EC-Council 312-38 Certified Network Defender Online Training
EC-Council 312-38 Online Training
The questions for 312-38 were last updated at May 07,2025.
- Exam Code: 312-38
- Exam Name: Certified Network Defender
- Certification Provider: EC-Council
- Latest update: May 07,2025
Cindy is the network security administrator for her company. She just got back from a security conference in Las Vegas where they talked about all kinds of old and new security threats; many of which she did not know of. She is worried about the current security state of her company’s network so she decides to start scanning the network from an external IP address. To see how some of the hosts on her network react, she sends out SYN packets to an IP range. A number of IPs responds with a SYN/ACK response. Before the connection is established, she sends RST packets to those hosts to stop the session. She has done this to see how her intrusion detection system will log the traffic.
What type of scan is Cindy attempting here?
- A . The type of scan she is usinq is called a NULL scan.
- B . Cindy is using a half-open scan to find live hosts on her network.
- C . Cindy is attempting to find live hosts on her company’s network by using a XMAS scan.
- D . She is utilizing a RST scan to find live hosts that are listening on her network.
A newly joined network administrator wants to assess the organization against possible risk. He notices the organization doesn’t have a________identified which helps measure how risky an activity is.
- A . Risk Severity
- B . Risk Matrix
- C . Key Risk Indicator
- D . Risk levels
A VPN Concentrator acts as a bidirectional tunnel endpoint among host machines.
What are the other f unction(s) of the device? (Select all that apply)
- A . Provides access memory, achieving high efficiency
- B . Assigns user addresses
- C . Enables input/output (I/O) operations
- D . Manages security keys
James is working as a Network Administrator in a reputed company situated in California. He is monitoring his network traffic with the help of Wireshark. He wants to check and analyze the traffic against a PING sweep attack.
Which of the following Wireshark filters will he use?
- A . lcmp.type==0 and icmp.type==16
- B . lcmp.type==8 or icmp.type==16
- C . lcmp.type==8 and icmp.type==0
- D . lcmp.type==8 or icmp.type==0
Harry has successfully completed the vulnerability scanning process and found serious vulnerabilities exist in the organization’s network. Identify the vulnerability management phases through which he will proceed to ensure all the detected vulnerabilities are addressed and eradicated. (Select all that apply)
- A . Mitigation
- B . Assessment
- C . Verification
- D . Remediation
George was conducting a recovery drill test as a part of his network operation. Recovery drill tests are conducted on the______________.
- A . Archived data
- B . Deleted data
- C . Data in transit
- D . Backup data
During a security awareness program, management was explaining the various reasons which create threats to network security.
Which could be a possible threat to network security?
- A . Configuring automatic OS updates
- B . Having a web server in the internal network
- C . Implementing VPN
- D . Patch management
Identify the network topology where each computer acts as a repeater and the data passes from one computer to the other in a single direction until it reaches the destination.
- A . Ring
- B . Mesh
- C . Bus
- D . Star
John, the network administrator and he wants to enable the NetFlow feature in Cisco routers to collect and monitor the IP network traffic passing through the router.
Which command will John use to enable NetFlow on an interface?
- A . Router (Config-if) # IP route – cache flow
- B . Router# Netmon enable
- C . Router IP route
- D . Router# netflow enable
Michael decides to view the—————–to track employee actions on the organization’s network.
- A . Firewall policy
- B . Firewall log
- C . Firewall settings
- D . Firewall rule set
Latest 312-38 Dumps Valid Version with 120 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
