CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 112-51

Free 112-51 Exam Braindumps (page: 3)

Page 2 of 19
PDF with 75 Questions

Which of the following types of network traffic flow does not provide encryption in the data transfer process, and the data transfer between the sender and receiver is in plain text?

  1. SSL traffic
  2. HTTPS traffic
  3. SSH traffic
  4. FTP traffic

Answer(s): D

Explanation:

FTP traffic does not provide encryption in the data transfer process, and the data transfer between the sender and receiver is in plain text. FTP stands for File Transfer Protocol, and it is a standard network protocol for transferring files between a client and a server over a TCP/IP network. FTP uses two separate channels for communication: a control channel for sending commands and receiving responses, and a data channel for transferring files. However, FTP does not encrypt any of the data that is sent or received over these channels, which means that anyone who can intercept the network traffic can read or modify the contents of the files, as well as the usernames and passwords used for authentication. This poses a serious security risk for the confidentiality, integrity, and availability of the data and the systems involved in the file transfer. Therefore, FTP is not a secure way to transfer sensitive or confidential data over the network.


Reference:

Network Defense Essentials Courseware, EC-Council, 2020, pp. 3-31 to 3-32 What is FTP, and Why Does It Matter in 2021?, Kinsta, January 4, 2021 FTP Security, Wikipedia, February 9, 2021



Alice was working on her major project; she saved all her confidential files and locked her laptop. Bob wanted to access Alice's laptop for his personal use but was unable to access the laptop due to biometric authentication.
Which of the following network defense approaches was employed by Alice on her laptop?

  1. Retrospective approach
  2. Preventive approach
  3. Reactive approach
  4. Proactive approach

Answer(s): B

Explanation:

The network defense approach that was employed by Alice on her laptop was the preventive approach. The preventive approach aims to stop or deter potential attacks before they happen by implementing security measures that reduce the attack surface and increase the difficulty of exploitation. Biometric authentication is an example of a preventive measure that uses a physical characteristic, such as a fingerprint, iris, or face, to verify the identity of the user and grant access to the device or system. Biometric authentication is more secure than traditional methods, such as passwords or PINs, because it is harder to forge, guess, or steal. By locking her laptop and using biometric authentication, Alice prevented Bob from accessing her laptop and her confidential files without her permission.


Reference:

Network Defense Essentials Courseware, EC-Council, 2020, pp. 1-7 to 1-8 What is Biometric Authentication?, Norton, July 29, 2020 An introduction to network defense basics, Enable Sysadmin, November 26, 2019



Kalley, a network administrator of an organization, has installed a traffic monitoring system to capture and report suspicious traffic signatures. In this process, she detects traffic containing password cracking, sniffing, and brute-forcing attempts.Which of the following categories of suspicious traffic signature were identified by Kalley through the installed monitoring system?

  1. Reconnaissance signatures
  2. Unauthorized access signatures
  3. Denial-of-service (DoS) signatures
  4. Informational signatures

Answer(s): B

Explanation:

Unauthorized access signatures were identified by Kalley through the installed monitoring system. Unauthorized access signatures are designed to detect attempts to gain unauthorized access to a system or network by exploiting vulnerabilities, misconfigurations, or weak credentials. Password cracking, sniffing, and brute-forcing are common techniques used by attackers to obtain or guess the passwords of legitimate users or administrators and gain access to their accounts or privileges. These techniques generate suspicious traffic patterns that can be detected by traffic monitoring systems, such as Snort, using signature-based detection. Signature-based detection is based on the premise that abnormal or malicious network traffic fits a distinct pattern, whereas normal or benign traffic does not. Therefore, by installing a traffic monitoring system and capturing and reporting suspicious traffic signatures, Kalley can identify and prevent unauthorized access attempts and protect the security of her organization's network.


Reference:

Network Defense Essentials Courseware, EC-Council, 2020, pp. 3-33 to 3-34 Detecting Suspicious Traffic via Signatures - Intrusion Detection with Snort, O'Reilly, 2003 Threat Signature Categories - Palo Alto Networks, Palo Alto Networks, 2020



Finch, a security auditor, was assigned the task of providing devices to all the employees to enable work from remote locations. Finch restricted the devices to work only for organization-related tasks, and not for personal use.
Which of the following mobile usage policies has Finch implemented in the above scenario?

  1. CYOD
  2. COBO
  3. COPE
  4. BYOD

Answer(s): B

Explanation:

Finch has implemented the COBO (Corporate-Owned, Business-Only) mobile usage policy in the above scenario. COBO is a policy where the organization provides mobile devices to the employees and restricts them to use the devices only for work-related purposes. The organization has full control over the devices and can enforce security measures, such as encryption, password protection, remote wipe, and application whitelisting or blacklisting. The employees are not allowed to use the devices for personal use, such as browsing the internet, making personal calls, or installing personal apps. COBO is a policy that aims to maximize security and minimize distractions and risks for the organization and the employees.


Reference:

Mobile usage policy in office - sample, cell phone policy in companies and organization, HR Help Board, 2020
Employee Cell Phone Policy Template, Workable, 2020
How Employers Enforce Cell Phone Policies in the Workplace, Indeed, 2022






Post your Comments and Discuss EC-Council 112-51 exam with other Community members:

112-51 Discussions & Posts