PassGuide 312-38

EC-Council 312-38

EC-Council Network Security Administrator

Q&A Demo

(C) Copyright 2006-2011 CertBible Tech LTD,All Rights Reserved.

Build Your Dreams

 PassGuide 312-38
Important Note
Please Read Carefully

Study Tips

This product will provide you questions and answers carefully compiled and written by our
experts. Try to understand the concepts behind the questions instead of cramming the
questions.

Go through the entire document at least twice so that you make sure that you are not missing
anything.

Latest Version

We are constantly reviewing our products. New material is added and old material is revised.
Free updates are available for 120 days after the purchase. You should check your member
zone at PassGuide an update 3-4 days before the scheduled exam date.

Feedback

If you spot a possible improvement then please let us know. We always interested in
improving product quality.
Feedback should be send to feedback@passguide.com. You should include the following:
Exam number, version, page number, question number, and your login ID.
Our experts will answer your mail promptly.

Be Prepared. Be Confident. Get Certified.

-------------------------------------------------------------------------------------------------------------------------
Sales and Support Manager
Sales Team. sales@passguide.com Support Team. support@passguide.com
---------------------------------------------------------------------------------------------------------------------

Copyright

Each pdf file contains a unique serial number associated with your particular name and
contact information for security purposes. So if we find out that a particular pdf file is being
distributed by you, CertBible reserves the right to take legal action against you according to
the International Copyright Laws.

Build Your Dreams

 PassGuide 312-38
Question: 1
Fill in the blank with the appropriate term.
______________is typically carried out by a remote attacker attempting to gain information or
access to a network on which it is not authorized or allowed.

A. Network reconnaissance

Answer: A

Question: 2
A __________is a term in computer terminology used for a trap that is set to detect, deflect,
or in some manner counteract attempts at unauthorized use of information systems.

A. honeypot

Answer: A

Question: 3
You have just set up a wireless network for customers at a coffee shop. Which of the
following are good security measures to implement?
Each correct answer represents a complete solution. Choose two.

A. Using WPA encryption

B. Using WEP encryption
C. Not broadcasting SSID
D. MAC filtering the router

Answer: A, B

Question: 4
Which of the following is a non-profit organization that oversees the allocation of IP addresses,
management of the DNS infrastructure, protocol parameter assignment, and root server
system management?

A. ITU
B. ICANN
C. IEEE
D. ANSI

Answer: B

Question: 5
Which of the following is a network maintenance protocol of the TCP/IP protocol suite that is
responsible for the resolution of IP addresses to media access control (MAC) addresses of a

Build Your Dreams

 PassGuide 312-38
network interface card (NIC)?

A. ARP
B. RARP
C. DHCP
D. PIM

Answer: A

Question: 6
Which of the following tools is an open source network intrusion prevention and detection
system that operates as a network sniffer and logs activities of the network that is matched
with the predefined signatures?

A. Kismet
B. Snort
C. Dsniff
D. KisMAC

Answer: B

Question: 7
The __________is used for routing voice conversations over the Internet. It is also known by
other names such as IP Telephony, Broadband Telephony, etc.

A. VoIP

Answer: A

Question: 8
Which of the following fields in the IPv6 header is decremented by 1 for each router that
forwards the packet?

A. Next header
B. Traffic class
C. Hop limit
D. Flow label

Answer: C

Question: 9
Which of the following IP class addresses are not allotted to hosts?
Each correct answer represents a complete solution. Choose all that apply.

Build Your Dreams

 PassGuide 312-38
A. Class E
B. Class C
C. Class D
D. Class A
E. Class B

Answer: A, C

Question: 10
Mark works as a Network Administrator for Infonet Inc. The company has a Windows 2000
Active Directory domain-based network. The domain contains one hundred Windows XP
Professional client computers. Mark is deploying an 802.11 wireless LAN on the network. The
wireless LAN will use Wired Equivalent Privacy (WEP) for all the connections. According to
the company's security policy, the client computers must be able to automatically connect to
the wireless LAN. However, the unauthorized computers must not be allowed to connect to
the wireless LAN and view the wireless network. Mark wants to configure all the wireless
access points and client computers to act in accordance with the company's security policy.
What will he do to accomplish this?
Each correct answer represents a part of the solution. Choose three.

A. Configure the authentication type for the wireless LAN to Open system.
B. Disable SSID Broadcast and enable MAC address filtering on all wireless access points.
C. On each client computer, add the SSID for the wireless LAN as the preferred network.
D. Broadcast SSID to connect to the access point (AP).
E. Configure the authentication type for the wireless LAN to Shared Key.
F. Install a firewall software on each wireless access point.

Answer: B, C, E

Question: 11
Which of the following is a digital telephone/telecommunication network that carries voice,
data, and video over an existing telephone network infrastructure?

A. X.25
B. Frame relay
C. PPP
D. ISDN

Answer: D

Question: 12
Peter, a malicious hacker, obtains e-mail addresses by harvesting them from postings, blogs,
DNS listings, and Web pages. He then sends large number of unsolicited commercial e-
mail (UCE) messages on these addresses. Which of the following e-mail crimes is Peter

Build Your Dreams

 PassGuide 312-38
committing?

A. E-mail Storm
B. E-mail bombing
C. E-mail Spam
D. E-mail spoofing

Answer: C

Question: 13
John works as a C programmer. He develops the following C program:
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
int buffer(char *str) {
char buffer1[10];
strcpy(buffer1, str);
return 1;
}
int main(int argc, char *argv[]) {
buffer (argv[1]);
printf("Executed\n");
return 1;
}
His program is vulnerable to a __________ attack.

A. SQL injection
B. Denial-of-Service
C. Buffer overflow
D. Cross site scripting

Answer: C

Question: 14
John works as a professional Ethical Hacker. He has been assigned the project of testing the
security of www.we-are-secure.com. He is using a tool to crack the wireless encryption keys.
The description of the tool is as follows:
It is a Linux-based WLAN WEP cracking tool that recovers encryption keys. It operates by
passively monitoring transmissions. It uses
Ciphertext Only Attack and captures approximately 5 to 10 million packets to decrypt the
WEP keys.
Which of the following tools is John using to crack the wireless encryption keys?

A. Kismet

Build Your Dreams

 PassGuide 312-38
B. PsPasswd
C. Cain
D. AirSnort

Answer: D

Question: 15
Which of the following attacks are computer threats that try to exploit computer application
vulnerabilities that are unknown to others or undisclosed to the software developer?
Each correct answer represents a complete solution. Choose all that apply.

A. Zero-hour
B. Buffer overflow
C. Zero-day
D. Spoofing

Answer: A, C

Build Your Dreams