1. Home
  2. EC-COUNCIL
  3. 312-38

EC-Council Certified Network Defender (CND)

Exam Details

  • Exam Code
    :312-38
  • Exam Name
    :EC-Council Certified Network Defender (CND)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :653 Q&As
  • Last Updated
    :Apr 12, 2025

EC-COUNCIL EC-COUNCIL Certifications 312-38 Questions & Answers

  • Question 111:

    -----------is a group of broadband wireless communications standards for Metropolitan Area Networks (MANs)

    A. 802.15.4

    B. 802.15

    C. 802.12

    D. 802.16

  • Question 112:

    James was inspecting ARP packets in his organization's network traffic with the help of Wireshark. He is checking the volume of traffic containing ARP requests as well as the source IP address from which they are originating. Which type of attack is James analyzing?

    A. ARP Sweep

    B. ARP misconfiguration

    C. ARP spoofinq

    D. ARP Poisioning

  • Question 113:

    Tom works as a network administrator in a multinational organization having branches across North America and Europe. Tom wants to implement a storage technology that can provide centralized data storage and provide free data backup on the server. He should be able to perform data backup and recovery more efficiently with the selected technology. Which of the following storage technologies best suits Tom's requirements?

    A. DAS

    B. PAS

    C. RAID D. NAS

  • Question 114:

    Frank installed Wireshark at all ingress points in the network. Looking at the logs he notices an odd packet source. The odd source has an address of 1080:0:FF:0:8:800:200C:4171 and is using port 21. What does this source address signify?

    A. This address means that the source is using an IPv6 address and is spoofed and signifies an IPv4 address of 127.0.0.1.

    B. This source address is IPv6 and translates as 13.1.68.3

    C. This source address signifies that the originator is using 802dot1x to try and penetrate into Frank's network

    D. This means that the source is using IPv4

  • Question 115:

    George was conducting a recovery drill test as a part of his network operation. Recovery drill tests are conducted on the______________.

    A. Archived data

    B. Deleted data

    C. Data in transit

    D. Backup data

  • Question 116:

    Daniel is monitoring network traffic with the help of a network monitoring tool to detect any abnormalities. What type of network security approach is Daniel adopting?

    A. Preventative

    B. Reactive

    C. Retrospective

    D. Defense-in-depth

  • Question 117:

    You are responsible for network functions and logical security throughout the corporation. Your company has over 250 servers running Windows Server 2012, 5000 workstations running Windows 10, and 200 mobile users working from laptops on Windows 8. Last week 10 of your company's laptops were stolen from a salesman, while at a conference in Barcelona. These laptops contained proprietary company information. While doing a damage assessment, a news story leaks about a blog post containing information about the stolen laptops and the sensitive information. What built-in Windows feature could you have implemented to protect the sensitive information on these laptops?

    A. You should have used 3DES.

    B. You should have implemented the Distributed File System (DFS).

    C. If you would have implemented Pretty Good Privacy (PGP).

    D. You could have implemented the Encrypted File System (EFS)

  • Question 118:

    Liza was told by her network administrator that they will be implementing IPsec VPN tunnels to connect the branch locations to the main office. What layer of the OSI model do IPsec tunnels function on?

    A. The data link layer

    B. The session layer

    C. The network layer

    D. The application and physical layers

  • Question 119:

    An enterprise recently moved to a new office and the new neighborhood is a little risky. The CEO wants to monitor the physical perimeter and the entrance doors 24 hours. What is the best option to do this job?

    A. Install a CCTV with cameras pointing to the entrance doors and the street

    B. Use fences in the entrance doors

    C. Use lights in all the entrance doors and along the company's perimeter

    D. Use an IDS in the entrance doors and install some of them near the corners

  • Question 120:

    The IR team and the network administrator have successfully handled a malware incident on the network. The team is now preparing countermeasure guideline to avoid a future occurrence of the malware incident.

    Which of the following countermeasure(s) should be added to deal with future malware incidents? (Select all that apply)

    A. Complying with the company's security policies

    B. Implementing strong authentication schemes

    C. Implementing a strong password policy

    D. Install antivirus software

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-38 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.