312-38 Exam - EC-Council Network Security Administrator (ENSA)

NEW QUESTION 1
Fred is a network technician working for Johnson Services, a temporary employment agency in Boston. Johnson Services has three remote offices in New England and the headquarters in Boston where Fred works.
The company relies on a number of customized applications to perform daily tasks and unfortunately these applications require users to be local administrators. Because of this, Fred's supervisor wants to implement
tighter security measures in other areas to compensate for the inherent risks in making those users local admins. Fred's boss wants a solution that will be placed on all computers throughout the company and
monitored by Fred. This solution will gather information on all network traffic to and from the local computers without actually affecting the traffic. What type of solution does Fred's boss want to implement?

• A. Fred's boss wants a NIDS implementation.
• B. Fred's boss wants Fred to monitor a NIPS system.
• C. Fred's boss wants to implement a HIPS solution.
• D. Fred's boss wants to implement a HIDS solution.

Answer: D

NEW QUESTION 2
Simon had all his systems administrators implement hardware and software firewalls to ensure network security. They implemented IDS/IPS systems throughout the network to check for and stop any unauthorized traffic that may attempt to enter. Although Simon and his administrators believed they were secure, a hacker group was able to get into the network and modify files hosted on the company's website. After searching through the firewall and server logs, no one could find how the attackers were able to get in. He decides that the entire network needs to be monitored for critical and essential file changes. This monitoring tool alerts administrators when a critical file is altered. What tool could Simon and his administrators implement to accomplish this?

• A. Snort is the best tool for their situation
• B. They can implement Wireshark
• C. They could use Tripwire
• D. They need to use Nessus

Answer: C

NEW QUESTION 3
An US-based organization decided to implement a RAID storage technology for their data backup plan. John wants to setup a RAID level that require a minimum of six drives but will meet high fault tolerance and with a high speed for the data read and write operations. What RAID level is John considering to meet this requirement?

• A. RAID level 1
• B. RAID level 10
• C. RAID level 5
• D. RAID level 50

Answer: D

NEW QUESTION 4
Which of the following network monitoring techniques requires extra monitoring software or hardware?

• A. Non-router based
• B. Switch based
• C. Hub based
• D. Router based

Answer: A

NEW QUESTION 5
If a network is at risk from unskilled individuals, what type of threat is this?

• A. External Threats
• B. Structured Threats
• C. Unstructured Threats
• D. Internal Threats

Answer: C

NEW QUESTION 6
John has successfully remediated the vulnerability of an internal application that could have caused a threat to the network. He is scanning the application for the existence of a remediated vulnerability, this process is called a _______ and it has to adhere to the ________

• A. Verification, Security Policies
• B. Mitigation, Security policies
• C. Vulnerability scanning, Risk Analysis
• D. Risk analysis, Risk matrix

Answer: A

NEW QUESTION 7
Management asked Adam to implement a system allowing employees to use the same credentials to access multiple applications. Adam should implement the--------------------------authentication technique to satisfy the
management request.

• A. Two-factor Authentication
• B. Smart Card Authentication
• C. Single-sign-on
• D. Biometric

Answer: C

NEW QUESTION 8
Ross manages 30 employees and only 25 computers in the organization. The network the company uses is a peer-to-peer. Ross configures access control measures allowing the employees to set their own control measures for their files and folders. Which access control did Ross implement?

• A. Discretionary access control
• B. Mandatory access control
• C. Non-discretionary access control
• D. Role-based access control

Answer: A

NEW QUESTION 9
Heather has been tasked with setting up and implementing VPN tunnels to remote offices. She will most likely be implementing IPsec VPN tunnels to connect the offices. At what layer of the OSI model does an IPsec tunnel function on?

• A. They work on the session layer.
• B. They function on either the application or the physical layer.
• C. They function on the data link layer
• D. They work on the network layer

Answer: D

NEW QUESTION 10
Stephanie is currently setting up email security so all company data is secured when passed through email. Stephanie first sets up encryption to make sure that a specific user's email is protected. Next, she needs to ensure that the incoming and the outgoing mail has not been modified or altered using digital signatures. What is Stephanie working on?

• A. Usability
• B. Data Integrity
• C. Availability
• D. Confidentiality

Answer: B

NEW QUESTION 11
Paul is a network security technician working on a contract for a laptop manufacturing company in Chicago. He has focused primarily on securing network devices, firewalls, and traffic traversing in and out of the network. He just finished setting up a server a gateway between the internal private network and the outside public network. This server will act as a proxy, limited amount of services, and will filter packets. What is this type of server called?

• A. Bastion host
• B. Edge transport server
• C. SOCKS hsot
• D. Session layer firewall

Answer: A

NEW QUESTION 12
Malone is finishing up his incident handling plan for IT before giving it to his boss for review. He is outlining the incident response methodology and the steps that are involved. What is the last step he should list?

• A. Containment
• B. Assign eradication
• C. A follow-up
• D. Recovery

Answer: C

NEW QUESTION 13
John wants to implement a firewall service that works at the session layer of the OSI model. The firewall must also have the ability to hide the private network information. Which type of firewall service is John thinking of implementing?

• A. Application level gateway
• B. Stateful Multilayer Inspection
• C. Circuit level gateway
• D. Packet Filtering

Answer: C

NEW QUESTION 14
Cindy is the network security administrator for her company. She just got back from a security conference in Las Vegas where they talked about all kinds of old and new security threats; many of which she did not know of. She is worried about the current security state of her company's network so she decides to start scanning the network from an external IP address. To see how some of the hosts on her network react, she sends out SYN packets to an IP range. A number of IPs responds with a SYN/ACK response. Before the connection is established, she sends RST packets to those hosts to stop the session. She has done this to see how her intrusion detection system will log the traffic. What type of scan is Cindy attempting here?

• A. The type of scan she is usinq is called a NULL scan.
• B. Cindy is using a half-open scan to find live hosts on her network.
• C. Cindy is attempting to find live hosts on her company's network by using a XMAS scan.
• D. She is utilizing a RST scan to find live hosts that are listening on her network.

Answer: B

NEW QUESTION 15
The risk assessment team in Southern California has estimated that the probability of an incident that has potential to impact almost 80% of the bank's business is very high. How should this risk be categorized in the risk matrix?

• A. High
• B. Medium
• C. Extreme
• D. Low

Answer: C

NEW QUESTION 16
Alex is administrating the firewall in the organization's network. What command will he use to check the ports applications open?

• A. Netstat -an
• B. Netstat -o
• C. Netstat -a
• D. Netstat -ao

Answer: A

NEW QUESTION 17
Katie has implemented the RAID level that split data into blocks and evenly write the data to multiple hard drives but does not provide data redundancy. This type of RAID level requires a minimum of _______ in order to setup.

• A. Four drives
• B. Three drives
• C. Two drives
• D. Six drives

Answer: C

NEW QUESTION 18
Malone is finishing up his incident handling plan for IT before giving it to his boss for review. He is outlining the incident response methodology and the steps that are involved. What is the last step he should list?

• A. Assign eradication.
• B. Recovery
• C. Containment
• D. A follow-up.

Answer: D

NEW QUESTION 19
Bryson is the IT manager and sole IT employee working for a federal agency in California. The agency was just given a grant and was able to hire on 30 more employees for a new extended project. Because of this, Bryson has hired on two more IT employees to train up and work. Both of his new hires are straight out of college and do not have any practical IT experience. Bryson has spent the last two weeks teaching the new employees the basics of computers, networking, troubleshooting techniques etc. To see how these two new hires are doing, he asks them at what layer of the OSI model do Network Interface Cards (NIC) work on. What should the new employees answer?

• A. NICs work on the Session layer of the OSI model.
• B. The new employees should say that NICs perform on the Network layer.
• C. They should tell Bryson that NICs perform on the Physical layer
• D. They should answer with the Presentation layer.

Answer: C

NEW QUESTION 20
Identify the minimum number of drives required to setup RAID level 5.

• A. Multiple
• B. 3
• C. 4
• D. 2

Answer: B

NEW QUESTION 21
Kyle, a front office executive, suspects that a Trojan has infected his computer. What should be his first course of action to deal with the incident?

• A. Contain the damage
• B. Disconnect the five infected devices from the network
• C. Inform the IRT about the incident and wait for their response
• D. Inform everybody in the organization about the attack

Answer: C

NEW QUESTION 22
James wants to implement certain control measures to prevent denial-of-service attacks against the organization. Which of the following control measures can help James?

• A. Strong passwords
• B. Reduce the sessions time-out duration for the connection attempts
• C. A honeypot in DMZ
• D. Provide network-based anti-virus

Answer: B

NEW QUESTION 23
......