• Home
  • Blogs
  • 2021 312-38 Premium Files Test pdf - Free Dumps Collection [Q29-Q44]

2021 312-38 Premium Files Test pdf - Free Dumps Collection [Q29-Q44]

Share

2021 312-38 Premium Files Test pdf - Free Dumps Collection

 Get ready to pass the 312-38 Exam right now using our Certified Ethical Hacker  Exam Package

NEW QUESTION 29
Which of the following is a type of scam that entices a user to disclose personal information?

  • A. Smurfing
  • B. Phishing
  • C. Sniffing
  • D. Spamming

Answer: B

 

NEW QUESTION 30
John visits an online shop that stores the IDs and prices of the items to buy in a cookie. After selecting the items that he wants to buy, the attacker changes the price of the item to 1.
Original cookie values: ItemID1=2 ItemPrice1=900 ItemID2=1 ItemPrice2=200 Modified cookie values: ItemID1=2 ItemPrice1=1 ItemID2=1 ItemPrice2=1 Now, he clicks the Buy button, and the prices are sent to the server that calculates the total price.
Which of the following hacking techniques is John performing?

  • A. Cross site scripting
  • B. Computer-based social engineering
  • C. Man-in-the-middle attack
  • D. Cookie poisoning

Answer: D

Explanation:
John is performing cookie poisoning. In cookie poisoning, an attacker modifies the value of cookies before sending them back to the server. On modifying the cookie values, an attacker can log in to any other user account and can perform identity theft. The following figure explains how cookie poisoning occurs: For example: The attacker visits an online shop that stores the IDs and prices of the items to buy in a cookie. After selecting the items that he wants to buy, the attacker changes the price of the item to 1. Original cookie values: ItemID1= 2 ItemPrice1=900 ItemID2=1 ItemPrice2=200 Modified cookie values: ItemID1= 2 ItemPrice1=1 ItemID2=1 ItemPrice2=1 Now, the attacker clicks the Buy button and the prices are sent to the server that calculates the total price. Another use of a Cookie Poisoning attack is to pretend to be another user after changing the username in the cookie values: Original cookie values: LoggedIn= True Username = Mark Modified cookie values: LoggedIn= True Username = Admin Now, after modifying the cookie values, the attacker can do the admin login. Answer option D is incorrect. A cross site scripting attack is one in which an attacker enters malicious data into a Website. For example, the attacker posts a message that contains malicious code to any newsgroup site. When another user views this message, the browser interprets this code and executes it and, as a result, the attacker is able to take control of the user's system. Cross site scripting attacks require the execution of client-side languages such as JavaScript, Java, VBScript, ActiveX, Flash, etc. within a user's Web environment. With the help of a cross site scripting attack, the attacker can perform cookie stealing, sessions hijacking, etc.

 

NEW QUESTION 31
Which of the following is a distributed application architecture that partitions tasks or workloads between service providers and service requesters? Each correct answer represents a complete solution. Choose all that apply.

  • A. Peer-to-peer networking
  • B. Client-server networking
  • C. Client-server computing
  • D. Peer-to-peer (P2P) computing

Answer: B,C

Explanation:
Explanation/Reference:
Explanation:
Client-server networking is also known as client-server computing. It is a distributed application architecture that partitions tasks or workloads between service providers (servers) and service requesters, called clients.
Often clients and servers operate over a computer network on separate hardware. A server machine is a high- performance host that is running one or more server programs which share its resources with clients. A client does not share any of its resources, but requests a server's content or service function. Clients therefore initiate communication sessions with servers which await (listen to) incoming requests.
Answer options D and B are incorrect. Peer-to-peer (P2P) computing or networking is a distributed application architecture that partitions tasks or workloads between peers. Peers are equally privileged, equipotent participants in the application. They are said to form a peer-to-peer network of nodes. Peer-to-peer networking (also known simply as peer networking) differs from client-server networking, where certain devices have the responsibility to provide or "serve" data, and other devices consume or otherwise act as "clients" of those servers.

 

NEW QUESTION 32
Identify the network topology where each computer acts as a repeater and the data passes from one computer to the other in a single direction until it reaches the destination.

  • A. Ring
  • B. Bus
  • C. Mesh
  • D. Star

Answer: A

 

NEW QUESTION 33
Which of the following protocols is used to exchange encrypted EDI messages via email?

  • A. S/MIME
  • B. HTTPS
  • C. MIME
  • D. HTTP

Answer: A

 

NEW QUESTION 34
Which of the following is a tool that runs on the Windows OS and analyzes iptables log messages to detect port scans and other suspicious traffic?

  • A. NetRanger
  • B. Nmap
  • C. Hping
  • D. PSAD

Answer: D

Explanation:
PSAD is a tool that runs on the Windows OS and analyzes iptables log messages to detect port scans and other suspicious traffic. It includes many signatures from the IDS to detect probes for various backdoor programs such as EvilFTP, GirlFriend, SubSeven, DDoS tools (mstream, shaft), and advanced port scans (FIN, NULL, XMAS). If it is combined with fwsnort and the Netfilter string match extension, it detects most of the attacks described in the Snort rule set that involve application layer data.
Answer option C is incorrect. NetRanger is the complete network configuration and information toolkit that includes the following tools: Ping tool, Trace Route tool, Host Lookup tool, Internet time synchronizer, Whois tool, Finger Unix hosts tool, Host and port scanning tool, check multiple POP3 mail accounts tool, manage dialup connections tool, Quote of the day tool, and monitor Network Settings tool. These tools are integrated in order to use an application interface with full online help. NetRanger is designed for both new and experienced users. This tool is used to help diagnose network problems and to get information about users, hosts, and networks on the Internet or on a user computer network. NetRanger uses multi-threaded and multi-connection technologies in order to be very fast and efficient.
Answer option D is incorrect. Nmap is a free open-source utility for network exploration and security auditing. It is used to discover computers and services on a computer network, thus creating a "map" of the network. Just like many simple port scanners, Nmap is capable of discovering passive services. In addition, Nmap may be able to determine various details about the remote computers. These include operating system, device type, uptime, software product used to run a service, exact version number of that product, presence of some firewall techniques and, on a local area network, even vendor of the remote network card. Nmap runs on Linux, Microsoft Windows, etc.

 

NEW QUESTION 35
Which of the following is a standard-based protocol that provides the highest level of VPN security?

  • A. IP
  • B. IPSec
  • C. L2TP
  • D. PPP

Answer: B

Explanation:
Internet Protocol Security (IPSec) is a standard-based protocol that provides the highest level of VPN security.
IPSec can encrypt virtually everything above the networking layer. It is used for VPN connections that use the L2TP protocol. It secures both data and password.
IPSec cannot be used with Point-to-Point Tunneling Protocol (PPTP).
Answer option B is incorrect. The Internet Protocol (IP) is a protocol used for communicating data across a packet-switched inter-network using the Internet Protocol Suite, also referred to as TCP/IP.
IP is the primary protocol in the Internet Layer of the Internet Protocol Suite and has the task of delivering distinguished protocol datagrams (packets) from the source host to the destination host solely based on their addresses. For this purpose, the Internet Protocol defines addressing methods and structures for datagram encapsulation. The first major version of addressing structure, now referred to as Internet Protocol Version 4 (IPv4), is still the dominant protocol of the Internet, although the successor, Internet Protocol Version 6 (IPv6), is being deployed actively worldwide.
Answer option C is incorrect. Point-to-Point Protocol (PPP) is a remote access protocol commonly used to connect to the Internet. It supports compression and encryption and can be used to connect to a variety of networks. It can connect to a network running on the IPX, TCP/IP, or NetBEUI protocol. It supports multi- protocol and dynamic IP assignments. It is the default protocol for the Microsoft Dial-Up adapter.
Answer option D is incorrect. Layer 2 Tunneling Protocol (L2TP) is a more secure version of Point-to-Point Tunneling Protocol (PPTP). It provides tunneling, address assignment, and authentication. It allows the transfer of Point-to-Point Protocol (PPP) traffic between different networks. L2TP combines with IPSec to provide tunneling and security for Internet Protocol (IP), Internetwork Packet Exchange (IPX), and other protocol packets across IP networks.

 

NEW QUESTION 36
Which of the following standards is an amendment to the original IEEE 802.11 and specifies security
mechanisms for wireless networks?

  • A. 802.11b
  • B. 802.11i
  • C. 802.11e
  • D. 802.11a

Answer: B

Explanation:
Explanation
Explanation:
802.11i is an amendment to the original IEEE 802.11. This standard specifies security mechanisms for
wireless networks. It replaced the short Authentication and privacy clause of the original standard with a
detailed Security clause. In the process, it deprecated the broken WEP. 802.11i supersedes the previous
security specification, Wired Equivalent Privacy (WEP), which was shown to have severe security weaknesses.
Wi-Fi Protected Access (WPA) had previously been introduced by the Wi-Fi Alliance as an intermediate
solution to WEP insecurities. The Wi-Fi Alliance refers to their approved, interoperable implementation of the
full 802.11i as WPA2, also called RSN (Robust Security Network). 802.11i makes use of the Advanced
Encryption Standard (AES) block cipher, whereas WEP and WPA use the RC4 stream cipher.
Answer option D is incorrect. 802.11a is an amendment to the IEEE 802.11 specification that added a higher
data rate of up to 54 Mbit/s using the 5 GHz band. It has seen widespread worldwide implementation,
particularly within the corporate workspace. Using the 5 GHz band gives 802.11a a significant advantage, since
the 2.4 GHz band is heavily used to the point of being crowded. Degradation caused by such conflicts can
cause frequent dropped connections and degradation of service.
Answer option A is incorrect. 802.11b is an amendment to the IEEE 802.11 specification that extended
throughput up to 11 Mbit/s using the same 2.4 GHz band. This specification under the marketing name of Wi-Fi
has been implemented all over the world. 802.11b is used in a point-to-multipoint configuration, wherein an
access point communicates via an omni-directional antenna with one or more nomadic or mobile clients that
are located in a coverage area around the access point.
Answer option B is incorrect. The 802.11e standard is a proposed enhancement to the 802.11a and 802.11b
wireless LAN (WLAN) specifications. It offers quality of service (QoS) features, including the prioritization of
data, voice, and video transmissions. 802.11e enhances the 802.11 Media Access Control layer (MAC layer)
with a coordinated time division multiple access (TDMA) construct, and adds error-correcting mechanisms for
delay-sensitive applications such as voice and video.

 

NEW QUESTION 37
Which of the following firewalls are used to track the state of active connections and determine the network
packets allowed to enter through the firewall? Each correct answer represents a complete solution. Choose all
that apply.

  • A. Circuit-level gateway
  • B. Dynamic packet-filtering
  • C. Stateful
  • D. Proxy server

Answer: B,C

Explanation:
A dynamic packet-filtering firewall is a fourth generation firewall technology. It is also known as a stateful
firewall. It tracks the state of active connections and determines which network packets are allowed to enter
through the firewall. It records session information, such as IP addresses and port numbers to implement a
more secure network. The dynamic packet-filtering firewall operates at Layer3, Layer4, and Layer5.
Answer option A is incorrect. A circuit-level gateway is a type of firewall that works at the session layer of the
OSI model between the application layer and the transport layer of the TCP/IP stack. They monitor TCP
handshaking between packets to determine whether a requested session is legitimate. Information passed to a
remote computer through a circuit level gateway appears to have originated from the gateway. This is useful
for hiding information about protected networks. Circuit-level gateways are relatively inexpensive and have the
advantage of hiding information about the private network they protect.
Answer option C is incorrect. A proxy server firewall intercepts all messages entering and leaving the network.
The proxy server effectively hides the true network addresses.

 

NEW QUESTION 38
The network administrator wants to strengthen physical security in the organization. Specifically, to implement a solution stopping people from entering certain restricted zones without proper credentials. Which of following physical security measures should the administrator use?

  • A. Fence
  • B. Bollards
  • C. Video surveillance
  • D. Mantrap

Answer: D

 

NEW QUESTION 39
Which of the following fields in the IPv6 header replaces the TTL field in the IPv4 header?

  • A. Traffic class
  • B. Hop limit
  • C. Next header
  • D. Version

Answer: B

Explanation:
Explanation/Reference:

 

NEW QUESTION 40
You work as a Network Security Analyzer. You got a suspicious email while working on a forensic project. Now, you want to know the IP address of the sender so that you can analyze various information such as the actual location, domain information, operating system being used, contact information, etc. of the email sender with the help of various tools and resources. You also want to check whether this email is fake or real. You know that analysis of email headers is a good starting point in such cases. The email header of the suspicious email is given below:

What is the IP address of the sender of this email?

  • A. 172.16.10.90
  • B. 209.191.91.180
  • C. 141.1.1.1
  • D. 216.168.54.25

Answer: D

Explanation:
The IP address of the sender of this email is 216.168.54.25. According to the scenario, you want to know the IP address of the sender so that you can analyze various information such as the actual location, domain information, operating system being used, contact information, etc. of the email sender with the help of various tools and resources. You also want to check whether this email is fake or real. You know that analysis of email headers is a good starting point in such cases. Once you start to analyze the email header, you get an entry entitled as X-Originating-IP. You know that in Yahoo, the X-Originating-IP is the IP address of the email sender and in this case, the required IP address is 216.168.54.25. Answer options A, C, and B are incorrect. All these are the IP addresses of the Yahoo and Wetpaint servers.

 

NEW QUESTION 41
Which of the following IEEE standards defines a physical bus topology?

  • A. 802.5
  • B. 802.6
  • C. 802.3
  • D. 802.4

Answer: D

 

NEW QUESTION 42
Which of the following statements are NOT true about the FAT16 file system? Each correct answer represents
a complete solution. Choose all that apply.

  • A. It supports file-level compression.
  • B. It works well with large disks because the cluster size increases as the disk partition size increases.
  • C. It supports the Linux operating system.
  • D. It does not support file-level security.

Answer: A,B

Explanation:
The FAT16 file system was developed for disks larger than 16MB. It uses 16-bit allocation table entries. The
FAT16 file system supports all Microsoft operating systems. It also supports OS/2 and Linux.
Answer options C and A are incorrect. All these statements are true about the FAT16 file system.

 

NEW QUESTION 43
Which of the following is an exterior gateway protocol that communicates using a Transmission Control Protocol (TCP) and sends the updated router table information?

  • A. BGP
  • B. IGMP
  • C. OSPF
  • D. IRDP

Answer: A

Explanation:
Border Gateway Protocol (BGP) is an exterior gateway protocol. It communicates using a Transmission Control Protocol (TCP) and sends the updated router table information. The best path is chosen on the basis of cost metric associated with the route. It is used between gateway hosts in a network. Answer option C is incorrect. Open Shortest Path First (OSPF) is a routing protocol that is used in large networks. Internet Engineering Task Force (IETF) designates OSPF as one of the Interior Gateway Protocols. A host uses OSPF to obtain a change in the routing table and to immediately multicast updated information to all the other hosts in the network. Answer option A is incorrect. IGMP stands for Internet Group Management Protocol. IGMP is a communication protocol that is used to manage the membership of Internet protocol multicast groups. It is an integral part of the IP multicast specification. Although it does not actually act as a transport protocol, it operates above the network layer. It is analogous to ICMP for unicast connections. It is susceptible to some attacks, so firewalls commonly allow the user to disable it if not needed. Answer option B is incorrect. ICMP Router Discovery Protocol (IRDP) uses Internet Control Message Protocol (ICMP) router advertisements and router solicitation messages to allow a host to discover the addresses of operational routers on the subnet.It basically consists of 2 message types used for discovering local routers. The message type 9 is sent periodically or on request (using a message of type 10) to the local subnet from the local routers to propagate themselves. On boot, the client may send an ICMP message of type 10 to ask for local routers. When a client receives a message type 9, they add the router to their local routing-table.

 

NEW QUESTION 44
......

Master 2021 Latest The Questions Certified Ethical Hacker and Pass 312-38  Real Exam!: https://www.pass4surequiz.com/312-38-exam-quiz.html

A fully updated 2021 312-38 Exam Dumps exam guide from training expert Pass4SureQuiz: https://drive.google.com/open?id=1rGbcO3hb2ow5aaP5VFYSg_y12Jw-0FOo

Related Blogs

more
EC-COUNCIL 312-38 Certification Practice Exam

Copyright © 2026 PASS4SUREQUIZ.COM. All rights reserved. All trademarks are the property of their respective owners and we don't provide actual questions from any vendor.