Practice Free 312-38 Exam Online Questions
Question #101
Identify the virtualization level that creates a massive pool of storage areas for different virtual machines running on the hardware.
- A . Fabric virtualization
- B . Storage device virtualization
- C . Server virtualization
- D . File system virtualization
Correct Answer: B
B
Explanation:
Storage device virtualization is the correct answer because it involves abstracting physical storage resources into a pool of storage that can be managed centrally and allocated to different virtual machines. This level of virtualization allows for the creation of a massive pool of storage areas that are not tied to a single physical device, providing flexibility and scalability in managing storage resources for various virtual machines running on the hardware.
Reference: The information aligns with the objectives and documents of the EC-Council’s Certified Network Defender (CND) program, which covers various aspects of network security, including virtualization and storage strategies as part of a comprehensive defense approach12.
B
Explanation:
Storage device virtualization is the correct answer because it involves abstracting physical storage resources into a pool of storage that can be managed centrally and allocated to different virtual machines. This level of virtualization allows for the creation of a massive pool of storage areas that are not tied to a single physical device, providing flexibility and scalability in managing storage resources for various virtual machines running on the hardware.
Reference: The information aligns with the objectives and documents of the EC-Council’s Certified Network Defender (CND) program, which covers various aspects of network security, including virtualization and storage strategies as part of a comprehensive defense approach12.
Question #102
Phishing-like attempts that present users a fake usage bill of the cloud provider is an example of a:
- A . Cloud to service attack surface
- B . User to service attack surface
- C . User to cloud attack surface
- D . Cloud to user attack surface
Correct Answer: D
D
Explanation:
Phishing attempts that target users with fake usage bills from a cloud provider are examples of a cloud to user attack surface. This type of attack surface refers to the potential vulnerabilities and entry points that exist between the cloud service provider and the user. In this scenario, the attacker is exploiting the trust relationship between the user and the cloud service provider by presenting a fraudulent bill, hoping the user will reveal sensitive information or make a payment based on the fake bill.
Reference: The explanation is consistent with the Certified Network Defender (CND) curriculum, which includes understanding various attack surfaces, including cloud and user-related surfaces, and how they can be exploited through phishing and other social engineering attacks12.
D
Explanation:
Phishing attempts that target users with fake usage bills from a cloud provider are examples of a cloud to user attack surface. This type of attack surface refers to the potential vulnerabilities and entry points that exist between the cloud service provider and the user. In this scenario, the attacker is exploiting the trust relationship between the user and the cloud service provider by presenting a fraudulent bill, hoping the user will reveal sensitive information or make a payment based on the fake bill.
Reference: The explanation is consistent with the Certified Network Defender (CND) curriculum, which includes understanding various attack surfaces, including cloud and user-related surfaces, and how they can be exploited through phishing and other social engineering attacks12.
Question #103
Harry has sued the company claiming they made his personal information public on a social networking site in the United States. The company denies the allegations and consulted a/an _______ for legal advice to defend them against this allegation.
- A . Evidence Manager
- B . Incident Handler
- C . Attorney
- D . PR Specialist
Correct Answer: C
C
Explanation:
In the context of legal allegations regarding the disclosure of personal information on a social networking site, a company would consult an attorney for legal advice. An attorney is a professional who is qualified to offer legal advice, represent clients in court, and defend them against legal claims. In this scenario, the attorney would help the company understand the legal implications of the allegations, advise on the best course of action, and provide representation if the case goes to court.
Reference: The role of an attorney in defending against allegations of public disclosure of personal information is well-documented in legal resources and aligns with the practices outlined in data litigation defense strategies1. Attorneys are equipped to handle such cases by advising on factual defenses, ensuring compliance with data protection laws, and representing the company in legal proceedings234.
C
Explanation:
In the context of legal allegations regarding the disclosure of personal information on a social networking site, a company would consult an attorney for legal advice. An attorney is a professional who is qualified to offer legal advice, represent clients in court, and defend them against legal claims. In this scenario, the attorney would help the company understand the legal implications of the allegations, advise on the best course of action, and provide representation if the case goes to court.
Reference: The role of an attorney in defending against allegations of public disclosure of personal information is well-documented in legal resources and aligns with the practices outlined in data litigation defense strategies1. Attorneys are equipped to handle such cases by advising on factual defenses, ensuring compliance with data protection laws, and representing the company in legal proceedings234.
Question #104
Which of the following can be used to suppress fire from Class K sources?
- A . Foam
- B . Carbon dioxide
- C . Water
- D . Dry Chemical
Correct Answer: A
A
Explanation:
Class K fires involve cooking oils and fats, which are highly combustible and can ignite quickly at high temperatures. To suppress a Class K fire, a specific type of extinguishing agent is required that can separate and absorb the heat elements of the fire C the fuel, oxygen, and heat necessary to start a fire. Foam extinguishers are most suitable for Class K fires because they use a substance that turns oils into foam, effectively smothering the fire and preventing re-ignition. Water should not be used on Class K fires as it can cause the oil to splatter and spread the fire. Carbon dioxide and dry chemical extinguishers are also not recommended for Class K fires as they do not adequately remove the heat from the fire.
Reference: The information provided is based on standard fire safety guidelines and classifications for fire types, particularly for Class K fires involving cooking media such as oils and fats12.
A
Explanation:
Class K fires involve cooking oils and fats, which are highly combustible and can ignite quickly at high temperatures. To suppress a Class K fire, a specific type of extinguishing agent is required that can separate and absorb the heat elements of the fire C the fuel, oxygen, and heat necessary to start a fire. Foam extinguishers are most suitable for Class K fires because they use a substance that turns oils into foam, effectively smothering the fire and preventing re-ignition. Water should not be used on Class K fires as it can cause the oil to splatter and spread the fire. Carbon dioxide and dry chemical extinguishers are also not recommended for Class K fires as they do not adequately remove the heat from the fire.
Reference: The information provided is based on standard fire safety guidelines and classifications for fire types, particularly for Class K fires involving cooking media such as oils and fats12.
Question #105
Which of the following type of UPS is used to supply power above 10kVA and provides an ideal electric output presentation, and its constant wear on the power components reduces the dependability?
- A . Stand by On-line hybrid
- B . Line Interactive
- C . Double conversion on-line
- D . Stand by Ferro
Correct Answer: C
C
Explanation:
The type of UPS that is used to supply power above 10kVA and provides an ideal electric output presentation, while its constant wear on the power components reduces dependability, is the Double conversion on-line UPS. This UPS system works by converting the incoming AC power to DC to charge the batteries and then converting it back to AC for the connected equipment. This double conversion process provides a very clean and stable power supply, which is ideal for sensitive electronic equipment. However, because the power components are constantly in use, they tend to wear out more quickly, which can reduce the overall dependability of the system12.
Reference: The information provided is consistent with industry standards for UPS systems and their applications, particularly for power requirements above 10kVA. The double conversion on-line UPS is recognized for its ability to deliver high-quality power output, which is essential for critical systems and applications12.
C
Explanation:
The type of UPS that is used to supply power above 10kVA and provides an ideal electric output presentation, while its constant wear on the power components reduces dependability, is the Double conversion on-line UPS. This UPS system works by converting the incoming AC power to DC to charge the batteries and then converting it back to AC for the connected equipment. This double conversion process provides a very clean and stable power supply, which is ideal for sensitive electronic equipment. However, because the power components are constantly in use, they tend to wear out more quickly, which can reduce the overall dependability of the system12.
Reference: The information provided is consistent with industry standards for UPS systems and their applications, particularly for power requirements above 10kVA. The double conversion on-line UPS is recognized for its ability to deliver high-quality power output, which is essential for critical systems and applications12.
Question #106
Rosa is working as a network defender at Linda Systems. Recently, the company migrated from Windows to MacOS.
Rosa wants to view the security related logs of her system, where con she find these logs?
- A . /private/var/log
- B . /var/log/cups/access-log
- C . /Library/Logs/Sync
- D . /Library/Logs
Correct Answer: A
A
Explanation:
In MacOS, security-related logs are typically stored in the /private/var/log directory. This location is used to store various system logs, including authentication attempts and other security events. The secure.log file within this directory is particularly relevant for tracking security incidents, as it records authentication attempts and other security-related events. It’s important for network defenders like Rosa to be familiar with these log locations to monitor and respond to potential security issues on the systems they manage12.
Reference: The information provided here is consistent with standard MacOS logging practices and the EC-Council’s Certified Network Defender (CND) curriculum, which includes understanding the security mechanisms of different operating systems and how to locate and interpret system logs12. For more detailed information, please refer to the official CND study materials and documents provided by the EC-Council.
A
Explanation:
In MacOS, security-related logs are typically stored in the /private/var/log directory. This location is used to store various system logs, including authentication attempts and other security events. The secure.log file within this directory is particularly relevant for tracking security incidents, as it records authentication attempts and other security-related events. It’s important for network defenders like Rosa to be familiar with these log locations to monitor and respond to potential security issues on the systems they manage12.
Reference: The information provided here is consistent with standard MacOS logging practices and the EC-Council’s Certified Network Defender (CND) curriculum, which includes understanding the security mechanisms of different operating systems and how to locate and interpret system logs12. For more detailed information, please refer to the official CND study materials and documents provided by the EC-Council.