Eccouncil 112-51 Network Defense Essentials Exam NDE Exam Practice Test

Page: 1 / 14
Total 75 questions
Question 1

Kelly, a cloud administrator at TechSol Inc., was instructed to select a cloud deployment model to secure the corporate data and retain full control over the data.

Which of the following cloud deployment models helps Kelly in the above scenario?



Answer : D

A private cloud is a cloud deployment model that is exclusively used by a single organization and is hosted either on-premises or off-premises by a third-party provider. A private cloud offers the highest level of security and control over the data and resources, as the organization can customize the cloud infrastructure and services according to its needs and policies. A private cloud also ensures better performance and availability, as the organization does not share the cloud resources with other users. A private cloud is suitable for organizations that have sensitive or confidential data, strict compliance requirements, or high demand for scalability and flexibility. A private cloud can help Kelly secure the corporate data and retain full control over the data in the above scenario. Reference:

Private Cloud - Week 6: Virtualization and Cloud Computing

Private Cloud vs Public Cloud vs Hybrid Cloud

Private Cloud Security: Challenges and Best Practices


Question 2

Which of the following IDS components analyzes the traffic and reports if any suspicious activity is

detected?



Answer : B

The IDS component that analyzes the traffic and reports if any suspicious activity is detected is the network sensor. A network sensor is a device or software application that is deployed at a strategic point or points within the network to monitor and capture the network traffic to and from all devices on the network. A network sensor can operate in one of two modes: promiscuous or inline. In promiscuous mode, the network sensor passively listens to the network traffic and copies the packets for analysis. In inline mode, the network sensor actively intercepts and filters the network traffic and can block or modify the packets based on predefined rules. A network sensor analyzes the network traffic using various detection methods, such as signature-based, anomaly-based, or reputation-based, and compares the traffic patterns with a database of attack signatures or a model of normal behavior. If the network sensor detects any suspicious or malicious activity, such as a reconnaissance scan, an unauthorized access attempt, or a denial-of-service attack, it generates an alert and reports it to the IDS manager or the operator. A network sensor can also integrate with a response system to take appropriate actions, such as logging, notifying, or blocking, in response to the detected activity123. Reference:

Network Defense Essentials Courseware, EC-Council, 2020, pp. 3-33 to 3-34

Intrusion Detection System (IDS) - GeeksforGeeks, GeeksforGeeks, 2020

Intrusion detection system - Wikipedia, Wikipedia, March 16, 2021


Question 3

James was recruited as security personnel in an organization and was instructed to secure the organization's infrastructure from physical threats. To achieve this, James installed CCTV systems near gates, reception, hallways, and workplaces to capture illicit activities inside the premises, identify activities that need attention, collect images as evidence, and aid in an alarm system.

Identify the type of physical security control implemented by James in the above scenario.



Answer : A


Question 4

Messy, a network defender, was hired to secure an organization's internal network. He deployed an IDS in which the detection process depends on observing and comparing the observed events with the normal behavior and then detecting any deviation from it.

Identify the type of IDS employed by Messy in the above scenario.



Answer : C

Anomaly-based IDS is a type of IDS that detects intrusions by comparing the observed network events with a baseline of normal behavior and identifying any deviation from it. Anomaly-based IDS can detect unknown or zero-day attacks that do not match any known signature, but they can also generate false positives due to legitimate changes in network behavior. Anomaly-based IDS can use various techniques to model the normal behavior, such as statistical analysis, machine learning, or artificial intelligence. Anomaly-based IDS is the type of IDS employed by Messy in the above scenario, as he deployed an IDS that depends on observing and comparing the observed events with the normal behavior and then detecting any deviation from it. Reference:

Anomaly-Based Intrusion Detection System - Chapter 2: Anomaly-Based Intrusion Detection System

Network Defense Essentials (NDE) | Coursera - Week 10: Intrusion Detection and Prevention Systems

A systematic literature review for network intrusion detection system (IDS) - Section 3.2: Anomaly-based IDS


Question 5

Kevin logged into a banking application with his registered credentials and tried to transfer some amount from his account to Flora's account. Before transferring the amount to Flora's account, the application sent an OTP to Kevin's mobile for confirmation.

Which of the following authentication mechanisms is employed by the banking application in the above scenario?



Answer : D

Two-factor authentication (2FA) is a type of authentication that requires users to provide two or more forms of verification to access an online account. 2FA is a multi-layered security measure designed to prevent hackers from accessing user accounts using stolen or shared credentials. 2FA typically combines something the user knows (such as a password or PIN), something the user has (such as a phone or a token), and/or something the user is (such as a fingerprint or a face scan). In the above scenario, the banking application employs 2FA by asking Kevin to enter his registered credentials (something he knows) and an OTP sent to his mobile (something he has) before transferring the amount to Flora's account. Reference:

Improve Your Cybersecurity with Password MFA - Defense.com

What Is Two-Factor Authentication (2FA)? | Microsoft Security

Selecting Secure Multi-factor Authentication Solutions


Question 6

Identify the backup mechanism that is performed within the organization using external devices such as hard disks and requires human interaction to perform the backup operations, thus, making it suspectable to theft or natural disasters.



Answer : B

Onsite data backup is the backup mechanism that is performed within the organization using external devices such as hard disks and requires human interaction to perform the backup operations, thus, making it susceptible to theft or natural disasters. Onsite data backup means storing the backup data on a local storage device, such as an external hard drive, a USB flash drive, a CD/DVD, or a tape drive, that is physically located in the same premises as the original data source. Onsite data backup has some advantages, such as fast backup and restore speed, easy access, and low cost. However, it also has some disadvantages, such as requiring manual intervention, occupying physical space, and being vulnerable to damage, loss, or theft. If a disaster, such as a fire, flood, earthquake, or power outage, occurs in the organization, both the original data and the backup data may be destroyed or inaccessible. Therefore, onsite data backup is not a reliable or secure way to protect the data from unforeseen events. Reference:

Should I Use an External Hard Drive for Backup in 2024?, Cloudwards, February 8, 2024

How to Back Up a Computer to an External Hard Drive, Lifewire, April 1, 2022

Best Way to Backup Multiple Computers to One External Drive, AOMEI, December 29, 2020


Question 7

Cibel.org, an organization, wanted to develop a web application for marketing its products to the public. In this process, they consulted a cloud service provider and requested provision of development tools, configuration management, and deployment platforms for developing customized applications.

Identify the type of cloud service requested by Cibel.org in the above scenario.



Answer : B

The type of cloud

The type of cloud service requested by Cibel.org in the above scenario is Platform-as-a-service (PaaS). PaaS is a cloud-based service that delivers a range of developer tools and deployment capabilities. PaaS provides a complete, ready-to-use, cloud-hosted platform for developing, running, maintaining and managing applications. PaaS customers do not need to install, configure, or manage the underlying infrastructure, such as servers, storage, network, or operating system. Instead, they can focus on the application development and deployment process, using the tools and services provided by the cloud service provider. PaaS solutions support cloud-native development technologies, such as microservices, containers, Kubernetes, serverless computing, that enable developers to build once, then deploy and manage consistently across private cloud, public cloud and on-premises environments. PaaS also offers features such as scalability, availability, security, backup, and monitoring for the applications.PaaS is suitable for organizations that want to develop customized applications without investing in or maintaining the infrastructure123.Reference:

Network Defense Essentials Courseware, EC-Council, 2020, pp. 3-40 to 3-41

What is PaaS? A Beginner's Guide to Platform as a Service - G2, G2, February 19, 2020

Cloud Service Models Explained: SaaS, IaaS, PaaS, FaaS - Jelvix, Jelvix, July 14, 2020


Page:    1 / 14   
Total 75 questions