Free 312-38 Exam Braindumps (page: 3)

Page 3 of 155

FILL BLANK
Fill in the blank with the appropriate term. ________________is typically carried out by a remote attacker attempting to gain information or access to a network on which it is not authorized or allowed.

  1. Network reconnaissance

Answer(s): A

Explanation:

Network reconnaissance is typically carried out by a remote attacker attempting to gain information or access to a network on which it is not authorized or allowed. Network reconnaissance is increasingly used to exploit network standards and automated communication methods. The aim is to determine what types of computers are present, along with additional information about those computers such as the type and version of the operating system. This information can be analyzed for known or recently discovered vulnerabilities that can be exploited to gain access to secure networks and computers. Network reconnaissance is possibly one of the most common applications of passive data analysis. Early generation techniques, such as TCP/IP passive fingerprinting, have accuracy issues that tended to make it ineffective. Today, numerous tools exist to make reconnaissance easier and more effective.



FILL BLANK
Fill in the blank with the appropriate term. The________________ is an application layer protocol that is used between workstations and routers for transporting SNA/NetBIOS traffic over TCP sessions.

  1. DCAP

Answer(s): A

Explanation:

The Data Link Switching Client Access Protocol (DCAP) is an application layer protocol that is used between workstations and routers for transporting SNA/NetBIOS traffic over TCP sessions. It was introduced in order to address a few deficiencies by the Data Link Switching Protocol (DLSw). The DLSw raises the important issues of scalability and efficiency, and since DLSw is a switch-to-switch protocol, it is not efficient when implemented on workstations. DCAP was introduced in order to address these issues.



John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He is using a tool to crack the wireless encryption keys. The description of the tool is as follows:

“It is a Linux-based WLAN WEP cracking tool that recovers encryption keys. It operates by passively monitoring transmissions. It uses Ciphertext Only Attack and captures approximately 5 to 10 million packets to decrypt the WEP keys.”

Which of the following tools is John using to crack the wireless encryption keys?

  1. PsPasswd
  2. Kismet
  3. AirSnort
  4. Cain

Answer(s): C

Explanation:

AirSnort is a Linux-based WLAN WEP cracking tool that recovers encryption keys. AirSnort operates by passively monitoring transmissions. It uses Ciphertext Only Attack and captures approximately 5 to 10 million packets to decrypt the WEP keys.
Answer option B is incorrect. Kismet is a Linux-based 802.11 wireless network sniffer and intrusion detection system. It can work with any wireless card that supports raw monitoring (rfmon) mode. Kismet can sniff 802.11b, 802.11a, 802.11g, and 802.11n traffic. Kismet can be used for the following tasks:
To identify networks by passively collecting packets To detect standard named networks
To detect masked networks
To collect the presence of non-beaconing networks via data traffic
Answer option D is incorrect. Cain is a multipurpose tool that can be used to perform many tasks such as Windows password cracking, Windows enumeration, and VoIP session sniffing. This password cracking program can perform the following types of password cracking attacks:

Dictionary attack Brute force attack Rainbow attack Hybrid attack
Answer option A is incorrect. PsPasswd is a tool that helps Network Administrators change an account password on the local or remote system. The command syntax of PsPasswd is as follows:
pspasswd [\\computer[,computer[,..] | @file [-u user [-p psswd]] Username [NewPassword]



Which of the following is a process that detects a problem, determines its cause, minimizes the damages, resolves the problem, and documents each step of response for future reference?

  1. Incident response
  2. Incident handling
  3. Incident management
  4. Incident planning

Answer(s): A

Explanation:

Incident response is a process that detects a problem, determines its cause, minimizes the damages, resolves the problem, and documents each step of response for future reference. One of the primary goals of incident response is to "freeze the scene". There is a close relationship between incident response, incident handling, and incident management. The primary goal of incident handling is to contain and repair any damage caused by an event and to prevent any further damage. Incident management manages the overall process of an incident by declaring the incident and preparing documentation and post-mortem reviews after the incident has occurred.
Answer option B is incorrect. The primary goal of incident handling is to contain and repair any damage caused by an event and to prevent any further damage.
Answer option C is incorrect. It manages the overall process of an incident by declaring the incident and preparing documentation and post-mortem reviews after the incident has occurred.
Answer option D is incorrect. This is an invalid option.



Page 3 of 155



Post your Comments and Discuss EC-Council 312-38 exam with other Community members:

meep commented on September 22, 2024
meep meepmeep meepmeep meepmeep meepmeep meep
UNITED KINGDOM
upvote

Mohammed commented on August 13, 2024
I want to let you know that I passed this test yesterday. These questions are valid as of this week.
UNITED ARAB EMIRATES
upvote

Bryan commented on August 22, 2023
Big thanks to AllBrainDumps for providing such a great resource, helping me preparing to achieve my goal, saving lots of time!
TAIWAN PROVINCE OF CHINA
upvote