Free 312-38 Exam Braindumps (page: 29)

Page 28 of 155

Which of the following is a type of computer security that deals with protection against spurious signals emitted by electrical equipment in the system?

  1. Communication Security
  2. Physical security
  3. Emanation Security
  4. Hardware security

Answer(s): C

Explanation:

Emanation security is one of the types of computer security that deals with protection against spurious signals emitted by electrical equipment in the system, such as electromagnetic emission (from displays), visible emission (displays may be visible through windows), and audio emission (sounds from printers, etc). Answer option D is incorrect. Hardware security helps in dealing with the vulnerabilities in the handling of hardware.
Answer option B is incorrect. Physical security helps in dealing with protection of computer hardware and associated equipment.
Answer option A is incorrect. Communication security helps in dealing with the protection of data and information during transmission.



Which of the following network devices operate at the network layer of the OSI model? Each correct answer represents a complete solution. Choose all that apply.

  1. Router
  2. Bridge
  3. Repeater
  4. Gateway

Answer(s): A,D

Explanation:

A router is a device that routes data packets between computers in different networks. It is used to connect multiple networks, and it determines the path to be taken by each data packet to its destination computer. A router maintains a routing table of the available routes and their conditions. By using this information, along with distance and cost algorithms, the router determines the best path to be taken by the data packets to the destination computer. A router can connect dissimilar networks, such as Ethernet, FDDI, and Token Ring, and route data packets among them. Routers operate at the network layer (layer 3) of the Open Systems Interconnection (OSI) model.
A gateway is a network point that acts as an entrance to another network. On the Internet, a node or stopping point can be either a gateway node or a host (end-point) node. Both the computers of Internet users and the computers that serve pages to users are host nodes. The computers that control traffic within a company's network or at a local Internet service provider (ISP) are gateway nodes. In the network for an enterprise, a computer server acting as a gateway node is often also acting as a proxy server and a firewall server. A gateway is often associated with both a router, which knows where to direct a given packet of data that arrives at the gateway, and a switch, which furnishes the actual path in and out of the gateway for a given packet. Most of the gateways operate at the application layer, but can operate at the network or session layer of the OSI model.
Answer option C is incorrect. A repeater operates only at the physical layer of the OSI model. Answer option B is incorrect. A bridge operates at the data link layer of the OSI model.



FILL BLANK
Fill in the blank with the appropriate term. The__________________ layer establishes, manages, and terminates the connections between the local and remote application.

  1. session

Answer(s): A

Explanation:

The session layer of the OSI/RM controls the dialogues (connections) between computers. It establishes, manages and terminates the connections between the local and remote application. It provides for full-duplex, half-duplex, or simplex operation, and establishes checkpointing, adjournment, termination, and restart procedures. The OSI model made this layer responsible for graceful close of sessions, which is a property of the Transmission Control Protocol, and also for session check pointing and recovery, which is not usually used in the Internet Protocol Suite. The Session Layer is commonly implemented explicitly in application environments that use remote procedure calls.



Adam, a malicious hacker, has just succeeded in stealing a secure cookie via a XSS attack. He is able to replay the cookie even while the session is valid on the server. Which of the following is the most likely reason of this cause?

  1. No encryption is applied.
  2. Two way encryption is applied.
  3. Encryption is performed at the network layer (layer 1 encryption).
  4. Encryption is performed at the application layer (single encryption key).

Answer(s): D

Explanation:

Single key encryption uses a single word or phrase as the key. The same key is used by the sender to encrypt and the receiver to decrypt. Sender and receiver initially need to have a secure way of passing the key from one to the other. With TLS or SSL this would not be possible. Symmetric encryption is a type of encryption that uses a single key to encrypt and decrypt data. Symmetric encryption algorithms are faster than public key encryption. Therefore, it is commonly used when a message sender needs to encrypt a large amount of data. Data Encryption Standard (DES) uses the symmetric encryption key algorithm to encrypt data.






Post your Comments and Discuss EC-Council 312-38 exam with other Community members:

312-38 Discussions & Posts