Eccouncil 112-51 NDE Exam Practice Test Instant Access

Question 1

John is working as a security professional in FinCorp Ltd. He was instructed to deploy a security solution on their corporate network that provides real-time monitoring, correlation of events, threat detection, and security incident response activities.

Which of the following security solutions helps John in the above scenario?

ASIEM

BVPN

CSOCKS

DMDM

Answer : A

SIEM stands for Security Information and Event Management. It is a security solution that collects, analyzes, and correlates data from various sources, such as logs, network devices, applications, and security tools. SIEM provides real-time monitoring, threat detection, and security incident response activities. SIEM can help security professionals identify and mitigate security risks, comply with regulations, and improve the overall security posture of the organization12. Reference: Network Defense Essentials - EC-Council Learning, What is SIEM? Security Information and Event Management Explained

Question 2

Which of the following protocols uses TLS/SSL to ensure secure transmission of data over the Internet?

AHTTPS

BSCTP

CFTP

DHTTP

Answer : A

HTTPS (Hypertext Transfer Protocol Secure) is a protocol that uses TLS/SSL to ensure secure transmission of data over the Internet. HTTPS is an extension of HTTP, which is the standard protocol for transferring data between web servers and browsers. HTTPS encrypts the data exchanged between the client and the server, preventing anyone from intercepting, modifying, or stealing the data. HTTPS also verifies the identity of the server using digital certificates, preventing spoofing or phishing attacks. HTTPS is widely used for web applications that handle sensitive information, such as online banking, e-commerce, or social media. Reference:

HTTPS - Week 7: Email Security

How does SSL work? | SSL certificates and TLS | Cloudflare

SSL and TLS: A Beginners Guide | SANS Institute

Question 3

Stella, a mobile user, often ignores the messages received from the manufacturer for updates. One day, she found that files in her device are being replaced, she immediately rushed to the nearest service center for inquiry. They tested the device and identified vulnerabilities in it as it ran with an obsolete OS version.

Identify the mobile device security risk raised on Stella's device in the above scenario.

AApplication-based risk

BSystem-based risk

CNetwork-based risk

DPhysical security risks

Answer : B

System-based risk is a type of mobile device security risk that arises from the vulnerabilities or flaws in the operating system or firmware of the device. System-based risk can expose the device to malware, spyware, ransomware, or other malicious attacks that can compromise the data, functionality, or privacy of the device. System-based risk can be mitigated by applying regular security updates and patches from the manufacturer or vendor, as well as using antivirus or anti-malware software. In the above scenario, Stella's device faced a system-based risk, as it ran with an obsolete OS version that had vulnerabilities that allowed the files to be replaced. She ignored the messages from the manufacturer for updates, which could have prevented the risk. Reference:

Mobile Device Security Risks - Week 8: Mobile Device Security

Is It Safe to Use an Old or Used Phone? Here's What You Should Know

Obsolete products - The National Cyber Security Centre

Question 4

Which of the following actors in the NIST cloud deployment reference architecture acts as an intermediary for providing connectivity and transport services between cloud consumers and providers?

ACloud provider

BCloud auditor

CCloud consumer

DCloud carrier

Answer : D

Question 5

Mary was surfing the Internet, and she wanted to hide her details and the content she was surfing over the web. She employed a proxy tool that makes his online activity untraceable.

Identify the type of proxy employed by John in the above scenario.

ASOCKS proxy

BAnonymous proxy

CReverse proxy

DExplicit proxy

Answer : B

anonymous proxy is a type of proxy that hides the user's IP address and other identifying information from the web servers they access. An anonymous proxy acts as an intermediary between the user and the internet, and it modifies the HTTP headers to prevent the web servers from tracking the user's location, browser, or device. An anonymous proxy can help the user bypass geo-restrictions, censorship, and online surveillance. However, an anonymous proxy does not encrypt the user's traffic, and it may still leak some information to the proxy provider or other third parties. An anonymous proxy is the type of proxy employed by Mary in the above scenario, as she used a proxy tool that makes her online activity untraceable. Reference:

What is a Proxy Server and How Does it Work?

13 Best Proxy Tools for PC [2024 Reviewed] - Section: Anonymous proxies

The Fastest Free Proxy

Question 6

Joseph, a cloud administrator, was recruited for the management and deployment of the software

containers. As part of his job, Joseph employed an automated solution that converts images into containers, deploys them to the hosts, and further monitors container workflow from a single location.

Identify the solution employed by Joseph in the above scenario.

APort scanners

BOrchestrators

CNetwork monitors

DSniffers

Answer : B

Orchestrators are tools that automate container deployment, administration, and scaling tasks. They allow you to reliably manage fleets of hundreds or thousands of containers in production environments. Orchestrators simplify container admin by letting you think in terms of application components instead of individual containers. They're able to take control of all your app's requirements, including config values, secrets, and network services. Orchestrators are the solution employed by Joseph in the above scenario, as he used an automated solution that converts images into containers, deploys them to the hosts, and further monitors container workflow from a single location. Reference:

13 Most Useful Container Orchestration Tools in 2024 - Spacelift

Network Defense Essentials - CERT - EC-Council - Module 6: Virtualization and Cloud Computing

Question 7

Messy, a network defender, was hired to secure an organization's internal network. He deployed an IDS in which the detection process depends on observing and comparing the observed events with the normal behavior and then detecting any deviation from it.

Identify the type of IDS employed by Messy in the above scenario.

ASignature-based

BStateful protocol analysis

CAnomaly-based

DApplication proxy

Answer : C

Anomaly-based IDS is a type of IDS that detects intrusions by comparing the observed network events with a baseline of normal behavior and identifying any deviation from it. Anomaly-based IDS can detect unknown or zero-day attacks that do not match any known signature, but they can also generate false positives due to legitimate changes in network behavior. Anomaly-based IDS can use various techniques to model the normal behavior, such as statistical analysis, machine learning, or artificial intelligence. Anomaly-based IDS is the type of IDS employed by Messy in the above scenario, as he deployed an IDS that depends on observing and comparing the observed events with the normal behavior and then detecting any deviation from it. Reference:

Anomaly-Based Intrusion Detection System - Chapter 2: Anomaly-Based Intrusion Detection System

Network Defense Essentials (NDE) | Coursera - Week 10: Intrusion Detection and Prevention Systems

A systematic literature review for network intrusion detection system (IDS) - Section 3.2: Anomaly-based IDS

Eccouncil 112-51 Network Defense Essentials Exam NDE Exam Practice Test