EC-Council Certified Network Defender CND (312-38) Free Practice Test

Question 1

The _________ mechanism works on the basis of a client-server model.

A. Host-based

B. Pull-based

C. Push-based

D. Network-based

Correct Answer: B

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Question 2

Daniel is giving training on designing and implementing a security policy in the organization. He is explaining the hierarchy of the security policy which demonstrates how policies are drafted, designed and implemented.
What is the correct hierarchy for a security policy implementation?

A. Regulations, Policies, Laws, Standards and Procedures

B. Procedures, Policies, Laws, Standards and Regulations

C. Laws, Regulations, Policies, Standards and Procedures

D. Laws, Policies, Regulations, Procedures and Standards

Correct Answer: C

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Question 3

Which of the following security models enable strict identity verification for every user or device attempting to access the network resources?
1. Zero-trust network model
2. Castle-and-Moat model

A. 1 only

B. 2 only

C. Both 1 and 2

D. None

Correct Answer: A

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Question 4

Which of the following helps in viewing account activity and events for supported services made by AWS?

A. AWS Certificate Manager

B. AWS CloudTrial

C. AWS CloudHSM

D. AWS CloudFormation

Correct Answer: B

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Question 5

Which firewall technology provides the best of both packet filtering and application-based filtering and is used in Cisco Adaptive Security Appliances?

A. Stateful multilayer inspection

B. VPN

C. Application-level gateway

D. Network address translation

Correct Answer: A

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Question 6

Kyle, a front office executive, suspects that a Trojan has infected his computer. What should be his first course of action to deal with the incident?

A. Disconnect the five infected devices from the network

B. Inform everybody in the organization about the attack

C. Inform the IRT about the incident and wait for their response

D. Contain the damage

Correct Answer: D

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Question 7

Sam, a network administrator is using Wireshark to monitor the network traffic of the organization.
He wants to detect TCP packets with no flag set to check for a specific attack attempt. Which filter will he use to view the traffic?

A. Tcp.flags==000x0

B. Tcp.flags==x0000

C. Tcp.flags==0000x

D. Tcp.flags==0x000

Correct Answer: D

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Question 8

Which type of information security policy addresses the implementation and configuration of technology and user behavior?

A. System-specific security policy

B. Issue-specific security policy

C. Enterprise information security policy

D. Acceptable use policy

Correct Answer: A

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Question 9

Who is an IR custodian?

A. An individual who receives the initial IR alerts and leads the IR team in all the IR activities

B. An individual who makes a decision on the classifications and the severity of the incident identified

C. An individual responsible for conveying company details after an incident

D. An individual responsible for the remediation and resolution of the incident that occurred

Correct Answer: B

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Welcome to TestSimulate

EC-COUNCIL EC-Council Certified Network Defender CND (312-38) Free Practice Test