Which of the following are the common security problems involved in communications and email? Each correct answer represents a complete solution. Choose all that apply.
Answer(s): A,C,D,E,F,G
Following are the common security problems involved in communications and email:Eavesdropping: It is the act of secretly listening to private information through telephone lines, e-mail, instant messaging, and any other method of communication considered private.Identity theft: It is the act of obtaining someone's username and password to access his/her email servers for reading email and sending false email messages. These credentials can be obtained by eavesdropping on SMTP, POP, IMAP, or Webmail connections.Message modification: The person who has system administrator permission on any of the SMTP servers can visit anyone's message and can delete or change the message before it continues on to its destination. The recipient has no way of telling that the email message has been altered.False message: It the act of constructing messages that appear to be sent by someone else. Message replay: In a message replay, messages are modified, saved, and re-sent later.Message repudiation: In message repudiation, normal email messages can be forged. There is no way for the receiver to prove that someone had sent him/her a particular message. This means that even if someone has sent a message, he/she can successfully deny it.Answer option B is incorrect. A message digest is a number that is created algorithmically from a file and represents that file uniquely.
Which of the following are the six different phases of the Incident handling process? Each correct answer represents a complete solution. Choose all that apply.
Answer(s): A,B,D,E,F,G
Following are the six different phases of the Incident handling process:1. Preparation: Preparation is the first step in the incident handling process. It includes processes like backing up copies of all key data on a regular basis, monitoring and updating software on a regular basis, and creating and implementing a documented security policy. To apply this step a documented security policy is formulated that outlines the responses to various incidents, as a reliable set of instructions during the time of an incident. The following list contains items that the incident handler should maintain in the preparation phase i.e. before an incident occurs:Establish applicable policiesBuild relationships with key players Build response kitCreate incident checklists Establish communication plan Perform threat modelingBuild an incident response team Practice the demo incidents2. Identification: The Identification phase of the Incident handling process is the stage at which the Incident handler evaluates the critical level of an incident for an enterprise or system. It is an important stage where the distinction between an event and an incident is determined, measured and tested.3. Containment: The Containment phase of the Incident handling process supports and builds up the incident combating process. It helps in ensuring the stability of the system and also confirms that the incident does not get any worse.4. Eradication: The Eradication phase of the Incident handling process involves the cleaning-up of the identified harmful incidents from the system. It includes the analyzing of the information that has been gathered for determining how the attack was committed. To prevent the incident from happening again, it is vital to recognize how it was conceded out so that a prevention technique is applied.5. Recovery: Recovery is the fifth step of the incident handling process. In this phase, the Incident Handler places the system back into the working environment. In the recovery phase the Incident Handler also works with the questions to validate that the system recovery is successful. This involves testing the system to make sure that all the processes and functions are working normal. The Incident Handler also monitors the system to make sure that the systems are not compromised again. It looks for additional signs of attack.6. Lessons learned: Lessons learned is the sixth and the final step of incident handling process. The Incident Handler utilizes the knowledge and experience he learned during the handling of the incident to enhance and improve the incident-handling process. This is the most ignorant step of all incident handling processes. Many times the Incident Handlers are relieved to have systems back to normal and get busy trying to catch up other unfinished work. The Incident Handler should make documents related to the incident or look for ways to improve the process.Answer option C is incorrect. The post mortem review is one of the phases of the Incident response process.
Which of the following steps of the OPSEC process examines each aspect of the planned operation to identify OPSEC indicators that could reveal critical information and then compare those indicators with the adversary's intelligence collection capabilities identified in the previous action?
Answer(s): D
OPSEC is a 5-step process that helps in developing protection mechanisms in order to safeguard sensitive information and preserve essential secrecy.The OPSEC process has five steps, which are as follows:1. Identification of Critical Information: This step includes identifying information vitally needed by an adversary, which focuses the remainder of the OPSEC process on protecting vital information, rather than attempting to protect all classified or sensitive unclassified information.2. Analysis of Threats: This step includes the research and analysis of intelligence, counter-intelligence, and open source information to identify likely adversaries to a planned operation.3. Analysis of Vulnerabilities: It includes examining each aspect of the planned operation to identify OPSEC indicators that could reveal critical information and then comparing those indicators with the adversary's intelligence collection capabilities identified in the previous action.4. Assessment of Risk: Firstly, planners analyze the vulnerabilities identified in the previous action and identify possible OPSEC measures for each vulnerability. Secondly, specific OPSEC measures are selected for execution based upon a risk assessment done by the commander and staff.5. Application of Appropriate OPSEC Measures: The command implements the OPSEC measures selected in the assessment of risk action or, in the case of planned future operations and activities, includes the measures in specific OPSEC plans.
Which of the following statements are true about an IPv6 network? Each correct answer represents a complete solution. Choose all that apply.
Answer(s): A,B,D,E
IP addressing version 6 (IPv6) is the latest version of IP addressing. IPv6 is designed to solve many of the problems that were faced by IPv4, such as address depletion, security, auto-configuration, and extensibility. With the fast increasing number of networks and the expansion of the World Wide Web, the allotted IP addresses are depleting rapidly, and the need for more network addresses is arising. IPv6 solves this problem, as it uses a 128-bit address that can produce a lot more IP addresses. These addresses are hexadecimal numbers, made up of eight octet pairs. An example of an IPv6 address is 45CF: 6D53: 12CD: AFC7: E654: BB32: 543C: FACE.Answer option C is incorrect. The subnet masks used in IPv6 addresses are of the same length as those used in IPv4 addresses.
Post your Comments and Discuss EC-Council 312-38 exam with other Community members:
meep Commented on March 01, 2025 meep meepmeep meepmeep meepmeep meepmeep meep UNITED KINGDOM
Mohammed Commented on March 01, 2025 I want to let you know that I passed this test yesterday. These questions are valid as of this week. UNITED ARAB EMIRATES
Kuwan Commented on December 23, 2024 Have you recently taken a certification exam? Your experience can help others! ?? Was the exam harder or easier than expected? ?? Any tricky topics or surprises? ?? What study methods worked best for you? Drop your thoughts below and help future test-takers succeed! UNITED STATES
Bryan Commented on August 22, 2023 Big thanks to AllBrainDumps for providing such a great resource, helping me preparing to achieve my goal, saving lots of time! TAIWAN PROVINCE OF CHINA
Our website is free, but we have to fight against bots and content theft. We're sorry for the inconvenience caused by these security measures. You can access the rest of the 312-38 content, but please register or login to continue.