CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 312-38

Free 312-38 Exam Braindumps (page: 18)

Page 17 of 155
PDF with 617 Questions

FILL BLANK
Fill in the blank with the appropriate term. ________________is a free open-source utility for network exploration and security auditing that is used to discover computers and services on a computer network, thus creating a "map" of the network.

  1. Nmap

Answer(s): A

Explanation:

Nmap is a free open-source utility for network exploration and security auditing. It is used to discover computers and services on a computer network, thus creating a "map" of the network. Just like many simple port scanners, Nmap is capable of discovering passive services. In addition, Nmap may be able to determine various details about the remote computers. These include operating system, device type, uptime, software product used to run a service, exact version number of that product, presence of some firewall techniques and, on a local area network, even vendor of the remote network card. Nmap runs on Linux, Microsoft Windows, etc.



FILL BLANK
Fill in the blank with the appropriate term. ________________is a powerful and low-interaction open source honeypot.

  1. Honeyd

Answer(s): A

Explanation:

Honeyd is a powerful and low-interaction open source honeypot. It was released by Niels Provos in 2002. It was written in C and designed for Unix platforms. It introduced a variety of new concepts, including the ability to monitor millions of unused IPs, IP stack spoofing, etc. It can also simulate hundreds of operating systems and monitor all UDP and TCP-based ports.



Which of the following statements are true about volatile memory? Each correct answer represents a complete solution. Choose all that apply.

  1. Read-Only Memory (ROM) is an example of volatile memory.
  2. The content is stored permanently, and even the power supply is switched off.
  3. The volatile storage device is faster in reading and writing data.
  4. It is computer memory that requires power to maintain the stored information.

Answer(s): C,D

Explanation:

Volatile memory, also known as volatile storage, is computer memory that requires power to maintain the stored information, unlike non-volatile memory which does not require a maintained power supply. It has been less popularly known as temporary memory. Most forms of modern random access memory (RAM) are volatile storage, including dynamic random access memory (DRAM) and static random access memory (SRAM). A volatile storage device is faster in reading and writing data. Answer options B and A are incorrect. Non-volatile memory, nonvolatile memory, NVM, or non-volatile storage, in the most basic sense, is computer memory that can retain the stored information even when not powered. Examples of non-volatile memory include read-only memory, flash memory, most types of magnetic computer storage devices (e.g. hard disks, floppy disks, and magnetic tape), optical discs, and early computer storage methods such as paper tape and punched cards.



Which of the following firewalls are used to track the state of active connections and determine the network packets allowed to enter through the firewall? Each correct answer represents a complete solution. Choose all that apply.

  1. Circuit-level gateway
  2. Stateful
  3. Proxy server
  4. Dynamic packet-filtering

Answer(s): B,D

Explanation:

A dynamic packet-filtering firewall is a fourth generation firewall technology. It is also known as a stateful firewall. It tracks the state of active connections and determines which network packets are allowed to enter through the firewall. It records session information, such as IP addresses and port numbers to implement a more secure network. The dynamic packet-filtering firewall operates at Layer3, Layer4, and Layer5.
Answer option A is incorrect. A circuit-level gateway is a type of firewall that works at the session layer of the OSI model between the application layer and the transport layer of the TCP/IP stack. They monitor TCP handshaking between packets to determine whether a requested session is legitimate. Information passed to a remote computer through a circuit level gateway appears to have originated from the gateway. This is useful for hiding information about protected networks. Circuit-level gateways are relatively inexpensive and have the advantage of hiding information about the private network they protect.
Answer option C is incorrect. A proxy server firewall intercepts all messages entering and leaving the network. The proxy server effectively hides the true network addresses.






Post your Comments and Discuss EC-Council 312-38 exam with other Community members:

312-38 Discussions & Posts