Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. 312-38

EC-Council 312-38 Exam Questions
Certified Network Defender (Page 24 )

Updated On: 24-Feb-2026
Page 24 of 125
PDF with 617 Questions

FILL BLANK
Fill in the blank with the appropriate term. The__________________ layer establishes, manages, and terminates the connections between the local and remote application.

  1. session

Answer(s): A

Explanation:

The session layer of the OSI/RM controls the dialogues (connections) between computers. It establishes, manages and terminates the connections between the local and remote application. It provides for full-duplex, half-duplex, or simplex operation, and establishes checkpointing, adjournment, termination, and restart procedures. The OSI model made this layer responsible for graceful close of sessions, which is a property of the Transmission Control Protocol, and also for session check pointing and recovery, which is not usually used in the Internet Protocol Suite. The Session Layer is commonly implemented explicitly in application environments that use remote procedure calls.



Adam, a malicious hacker, has just succeeded in stealing a secure cookie via a XSS attack. He is able to replay the cookie even while the session is valid on the server. Which of the following is the most likely reason of this cause?

  1. No encryption is applied.
  2. Two way encryption is applied.
  3. Encryption is performed at the network layer (layer 1 encryption).
  4. Encryption is performed at the application layer (single encryption key).

Answer(s): D

Explanation:

Single key encryption uses a single word or phrase as the key. The same key is used by the sender to encrypt and the receiver to decrypt. Sender and receiver initially need to have a secure way of passing the key from one to the other. With TLS or SSL this would not be possible. Symmetric encryption is a type of encryption that uses a single key to encrypt and decrypt data. Symmetric encryption algorithms are faster than public key encryption. Therefore, it is commonly used when a message sender needs to encrypt a large amount of data. Data Encryption Standard (DES) uses the symmetric encryption key algorithm to encrypt data.



Fill in the blank with the appropriate word. A__________________ policy is defined as the document that describes the scope of an organization's security requirements.

  1. security

Answer(s): A

Explanation:

A security policy is defined as the document that describes the scope of an organization's security requirements. Information security policies are usually documented in one or more information security policy documents. The policy includes the assets that are to be protected. It also provides security solutions to provide necessary protection against the security threats.



Which of the following is a Unix and Windows tool capable of intercepting traffic on a network segment and capturing username and password?

  1. AirSnort
  2. Ettercap
  3. BackTrack
  4. Aircrack

Answer(s): B

Explanation:

Ettercap is a Unix and Windows tool for computer network protocol analysis and security auditing. It is capable of intercepting traffic on a network segment, capturing passwords, and conducting active eavesdropping against a number of common protocols. It is a free open source software. Ettercap supports active and passive dissection of many protocols (including ciphered ones) and provides many features for network and host analysis.
Answer option C is incorrect. BackTrack is a Linux distribution distributed as a Live CD, which is used for penetration testing. It allows users to include customizable scripts, additional tools and configurable kernels in personalized distributions. It contains various tools, such as Metasploit integration, RFMON injection capable wireless drivers, kismet, autoscan-network (network discovering and managing application), nmap, ettercap, wireshark (formerly known as Ethereal).
Answer option A is incorrect. AirSnort is a Linux-based WLAN WEP cracking tool that recovers encryption keys. AirSnort operates by passively monitoring transmissions. It uses Ciphertext Only Attack and captures approximately 5 to 10 million packets to decrypt the WEP keys. Answer option D is incorrect. Aircrack is the fastest WEP/WPA cracking tool used for 802.11a/b/g WEP and WPA cracking.



Which of the following standards is a proposed enhancement to the 802.11a and 802.11b wireless LAN (WLAN) specifications that offers quality of service (QoS) features, including the prioritization of data, voice, and video transmissions?

  1. 802.15
  2. 802.11n
  3. 802.11e
  4. 802.11h

Answer(s): C

Explanation:

The 802.11e standard is a proposed enhancement to the 802.11a and 802.11b wireless LAN (WLAN) specifications. It offers quality of service (QoS) features, including the prioritization of data, voice, and video transmissions. 802.11e enhances the 802.11 Media Access Control layer (MAC layer) with a coordinated time division multiple access (TDMA) construct, and adds error-correcting mechanisms for delay-sensitive applications such as voice and video. Answer option D is incorrect. 802.11h refers to the amendment added to the IEEE 802.11 standard for Spectrum and Transmit Power Management Extensions.
Answer option B is incorrect. 802.11n is an amendment to the IEEE 802.11-2007 wireless networking standard to improve network throughput over the two previous standards - 802.11a and 802.11g - with a significant increase in the maximum raw data rate from 54 Mbit/s to 600 Mbit/s with the use of four spatial streams at a channel width of 40 MHz. Answer option A is incorrect. IEEE 802.15 is a working group of the IEEE 802 and specializes in Wireless PAN (Personal Area Network) standards. It includes seven task groups, which are as follows:
1.Task group 1 (WPAN/Bluetooth)
2.Task group 2 (Coexistence)
3.Task group 3 (High Rate WPAN)
4.Task group 4 (Low Rate WPAN)
5.Task group 5 (Mesh Networking)
6.Task Group 6 (BAN)
7.Task group 7 (VLC)






Post your Comments and Discuss EC-Council 312-38 exam dumps with other Community members:

Join the 312-38 Discussion