CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 112-51

Free 112-51 Exam Braindumps (page: 7)

Page 6 of 19
PDF with 75 Questions

Mark, a network administrator in an organization, was assigned the task of preventing data from falling into the wrong hands. In this process, Mark implemented authentication techniques and performed full memory encryption for the data stored on RAM. In which of the following states has Steve encrypted the data in the above scenario?

  1. Data in use
  2. Data in transit
  3. Data inactive
  4. Data in rest

Answer(s): A

Explanation:

The state in which Mark encrypted the data in the above scenario is data in use. Data in use refers to data that is being processed or manipulated by an application or a system, such as data stored on RAM or CPU registers. Data in use is the most vulnerable state of data, as it is exposed to various threats, such as memory scraping, buffer overflow, or side-channel attacks, that can compromise the confidentiality, integrity, or availability of the data. Data in use encryption is a technique that protects the data while it is being processed by encrypting it in memory using hardware or software solutions. Data in use encryption prevents unauthorized access or modification of the data, even if the system is compromised or the memory is dumped. Data in use encryption is one of the three types of data encryption, along with data at rest encryption and data in transit encryption123.


Reference:

Network Defense Essentials Courseware, EC-Council, 2020, pp. 3-23 to 3-24 Encryption: Data at Rest, Data in Motion and Data in Use, Jatheon, 2020 Data in Use Encryption: What It Is and Why You Need It, Fortanix, 2020



Jacob, an attacker, targeted container technology to destroy the reputation of an organization. To achieve this, he initially compromised a single container exploiting weak network defaults, overloaded the rest of the containers in the local domain, and restricted them from providing services to legitimate users.
Identify the type of attack initiated by Jacob in the above scenario.

  1. Cross-container attack
  2. Docker registry attack
  3. Container escaping attack
  4. Replay attack

Answer(s): A

Explanation:

The type of attack initiated by Jacob in the above scenario is a cross-container attack. A cross- container attack is a type of attack that targets container technology and exploits the shared resources and network connections between containers. A cross-container attack can compromise the security and availability of multiple containers and the underlying host by performing actions such as stealing data, executing commands, consuming resources, or spreading malware. A cross- container attack can be launched by an external attacker who gains access to a container through a network vulnerability, or by a malicious insider who runs a rogue container on the same host or cluster. A cross-container attack can be prevented or mitigated by implementing security best practices for container technology, such as isolating containers, limiting privileges, enforcing policies, scanning images, and monitoring network traffic123.


Reference:

Network Defense Essentials Courseware, EC-Council, 2020, pp. 3-37 to 3-38 6 Common Kubernetes and Container Attack Techniques and How to Prevent Them - Palo Alto

Networks, Palo Alto Networks, March 2, 2022
The evolution of a matrix: How ATT&CK for Containers was built - Microsoft, Microsoft, July 21, 2021



Which of the following ISO standards provides guidance to ensure that cloud service providers offer appropriate information security controls to protect the privacy of their customer's clients by securing personally identifiable information entrusted to them?

  1. ISO/IEC 27001
  2. ISO/IEC 27018
  3. ISO/IEC 27011
  4. ISO/IEC 27007

Answer(s): B

Explanation:

ISO/IEC 27018 is the ISO standard that provides guidance to ensure that cloud service providers offer appropriate information security controls to protect the privacy of their customer's clients by securing personally identifiable information entrusted to them. ISO/IEC 27018 is a code of practice for protecting personal information in cloud storage. The term for the personal data it covers is Personally Identifiable Information or PII. ISO/IEC 27018 is an addendum to ISO/IEC 27001, the first international code of practice for cloud privacy. It helps cloud service providers who process PII to assess risk and implement controls for protecting PII. ISO/IEC 27018 was created in 2014 and updated in 2019. It has the following objectives:
Help the public cloud service provider to comply with applicable obligations when acting as a PII processor, whether such obligations fall on the PII processor directly or through contract. Enable the public cloud PII processor to be transparent in relevant matters so that cloud service customers can select well-governed cloud-based PII processing services. Assist the cloud service customer and the public cloud PII processor in entering into a contractual agreement.
Provide cloud service customers with a mechanism for exercising audit and compliance rights and responsibilities in cases where individual cloud service customer audits of data hosted in a multiparty, virtualized server (cloud) environment can be impractical technically and can increase risks to those physical and logical network security controls in place123.


Reference:

ISO/IEC 27018: Protecting PII in Public Clouds - ISMS.online, ISMS.online, 2019 ISO/IEC 27018 - Wikipedia, Wikipedia, 2021
ISO/IEC 27018:2019 - Information technology -- Security techniques -- Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors, ISO,



John has recently joined an organization and completed his security training. The organization conducted a security campaign on their employees by sending a fake email stating the urgency of password reset. John identified that it was an illegitimate mail and reported it as spam.

Identify the type of attack initiated by the organization as part of the security campaign discussed in the above scenario.

  1. Phishing
  2. Tailgating
  3. Dumpster diving
  4. Shoulder surfing

Answer(s): A

Explanation:

The type of attack initiated by the organization as part of the security campaign discussed in the above scenario is phishing. Phishing is a form of fraud where cybercriminals use email, instant messaging, or other social media to try to gather information such as login credentials by masquerading as a reputable person or organization. Phishing occurs when a malicious party sends a fraudulent email disguised as being from an authorized, trusted source, and tries to persuade the recipient to click on a link, open an attachment, or provide personal information. The link or attachment may lead to a fake website or install malware on the recipient's device, while the personal information may be used for identity theft, account takeover, or other malicious purposes. Phishing is one of the most common and effective cyberattacks, as it exploits the human factor and relies on social engineering techniques to manipulate the victim's emotions, such as urgency, fear, or curiosity. Phishing can be prevented or mitigated by educating the users on how to recognize and report phishing emails, using strong and unique passwords, enabling multi-factor authentication, and installing security software123.


Reference:

Network Defense Essentials Courseware, EC-Council, 2020, pp. 3-30 to 3-31 20 types of phishing attacks + phishing examples - Norton, Norton, October 03, 2022 Types of Email Attacks - GeeksforGeeks, GeeksforGeeks, May 30, 2023






Post your Comments and Discuss EC-Council 112-51 exam with other Community members:

112-51 Discussions & Posts