FILL BLANKFill in the blank with the appropriate term. A________________ is a technique to authenticate digital documents by using computer cryptography.
Answer(s): A
A digital signature is a technique to authenticate digital documents by using computer cryptography. A digital signature not only validates the sender's identity, but also ensures that the document's contents have not been altered. It verifies that the source and integrity of the document is not compromised since the document is signed. A digital signature provides the following assurances: Authenticity, Integrity, and Non-repudiation.Microsoft Office 2007 Excel and Word provide a feature known as Signature line to insert a user's digital signature on a document.
Which of the following is an intrusion detection system that reads all incoming packets and tries to find suspicious patterns known as signatures or rules?
Answer(s): D
A network intrusion detection system (NIDS) is an intrusion detection system that tries to detect malicious activity such as denial of service attacks, port scans or even attempts to crack into computers by monitoring network traffic. A NIDS reads all the incoming packets and tries to find suspicious patterns known as signatures or rules. It also tries to detect incoming shell codes in the same manner that an ordinary intrusion detection system does.Answer option A is incorrect. A host-based intrusion detection system (HIDS) produces a false alarm because of the abnormal behavior of users and the network. A host-based intrusion detection system (HIDS) is an intrusion detection system that monitors and analyses the internals of a computing system rather than the network packets on its external interfaces. A host-based Intrusion Detection System (HIDS) monitors all or parts of the dynamic behavior and the state of a computer system. HIDS looks at the state of a system, its stored information, whether in RAM, in the file system, log files or elsewhere; and checks that the contents of these appear as expected. Answer option B is incorrect. An intrusion prevention system (IPS) is a network security device that monitors network and/or system activities for malicious or unwanted behavior and can react, in real-time, to block or prevent those activities. When an attack is detected, it can drop the offending packets while still allowing all other traffic to pass.Answer option C is incorrect. A demilitarized zone (DMZ) is a physical or logical subnetwork that contains and exposes external services of an organization to a larger network, usually the Internet. The purpose of a DMZ is to add an additional layer of security to an organization's Local Area Network (LAN); an external attacker only has access to equipment in the DMZ, rather than the whole of the network. Hosts in the DMZ have limited connectivity to specific hosts in the internal network, though communication with other hosts in the DMZ and to the external network is allowed. This allows hosts in the DMZ to provide services to both the internal and external networks, while an intervening firewall controls the traffic between the DMZ servers and the internal network clients. In a DMZ configuration, most computers on the LAN run behind a firewall connected to a public network such as the Internet.
Fill in the blank with the appropriate term. The _____________is typically considered as the top InfoSec officer in the organization and helps in maintaining current and appropriate body of knowledge required to perform InfoSec management functions.
The Chief InfoSec Officer (CISO) is typically considered as the top InfoSec officer in the organization, though the CISO is usually not an executive-level position and commonly reports to the CIO. Following are the job competencies for the Chief InfoSec Officer (CISO):Maintaining current & appropriate body of knowledge required to perform InfoSec management functionsEffectively applying InfoSec management knowledge for improving security of open network and associated systems and services Maintaining working knowledge of external legislative & regulatory initiativesInterpreting and translating requirements for implementationDeveloping appropriate InfoSec policies, standards, guidelines, and proceduresProviding meaningful input, preparing effective presentations, and communicating InfoSec objectivesParticipating in short and long term planning
In which of the following types of port scans does the scanner attempt to connect to all 65535 ports?
In a vanilla port scan, the scanner attempts to connect to all 65,535 ports.Answer option B is incorrect. The scanner attempts to connect to only selected ports.Answer option A is incorrect. The scanner scans for open User Datagram Protocol ports.Answer option C is incorrect. The scanner goes through a File Transfer Protocol server to disguise the cracker's location.
Post your Comments and Discuss EC-Council 312-38 exam with other Community members:
meep Commented on March 01, 2025 meep meepmeep meepmeep meepmeep meepmeep meep UNITED KINGDOM
Mohammed Commented on March 01, 2025 I want to let you know that I passed this test yesterday. These questions are valid as of this week. UNITED ARAB EMIRATES
Kuwan Commented on December 23, 2024 Have you recently taken a certification exam? Your experience can help others! ?? Was the exam harder or easier than expected? ?? Any tricky topics or surprises? ?? What study methods worked best for you? Drop your thoughts below and help future test-takers succeed! UNITED STATES
Bryan Commented on August 22, 2023 Big thanks to AllBrainDumps for providing such a great resource, helping me preparing to achieve my goal, saving lots of time! TAIWAN PROVINCE OF CHINA
Our website is free, but we have to fight against bots and content theft. We're sorry for the inconvenience caused by these security measures. You can access the rest of the 312-38 content, but please register or login to continue.