Certified Network Defender (CND)
Last Update Mar 28, 2024
Total Questions : 230
We are offering FREE 312-38 ECCouncil exam questions. All you do is to just go and sign up. Give your details, prepare 312-38 free exam questions and then go for complete pool of Certified Network Defender (CND) test questions that will help you more.
David is working in a mid-sized IT company. Management asks him to suggest a framework that can be used effectively to align the IT goals to the business goals of the company. David suggests the______framework,
as it provides a set of controls over IT and consolidates them to form a framework.
Which of the Windows security component is responsible for controlling access of a user to Windows resources?
Which of the following is a database encryption feature that secures sensitive data by encrypting it in client applications without revealing the encrypted keys to the data engine in MS SQL Server?
Which category of suspicious traffic signatures includes SYN flood attempts?
James was inspecting ARP packets in his organization's network traffic with the help of Wireshark. He is checking the volume of traffic containing ARP requests as well as the source IP address from which they are
originating. Which type of attack is James analyzing?
Management asked their network administrator to suggest an appropriate backup medium for their backup plan that best suits their organization's need. Which of the following factors will the administrator consider when
deciding on the appropriate backup medium?
Tom works as a network administrator in a multinational organization having branches across North America and Europe. Tom wants to implement a storage technology that can provide centralized data storage and
provide free data backup on the server. He should be able to perform data backup and recovery more efficiently with the selected technology. Which of the following storage technologies best suits Tom's requirements?
Blake is working on the company's updated disaster and business continuity plan. The last section of the plan covers computer and data incidence response. Blake is outlining the level of severity for each type of
incident in the plan. Unsuccessful scans and probes are at what severity level?
Which of the following helps in viewing account activity and events for supported services made by AWS?
Which firewall technology provides the best of both packet filtering and application-based filtering and is used in Cisco Adaptive Security Appliances?
Which among the following tools can help in identifying IoEs to evaluate human attack surface?
The company has implemented a backup plan. James is working as a network administrator for the company and is taking full backups of the data every time a backup is initiated. Alex who is a senior security manager
talks to him about using a differential backup instead and asks him to implement this once a full backup of the data is completed. What is/are the reason(s) Alex is suggesting that James use a differential backup?
(Select all that apply)
Rick has implemented several firewalls and IDS systems across his enterprise network. What should he do to effectively correlate all incidents that pass through these security controls?
If there is a fire incident caused by an electrical appliance short-circuit, which fire suppressant should be used to control it?
You are an IT security consultant working on a contract for a large manufacturing company to audit their entire network. After performing all the tests and building your report, you present a number of recommendations
to the company and what they should implement to become more secure. One recommendation is to install a network-based device that notifies IT employees whenever malicious or questionable traffic is found. From
your talks with the company, you know that they do not want a device that actually drops traffic completely, they only want notification. What type of device are you suggesting?
Harry has sued the company claiming they made his personal information public on a social networking site in the United States. The company denies the allegations and consulted a/an _______ for legal
advice to defend them against this allegation.
Identify the spread spectrum technique that multiplies the original data signal with a pseudo random noise spreading code.
Bryson is the IT manager and sole IT employee working for a federal agency in California. The agency was just given a grant and was able to hire on 30 more employees for a new extended project. Because of this,
Bryson has hired on two more IT employees to train up and work. Both of his new hires are straight out of college and do not have any practical IT experience. Bryson has spent the last two weeks teaching the new
employees the basics of computers, networking, troubleshooting techniques etc. To see how these two new hires are doing, he asks them at what layer of the OSI model do Network Interface Cards (NIC) work on. What
should the new employees answer?
Who is responsible for executing the policies and plans required for supporting the information technology and computer systems of an organization?
Daniel is monitoring network traffic with the help of a network monitoring tool to detect any abnormalities. What type of network security approach is Daniel adopting?
Which BC/DR activity includes action taken toward resuming all services that are dependent on business-critical applications?
A local bank wants to protect their card holder data. The bank should comply with the________standard to ensure the security of card holder data.
Which type of firewall consists of three interfaces and allows further subdivision of the systems based on specific security objectives of the organization?
Which of the following helps prevent executing untrusted or untested programs or code from untrusted or unverified third-parties?
Which of the following indicators refers to potential risk exposures that attackers can use to breach the security of an organization?
If Myron, head of network defense at Cyberdyne, wants to change the default password policy settings on the company’s Linux systems, which directory should he access?
James is a network administrator working at a student loan company in Minnesota. This company processes over 20,000 student loans a year from colleges all over the state. Most communication between the company
schools, and lenders is carried out through emails. Much of the email communication used at his company contains sensitive information such as social security numbers. For this reason, James wants to utilize email
encryption. Since a server-based PKI is not an option for him, he is looking for a low/no cost solution to encrypt emails. What should James use?
Harry has sued the company claiming they made his personal information public on a social networking site in the United States. The company denies the allegations and consulted a/an ______for legal advice to defend
them against this allegation.
Which of the following network monitoring techniques requires extra monitoring software or hardware?
James wants to implement certain control measures to prevent denial-of-service attacks against the organization. Which of the following control measures can help James?
Identify the type of event that is recorded when an application driver loads successfully in Windows.
A local bank wants to protect their cardholder data. Which standard should the bark comply with in order to ensure security of this data?
Management wants to bring their organization into compliance with the ISO standard for information security risk management. Which ISO standard will management decide to implement?
Henry needs to design a backup strategy for the organization with no service level downtime. Which backup method will he select?
Richard has been working as a Linux system administrator at an MNC. He wants to maintain a productive and secure environment by improving the performance of the systems through Linux patch management. Richard is using Ubuntu and wants to patch the Linux systems manually. Which among the following command installs updates (new ones) for Debun based Linux OSes?
In ______ method, event logs are arranged in the form of a circular buffer.
Kyle, a front office executive, suspects that a Trojan has infected his computer. What should be his first course of action to deal with the incident?
John has implemented________in the network to restrict the limit of public IP addresses in his organization and to enhance the firewall filtering technique.
Which of the following technologies can be used to leverage zero-trust model security?
Which of the following data security technology can ensure information protection by obscuring specific areas of information?
Which of the information below can be gained through network sniffing? (Select all that apply)
John is working as a network defender at a well-reputed multinational company. He wanted to implement security that can help him identify any future attacks that can be targeted toward his organization and
take appropriate security measures and actions beforehand to defend against them. Which one of the following security defense techniques should be implement?
Implementing access control mechanisms, such as a firewall, to protect the network is an example of which of the following network defense approach?
Paul is a network security technician working on a contract for a laptop manufacturing company in Chicago. He has focused primarily on securing network devices, firewalls, and traffic traversing in and out of the
network. He just finished setting up a server a gateway between the internal private network and the outside public network. This server will act as a proxy, limited amount of services, and will filter packets. What is this
type of server called?
Frank installed Wireshark at all ingress points in the network. Looking at the logs he notices an odd packet source. The odd source has an address of 1080:0:FF:0:8:800:200C:4171 and is using port 21. What does this
source address signify?
John, the network administrator and he wants to enable the NetFlow feature in Cisco routers to collect and monitor the IP network traffic passing through the router. Which command will John use to enable NetFlow on
an interface?
An administrator wants to monitor and inspect large amounts of traffic and detect unauthorized attempts from inside the organization, with the help of an IDS. They are not able to
recognize the exact location to deploy the IDS sensor. Can you help him spot the location where the IDS sensor should be placed?
What defines the maximum time period an organization is willing to lose data during a major IT outage event?
Which of the following can be used to disallow a system/user from accessing all applications except a specific folder on a system?
Daniel is giving training on designing and implementing a security policy in the organization. He is explaining the hierarchy of the security policy which demonstrates how policies are drafted, designed and implemented.
What is the correct hierarchy for a security policy implementation?
The network admin decides to assign a class B IP address to a host in the network. Identify which of the following addresses fall within a class B IP address range.
The IR team and the network administrator have successfully handled a malware incident on the network. The team is now preparing countermeasure guideline to avoid a future occurrence of the malware incident.
Which of the following countermeasure(s) should be added to deal with future malware incidents? (Select all that apply)
What enables an organization to analyze, identify, and rectify hazards and prevent future recurrence in business continuity management?
Consider a scenario consisting of a tree network. The root Node N is connected to two man nodes N1 and N2. N1 is connected to N11 and N12. N2 is connected to N21 and N22. What will happen if any one of the main
nodes fail?
Alex is administrating the firewall in the organization's network. What command will he use to check the ports applications open?
------------is a group of broadband wireless communications standards for Metropolitan Area Networks (MANs)
Sophie has been working as a Windows network administrator at an MNC over the past 7 years. She wants to check whether SMB1 is enabled or disabled. Which of the following command allows Sophie
to do so?
Steven is a Linux system administrator at an IT company. He wants to disable unnecessary services in the system, which can be exploited by the attackers. Which among the following is the correct syntax for
disabling a service?
Elden is working as a network administrator at an IT company. His organization opted for a virtualization technique in which the guest OS is aware of the virtual environment in which it is running and
communicates with the host machines for requesting resources. Identify the virtualization technique implemented by Elden’s organization.