CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 112-51

Free 112-51 Exam Braindumps (page: 9)

Page 8 of 19
PDF with 75 Questions

Kelly, a cloud administrator at TechSol Inc., was instructed to select a cloud deployment model to secure the corporate data and retain full control over the data.
Which of the following cloud deployment models helps Kelly in the above scenario?

  1. Public cloud
  2. Multi cloud
  3. Community cloud
  4. Private cloud

Answer(s): D

Explanation:

A private cloud is a cloud deployment model that is exclusively used by a single organization and is hosted either on-premises or off-premises by a third-party provider. A private cloud offers the highest level of security and control over the data and resources, as the organization can customize the cloud infrastructure and services according to its needs and policies. A private cloud also ensures better performance and availability, as the organization does not share the cloud resources with other users. A private cloud is suitable for organizations that have sensitive or confidential data, strict compliance requirements, or high demand for scalability and flexibility. A private cloud can help Kelly secure the corporate data and retain full control over the data in the above scenario.


Reference:

Private Cloud - Week 6: Virtualization and Cloud Computing Private Cloud vs Public Cloud vs Hybrid Cloud
Private Cloud Security: Challenges and Best Practices



Steve was sharing his confidential file with John via an email that was digitally signed and encrypted. The digital signature was made using the "Diffie-Hellman (X9.42) with DSS" algorithm, and the email was encrypted using triple DES.
Which of the following protocols employs the above features to encrypt an email message?

  1. S/MIME
  2. EAP
  3. RADIUS
  4. TACACS+

Answer(s): A

Explanation:

S/MIME (Secure/Multipurpose Internet Mail Extensions) is a protocol that provides security services for email messages, such as encryption, digital signature, authentication, and integrity. S/MIME is based on the MIME standard, which defines the format and structure of email messages. S/MIME uses public-key cryptography to encrypt and decrypt the message content and to sign and verify the message sender. S/MIME supports various algorithms for encryption and digital signature, such as Diffie-Hellman, DSS, RSA, and triple DES. S/MIME is widely used for secure email communication in various applications and platforms, such as Outlook, Gmail, and Thunderbird. S/MIME is the protocol that employs the features mentioned in the question, namely Diffie-Hellman (X9.42) with DSS for digital signature and triple DES for encryption.


Reference:

S/MIME - Week 7: Email Security
S/MIME - Wikipedia
S/MIME Version 3.2 Message Specification



Joseph, a security professional, was instructed to secure the organization's network. In this process, he began analyzing packet headers to check whether any indications of source and destination IP addresses and port numbers are being changed during transmission. Identify the attack signature analysis technique performed by Joseph in the above scenario.

  1. Composite-signature-based analysis
  2. Context-based signature analysis
  3. Content-based signature analysis
  4. Atomic-signature-based analysis

Answer(s): D

Explanation:

Atomic-signature-based analysis is a type of attack signature analysis technique that uses a single characteristic or attribute of a packet header to identify malicious traffic. Atomic signatures are simple and fast to match, but they can also generate false positives or miss some attacks. Some examples of atomic signatures are source and destination IP addresses, port numbers, protocol types, and TCP flags. Atomic-signature-based analysis is the technique performed by Joseph in the above scenario, as he analyzed packet headers to check whether any indications of source and destination IP addresses and port numbers are being changed during transmission.


Reference:

[Understanding the Network Traffic Signatures] - Module 12: Network Traffic Monitoring Network Defense Essentials (NDE) | Coursera - Week 12: Network Traffic Monitoring [Network Defense Essentials Module 12 (Network Traffic Monitoring) - Quizlet] - Flashcards: What are Network Traffic Signatures?



Kevin logged into a banking application with his registered credentials and tried to transfer some amount from his account to Flora's account. Before transferring the amount to Flora's account, the application sent an OTP to Kevin's mobile for confirmation.
Which of the following authentication mechanisms is employed by the banking application in the above scenario?

  1. Biometric authentication
  2. Smart card authentication
  3. Single sign-on (SSO) authentication
  4. Two-factor authentication

Answer(s): D

Explanation:

Two-factor authentication (2FA) is a type of authentication that requires users to provide two or more forms of verification to access an online account. 2FA is a multi-layered security measure designed to prevent hackers from accessing user accounts using stolen or shared credentials. 2FA typically combines something the user knows (such as a password or PIN), something the user has (such as a phone or a token), and/or something the user is (such as a fingerprint or a face scan). In the above scenario, the banking application employs 2FA by asking Kevin to enter his registered credentials (something he knows) and an OTP sent to his mobile (something he has) before transferring the amount to Flora's account.


Reference:

Improve Your Cybersecurity with Password MFA - Defense.comTM What Is Two-Factor Authentication (2FA)? | Microsoft Security Selecting Secure Multi-factor Authentication Solutions






Post your Comments and Discuss EC-Council 112-51 exam with other Community members:

112-51 Discussions & Posts