liza was told by her network administrator that they will be implementing IPsec VPN tunnels to connect the branch locations to the main office. What layer of the OSI model do IPsec tunnels function on?

Options:

A.

The data link layer

B.

The session layer

C.

The network layer

D.

The application and physical layers

Buy Now
Questions 84

Which subdirectory in /var/log directory stores information related to Apache web server?

Options:

A.

/var/log/maillog/

B.

/var/log/httpd/

C.

/var/log/apachelog/

D.

/var/log/lighttpd/

Buy Now
Questions 85

Which risk management phase helps in establishing context and quantifying risks?

Options:

A.

Risk identification

B.

Risk assessment

C.

Risk review

D.

Risk treatment

Buy Now
Questions 86

Which of the following data security technology can ensure information protection by obscuring specific areas of information?

Options:

A.

Data encryption

B.

Data hashing

C.

Data masking

D.

Data retention

Buy Now
Questions 87

The risk assessment team in Southern California has estimated that the probability of an incident that has potential to impact almost 80% of the bank's business is very high. How should this risk be categorized in the

risk matrix?

Options:

A.

High

B.

Medium

C.

Extreme

D.

Low

Buy Now
Questions 88

Which type of information security policy addresses the implementation and configuration of technology and user behavior?

Options:

A.

Enterprise information security policy

B.

Acceptable use policy

C.

System specific security policy

D.

Issue-specific security policy

Buy Now
Questions 89

To secure his company’s network, Tim the network admin, installed a security device that inspected

all inbound and outbound network traffic for suspicious patterns. The device was configured to alert him

if it found any such suspicious activity. Identify the type of network security device installed by Tim?

Options:

A.

Firewall

B.

Honeypot

C.

Proxy server

D.

Intrusion Detection System (IDS)

Buy Now
Questions 90

James is a network administrator working at a student loan company in Minnesota. This company processes over 20,000 student loans a year from colleges all over the state. Most communication between the company

schools, and lenders is carried out through emails. Much of the email communication used at his company contains sensitive information such as social security numbers. For this reason, James wants to utilize email

encryption. Since a server-based PKI is not an option for him, he is looking for a low/no cost solution to encrypt emails. What should James use?

Options:

A.

James could use PGP as a free option for encrypting the company's emails.

B.

James should utilize the free OTP software package.

C.

James can use MD5 algorithm to encrypt all the emails

D.

James can enforce mandatory HTTPS in the email clients to encrypt emails

Buy Now
Questions 91

Which type of modulation technique is used in local area wireless networks (LAWNs)?

Options:

A.

FHSS

B.

OFDM

C.

DSSS

D.

MIMO-OFDM

Buy Now
Questions 92

Will is working as a Network Administrator. Management wants to maintain a backup of all the company data as soon as it starts operations. They decided to use a RAID backup storage technology for their data backup

plan. To implement the RAID data backup storage, Will sets up a pair of RAID disks so that all the data written to one disk is copied automatically to the other disk as well. This maintains an additional copy of the data.

Which RAID level is used here?

Options:

A.

RAID 3

B.

RAID 1

C.

RAID 5

D.

RAID 0

Buy Now
Questions 93

Damian is the chief security officer of Enigma Electronics. To block intruders and prevent any environmental accidents, he needs to set a two-factor authenticated keypad lock at the entrance, rig a fire

suppression system, and link any video cameras at various corridors to view the feeds in the surveillance room. What layer of network defense-in-depth strategy is he trying to follow?

Options:

A.

Physical

B.

Perimeter

C.

Policies and procedures

D.

Host

Buy Now
Questions 94

Heather has been tasked with setting up and implementing VPN tunnels to remote offices. She will most likely be implementing IPsec VPN tunnels to connect the offices. At what layer of the OSI model does an IPsec

tunnel function on?

Options:

A.

They work on the session layer.

B.

They function on either the application or the physical layer.

C.

They function on the data link layer

D.

They work on the network layer

Buy Now
Questions 95

Which encryption algorithm h used by WPA5 encryption?

Options:

A.

RC4.TKIP

B.

RC4

C.

AES-GCMP 256

D.

AES-CCMP

Buy Now
Questions 96

A network is setup using an IP address range of 0.0.0.0 to 127.255.255.255. The network has a default subnet mask of 255.0.0.0. What IP address class is the network range a part of?

Options:

A.

Class C

B.

Class A

C.

Class B

D.

Class D

Buy Now
Questions 97

Which of the following refers to a potential occurrence of an undesired event that can eventually damage and interrupt the operational and functional activities of an organization?

Options:

A.

Attack

B.

Risk

C.

Threat

D.

Vulnerability

Buy Now
Questions 98

Which of the following is true regarding any attack surface?

Options:

A.

Decrease in vulnerabilities decreases the attack surface

B.

Increase in vulnerabilities decreases the attack surface

C.

Decrease in risk exposures increases the attack surface

D.

Decrease in vulnerabilities increases the attack surface

Buy Now
Questions 99

Harry has successfully completed the vulnerability scanning process and found serious vulnerabilities exist in the organization's network. Identify the vulnerability management phases through which he will proceed to

ensure all the detected vulnerabilities are addressed and eradicated. (Select all that apply)

Options:

A.

Mitigation

B.

Assessment

C.

Verification

D.

Remediation

Buy Now
Questions 100

Steven's company has recently grown from 5 employees to over 50. Every workstation has a public IP address and navigated to the Internet with little to no protection. Steven wants to use a firewall. He also wants IP

addresses to be private addresses, to prevent public Internet devices direct access to them. What should Steven implement on the firewall to ensure this happens?

Options:

A.

Steven should use a Demilitarized Zone (DMZ)

B.

Steven should use Open Shortest Path First (OSPF)

C.

Steven should use IPsec

D.

Steven should enabled Network Address Translation(NAT)

Buy Now
Questions 101

Which of the following indicators refers to potential risk exposures that attackers can use to breach the security of an organization?

Options:

A.

Indicators of attack

B.

Key risk indicators

C.

Indicators of exposure

D.

Indicators of compromise

Buy Now
Questions 102

Michelle is a network security administrator working in an MNC company. She wants to set a

resource limit for CPU in a container. Which command-line allows Michelle to limit a container to 2

CPUs?

Options:

A.

--cpu=“2”

B.

$cpu=“2”

C.

--cpus=“2”

D.

$cpus=“2”

Buy Now
Questions 103

Assume that you are working as a network defender at the head office of a bank. One day a bank employee informed you that she is unable to log in to her system. At the same time, you get a call from another network administrator informing you that there is a problem connecting to the main server. How will you prioritize these two incidents?

Options:

A.

Based on the type of response needed for the incident

B.

Based on a potential technical effect of the incident

C.

Based on a first come first served basis

D.

Based on approval from management

Buy Now
Questions 104

What is composite signature-based analysis?

Options:

A.

Multiple packet analysis is required to detect attack signatures

B.

Attack signatures are contained in packet headers

C.

Attack signatures are contained in packet payloads

D.

Single Packet analysis is enough to identify attack signatures

Buy Now
Questions 105

Phishing-like attempts that present users a fake usage bill of the cloud provider is an example of a:

Options:

A.

Cloud to service attack surface

B.

User to service attack surface

C.

User to cloud attack surface

D.

Cloud to user attack surface

Buy Now
Questions 106

What is the name of the authority that verifies the certificate authority in digital certificates?

Options:

A.

Directory management system

B.

Certificate authority

C.

Registration authority

D.

Certificate Management system

Buy Now
Questions 107

Henry needs to design a backup strategy for the organization with no service level downtime. Which backup method will he select?

Options:

A.

Normal backup

B.

Warm backup

C.

Hot backup

D.

Cold backup

Buy Now
Questions 108

Which firewall can a network administrator use for better bandwidth management, deep packet inspection, and Hateful inspection?

Options:

A.

Circuit-level gateway firewall

B.

Next generation firewall

C.

Network address translation

D.

Stateful muIti-layer inspection firewall

Buy Now
Exam Code: 312-38
Exam Name: Certified Network Defender (CND)
Last Update: Dec 25, 2024
Questions: 362
312-38 pdf

312-38 PDF

$25.5  $84.99
312-38 Engine

312-38 Testing Engine

$30  $99.99
312-38 PDF + Engine

312-38 PDF + Testing Engine

$40.5  $134.99