James is a network administrator working at a student loan company in Minnesota. This company processes over 20,000 student loans a year from colleges all over the state. Most communication between the company, schools, and lenders is carried out through emails. Much of the email communication used at his company contains sensitive information such as social security numbers. For this reason, James wants to utilize email encryption. Since a server-based PKI is not an option for him, he is looking for a low/no cost solution to encrypt emails. What should James use?
A. James should utilize the free OTP software package.
B. James can enforce mandatory HTTPS in the email clients to encrypt emails.
C. James could use PGP as a free option for encrypting the company's emails.
D. James can use MD5 algorithm to encrypt all the emails.
David is working in a mid-sized IT company. Management asks him to suggest a framework that can be used effectively to align the IT goals to the business goals of the company. David suggests the _________ framework, as it provides a set of controls over IT and consolidates them to form a framework.
A. COBIT
B. ITIL
C. ISO 27007
D. RMIS
Identify the password cracking attempt involving precomputed hash values stored as plaintext and used to crack the password.
A. Bruteforce
B. Rainbow table
C. Hybrid
D. Dictionary
John, the network administrator and he wants to enable the NetFlow feature in Cisco routers to collect and monitor the IP network traffic passing through the router. Which command will John use to enable NetFlow on an interface?
A. Router IP route
B. Router(Config-if) # IP route cache flow
C. Router# Netmon enable
D. Router# netflow enable
Which of the following types of information can be obtained through network sniffing? (Choose all that apply.)
A. DNS traffic
B. Telnet passwords
C. Programming errors
D. Syslog traffic
The network administrator wants to strengthen physical security in the organization. Specifically, to implement a solution stopping people from entering certain restricted zones without proper credentials. Which of following physical security measures should the administrator use?
A. Mantrap
B. Bollards
C. Video surveillance
D. Fence
Which of the following incident handling stage removes the root cause of the incident?
A. Eradication
B. Recovery
C. Detection
D. Containment
Justine has been tasked by her supervisor to ensure that the company's physical security is on the same level as their logical security measures. She installs video cameras at all entrances and exits and installs badge access points for all doors. The last item she wants to install is a method to prevent unauthorized people piggybacking employees. What should she install to prevent piggybacking?
A. Justine needs to install a biometrics station at each entrance.
B. She should install a mantrap.
C. She should install a Thompson Trapdoor.
D. Justine will need to install a revolving security door.
An attacker has access to password hashes of a windows 7 computer. Which of the following attacks can the attacker use to reveal the passwords?
A. XSS
B. Rainbow table
C. Brute force
D. Dictionary attacks
Which NIST Incident category includes any activity that seeks to access or identify a federal agency computer, open ports, protocols, service or any combination for later exploit?
A. Malicious code
B. Scans/ Probes/ Attempted Access
C. Denial-of-Service
D. Improper usage
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-38 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.