EC-Council Network Security Administrator (ENSA)
Question No: 111 CORRECT TEXT – (Topic 2)
Fill in the blank with the appropriate term. The layer establishes, manages, and terminates the connections between the local and remote application.
Question No: 112 – (Topic 2)
Adam, a malicious hacker, has just succeeded in stealing a secure cookie via a XSS attack. He is able to replay the cookie even while the session is valid on the server. Which of the following is the most likely reason of this cause?
No encryption is applied.
Two way encryption is applied.
Encryption is performed at the network layer (layer 1 encryption).
Encryption is performed at the application layer (single encryption key).
Answer: D Explanation:
Single key encryption uses a single word or phrase as the key. The same key is used by the sender to encrypt and the receiver to decrypt. Sender and receiver initially need to have a secure way of passing the key from one to the other. With TLS or SSL this would not be possible. Symmetric encryption is a type of encryption that uses a single key to encrypt and decrypt data. Symmetric encryption algorithms are faster than public key encryption.
Therefore, it is commonly used when a message sender needs to encrypt a large amount of data. Data Encryption Standard (DES) uses the symmetric encryption key algorithm to encrypt data.
Question No: 113 CORRECT TEXT – (Topic 2)
Fill in the blank with the appropriate word. A policy is defined as the document that describes the scope of an organization#39;s security requirements.
Question No: 114 – (Topic 2)
Which of the following is a Unix and Windows tool capable of intercepting traffic on a network segment and capturing username and password?
Answer: B Explanation:
Ettercap is a Unix and Windows tool for computer network protocol analysis and security auditing. It is capable of intercepting traffic on a network segment, capturing passwords, and conducting active eavesdropping against a number of common protocols. It is a free open source software. Ettercap supports active and passive dissection of many protocols (including ciphered ones) and provides many features for network and host analysis.
Answer option C is incorrect. BackTrack is a Linux distribution distributed as a Live CD, which is used for penetration testing. It allows users to include customizable scripts, additional tools and configurable kernels in personalized distributions. It contains various tools, such as Metasploit integration, RFMON injection capable wireless drivers, kismet, autoscan-network (network discovering and managing application), nmap, ettercap, wireshark (formerly known as Ethereal).
Answer option A is incorrect. AirSnort is a Linux-based WLAN WEP cracking tool that recovers encryption keys. AirSnort operates by passively monitoring transmissions. It uses Ciphertext Only Attack and captures approximately 5 to 10 million packets to decrypt the WEP keys. Answer option D is incorrect. Aircrack is the fastest WEP/WPA cracking tool used for 802.11a/b/g WEP and WPA cracking.
Question No: 115 – (Topic 2)
Which of the following standards is a proposed enhancement to the 802.11a and 802.11b wireless LAN (WLAN) specifications that offers quality of service (QoS) features, including the prioritization of data, voice, and video transmissions?
A. 802.15 B. 802.11n C. 802.11e D. 802.11h
The 802.11e standard is a proposed enhancement to the 802.11a and 802.11b wireless LAN (WLAN) specifications. It offers quality of service (QoS) features, including the prioritization of data, voice, and video transmissions. 802.11e enhances the 802.11 Media Access Control layer (MAC layer) with a coordinated time division multiple access (TDMA) construct, and adds error-correcting mechanisms for delay-sensitive applications such as voice and video. Answer option D is incorrect. 802.11h refers to the amendment added to the IEEE 802.11 standard for Spectrum and Transmit Power Management Extensions.
Answer option B is incorrect. 802.11n is an amendment to the IEEE 802.11-2007 wireless networking standard to improve network throughput over the two previous standards – 802.11a and 802.11g – with a significant increase in the maximum raw data rate from 54 Mbit/s to 600 Mbit/s with the use of four spatial streams at a channel width of 40 MHz.
Answer option A is incorrect. IEEE 802.15 is a working group of the IEEE 802 and specializes in Wireless PAN (Personal Area Network) standards. It includes seven task groups, which are as follows:
1.Task group 1 (WPAN/Bluetooth) 2.Task group 2 (Coexistence) 3.Task group 3 (High Rate WPAN) 4.Task group 4 (Low Rate WPAN) 5.Task group 5 (Mesh Networking) 6.Task Group 6 (BAN)
7.Task group 7 (VLC)
Question No: 116 – (Topic 2)
Which of the following key features is used by TCP in order to regulate the amount of data sent by a host to another host on the network?
Answer: D Explanation:
Flow control is the process of regulating the amount of data sent by a host to another host on the network. The flow control mechanism controls packet flow so that a sender does not transmit more packets than a receiver can process. TCP uses a sliding window flow control protocol. In each TCP segment, the receiver specifies in the receive window field the amount of additional received data (in bytes) that it is willing to buffer for the connection.
The sending host can send only up to that amount of data before it must wait for an acknowledgment and window update from the receiving host.
Answer option A is incorrect. TCP uses a sequence number for identifying each byte of data.
Answer option B is incorrect. TCP timestamp helps TCP to compute the round-trip time between the sender and receiver.
Answer option C is incorrect. Congestion control concerns controlling traffic entry into a telecommunications network, so as to avoid congestive collapse by attempting to avoid oversubscription of any of the processing or link capabilities of the intermediate nodes and networks and taking resource reducing steps, such as reducing the rate of sending packets. It should not be confused with flow control, which prevents the sender from overwhelming the receiver.
Question No: 117 – (Topic 2)
Which of the following representatives in the incident response process are included in the incident response team? Each correct answer represents a complete solution. Choose all that apply.
Information security representative
Answer: A,B,C,D,E Explanation:
Incident response is a process that detects a problem, determines the cause of an issue, minimizes the damages, resolves the problem, and documents each step of process for future reference. To perform all these roles, an incident response team is needed. The
incident response team includes the following representatives who are involved in the incident response process:
Lead investigator: The lead investigator is the manager of an incident response team. He is always involved in the creation of an incident response plan. The duties of a lead investigator are as follows:Keep the management updated.Ensure that the incident response moves smoothly and efficiently.Interview and interrogate the suspects and witnesses.
Information security representative: The information security representative is a member of the incident response team who alerts the team about possible security safeguards that can impact their ability to respond to an incident.
Legal representative: The legal representative is a member of the incident response team who ensures that the process follows all the laws during the response to an incident.
Technical representative: Technical representative is a representative of the incident response team. More than one technician can be deployed to an incident. The duties of a technical representative are as follows:Perform forensic backups of the systems that are involved in an incident. Provide more information about the configuration of the network or system.
Human resources: Human resources personnel ensure that the policies of the organization are enforced during the incident response process. They suspend access to a suspect if it is needed. Human resources personnel are closely related with the legal representatives and cover up the organization#39;s legal responsibility.
Question No: 118 – (Topic 2)
Which of the following is a device that provides local communication between the datalogger and a computer?
Short haul modem
Answer: D Explanation:
A short haul modem is a device that provides local communication between the datalogger and a computer with an RS-232 serial port. It transmits data up to 6.5 miles over a four-wire
unconditioned line (two twisted pairs).
Answer option B is incorrect. An optical modem is a device that is used for converting a computer#39;s electronic signals into optical signals for transmission over optical fiber. It also converts optical signals from an optical fiber cable back into electronic signals. It provides higher data transmission rates because it uses extremely high capacity of the optical fiber cable for transmitting data.
Answer option C is incorrect. An acoustic modem provides wireless communication under water. The optimum performance of a wireless acoustic modem system depends upon the speed of sound, water depth, existence of thermocline zones, ambient noise, and seasonal change.
Answer option A is incorrect. A controllerless modem is a hardware-based modem that does not have the physical communications port controller circuitry. It is also known as WinModem or software modem. A controllerless modem is very inexpensive and can easily be upgraded with new software.
Question No: 119 – (Topic 2)
Which of the following plans is documented and organized for emergency response, backup operations, and recovery maintained by an activity as part of its security program that will ensure the availability of critical resources and facilitates the continuity of operations in an emergency situation?
Disaster Recovery Plan
Business Continuity Plan
Continuity Of Operations Plan
Answer: A Explanation:
Contingency plan is prepared and documented for emergency response, backup operations, and recovery maintained by an activity as the element of its security program that will ensure the availability of critical resources and facilitates the continuity of operations in an emergency situation.
A contingency plan is a plan devised for a specific situation when things could go wrong. Contingency plans are often devised by governments or businesses who want to be prepared for anything that could happen. Contingency plans include specific strategies and
actions to deal with
specific variances to assumptions resulting in a particular problem, emergency, or state of affairs. They also include a monitoring process and quot;triggersquot; for initiating planned actions. They are required to help governments, businesses, or individuals to recover from serious incidents in
the minimum time with minimum cost and disruption.
Answer option B is incorrect. A disaster recovery plan should contain data, hardware, and software that can be critical for a business. It should also include the plan for sudden loss such as hard disc crash. The business should use backup and data recovery utilities to limit the loss of data.
Answer option D is incorrect. The Continuity Of Operation Plan (COOP) refers to the preparations and institutions maintained by the United States government, providing survival of federal government operations in the case of catastrophic events. It provides procedures and capabilities to sustain an organization#39;s essential. COOP is the procedure documented to ensure persistent critical operations throughout any period where normal operations are unattainable.
Answer option C is incorrect. Business Continuity Planning (BCP) is the creation and validation of a practiced logistical plan for how an organization will recover and restore partially or completely interrupted critical (urgent) functions within a predetermined time after a disaster or extended disruption. The logistical plan is called a business continuity plan.
Question No: 120 CORRECT TEXT – (Topic 2)
Fill in the blank with the appropriate term. is the use of sensitive words in e-mails to jam the authorities that listen in on them by providing a form of a red herring and an intentional annoyance.
Answer: Email jamming
|Lowest Price Guarantee||Yes||No||No|
|Free VCE Simulator||Yes||No||No|