Eccouncil 112-51 NDE Exam Practice Test Instant Access

Question 1

Which of the following access control models refers to assigning permissions to a user role based on the rules defined for each user role by the administrator?

ADiscretionary rule access control

BMandatory rule access control

CRule-based access control

DRole-based access control

Answer : D

Role-based access control (RBAC) is a type of access control model that refers to assigning permissions to a user role based on the rules defined for each user role by the administrator. In RBAC, the administrator creates different roles and assigns them the appropriate access rights to the resources. The administrator then assigns users to those roles based on their job functions. This way, the administrator can manage the access of users to the resources without having to deal with each user individually. RBAC can simplify the administration, enhance the security, and improve the scalability of the access control system12. Reference: Network Defense Essentials - EC-Council Learning, Role-Based Access Control (RBAC) and Role-Based Security

Question 2

John, from a remote location, was monitoring his bedridden grandfather's health condition at his home. John has placed a smart wearable ECG on his grandfather's wrist so that he can receive alerts to his mobile phone and can keep a track over his grandfather's health condition periodically.

Which of the following types of loT communication model was demonstrated in the above scenario?

ADevice-to-gateway model

BDevice-to-cloud model

CCloud-to-cloud communication model

DDevice-to-device model

Answer : B

A device-to-cloud model is a type of IoT communication model that connects the IoT devices directly to the cloud platform, where the data is stored, processed, and analyzed. The device-to-cloud model enables remote access, real-time monitoring, and scalability of IoT applications. The device-to-cloud model requires the IoT devices to have internet connectivity and cloud compatibility. In the above scenario, John used a device-to-cloud model to monitor his grandfather's health condition, as he placed a smart wearable ECG on his grandfather's wrist that sent the data to the cloud platform, where John could access it from his mobile phone and receive alerts periodically. Reference:

Communication Models in IoT (Internet of Things) - Section: Device-to-Cloud Model

IoT Communication Models - IoTbyHVM - Section: Device to Cloud Communication Model

Logical Design of IoT | Communication Models | APIs | Functional Blocks - Section: Device-to-Cloud Communication Model

Question 3

George, a professional hacker, targeted a bank employee and tried to crack his password while he was attempting to log on to the remote server to perform his regular banking operations. In this process, George used sniffing tools to capture the password pairwise master key (PMK) associated with the handshake authentication process. Then, using the PMK, he gained unauthorized access to the server to perform malicious activities.

Identify the encryption technology on which George performed password cracking.

AWPA3

BWPA

CWPA2

DWEP

Answer : C

WPA2 (Wi-Fi Protected Access 2) is an encryption technology that secures wireless networks using the IEEE 802.11i standard. WPA2 uses a four-way handshake to authenticate the client and the access point, and to generate a pairwise transient key (PTK) for encrypting the data. The PTK is derived from the password pairwise master key (PMK), which is a shared secret between the client and the access point. The PMK can be obtained either by using a pre-shared key (PSK) or by using an 802.1X authentication server. In the above scenario, George performed password cracking on WPA2, as he used sniffing tools to capture the PMK associated with the handshake authentication process. Then, using the PMK, he was able to derive the PTK and decrypt the data exchanged between the client and the access point. Reference:

WPA2 - Wikipedia

How WPA2-PSK encryption works? - Cryptography Stack Exchange

WPA2 Encryption and Configuration Guide - Cisco Meraki Documentation

Question 4

Kevin, a security team member, was instructed to share a policy document with the employees. As it was supposed to be shared within the network, he used a simple algorithm to encrypt the document that just rearranges the same characters to produce the ciphertext.

Identify the type of cipher employed by Kevin in the above scenario.

ASubstitution cipher

BStreamn cipher

CTransposition cipher

DBlock cipher

Answer : C

A transposition cipher is a type of cipher that encrypts a document by rearranging the same characters to produce the ciphertext. A transposition cipher does not change the identity or frequency of the characters, but only their position. A transposition cipher can use various methods to permute the characters, such as writing them in a grid and reading them in a different order, or shifting them along a rail fence pattern. A transposition cipher is a simple and fast algorithm, but it can be easily broken by frequency analysis or anagramming. A transposition cipher is the type of cipher employed by Kevin in the above scenario, as he used a simple algorithm to encrypt the document that just rearranges the same characters to produce the ciphertext. Reference:

Transposition cipher - Wikipedia

Network Security: Transposition Cipher Techniques - Coding Streets

Network Defense Essentials (NDE) | Coursera - Module 4: Cryptography Techniques

Columnar Transposition Cipher - GeeksforGeeks

Question 5

Which of the following environmental controls options saves the hardware from humidity and heat,

increases hardware performance, and maintains consistent room temperature?

AHot and cold aisles

BLighting systern

CTemperature indicator

DEMI shielding

Answer : A

Hot and cold aisles are a type of environmental control that saves the hardware from humidity and heat, increases hardware performance, and maintains consistent room temperature. Hot and cold aisles are a layout design for data centers, where the server racks are arranged in alternating rows of cold air intake and hot air exhaust. The cold aisle faces the air conditioner output ducts and provides cool air to the front of the servers. The hot aisle faces the air conditioner return ducts and collects the hot air from the back of the servers. This way, the hot and cold air streams are separated and do not mix, resulting in better cooling efficiency, lower energy consumption, and longer hardware lifespan. Reference:

Hot and cold aisles - Week 4: Network Security Controls: Physical Controls

Hot and Cold Aisles: The Basics of Data Center Cooling

Hot Aisle vs. Cold Aisle Containment: Which One is Best for Your Data Center?

Question 6

Kelly, a cloud administrator at TechSol Inc., was instructed to select a cloud deployment model to secure the corporate data and retain full control over the data.

Which of the following cloud deployment models helps Kelly in the above scenario?

APublic cloud

BMulti cloud

CCommunity cloud

DPrivate cloud

Answer : D

A private cloud is a cloud deployment model that is exclusively used by a single organization and is hosted either on-premises or off-premises by a third-party provider. A private cloud offers the highest level of security and control over the data and resources, as the organization can customize the cloud infrastructure and services according to its needs and policies. A private cloud also ensures better performance and availability, as the organization does not share the cloud resources with other users. A private cloud is suitable for organizations that have sensitive or confidential data, strict compliance requirements, or high demand for scalability and flexibility. A private cloud can help Kelly secure the corporate data and retain full control over the data in the above scenario. Reference:

Private Cloud - Week 6: Virtualization and Cloud Computing

Private Cloud vs Public Cloud vs Hybrid Cloud

Private Cloud Security: Challenges and Best Practices

Question 7

Below are various authentication techniques.

1.Retina scanner

2.One-time password

3.DNA

4.Voice recognition

Identify the techniques that fall under biometric authentication.

A1, 3, and 4

B1, 2, and 3

C2, 3, and 4

D1, 2, and 4

Answer : A

Biometric authentication is a type of authentication that uses the physical or behavioral characteristics of a person to verify their identity. Biometric authentication is more secure and convenient than other methods such as passwords or tokens, as biometric traits are unique, hard to forge, and easy to use. Some examples of biometric authentication techniques are retina scanner, DNA, and voice recognition. Retina scanner uses a low-intensity light beam to scan the pattern of blood vessels at the back of the eye, which is unique for each individual. DNA uses the genetic code of a person to match their identity, which is the most accurate and reliable biometric technique. Voice recognition uses the sound and pitch of a person's voice to verify their identity, which is influenced by factors such as anatomy, physiology, and psychology. These techniques fall under biometric authentication, as they use the physical or behavioral traits of a person to authenticate them. Reference:

Biometric Authentication - Week 2: Identification, Authentication, and Authorization

Biometric Authentication: What You Need To Know

Biometric Authentication Techniques

Eccouncil 112-51 Network Defense Essentials Exam NDE Exam Practice Test