312-38 Online Practice Questions and Answers

Correct Answer: D

Correct Answer: A

Correct Answer: A

The Network News Transfer Protocol (NNTP) is an Internet application protocol used for transporting Usenet news articles (netnews) between news servers and for reading and posting articles by end user client applications. NNTP is designed so that news articles are stored in a central database, allowing the subscriber to select only those items that he wants to read. Answer option D is incorrect. Network Time Protocol (NTP) is used to synchronize the timekeeping among the number of distributed time servers and clients. It is used for the time management in a large and diverse network that contains many interfaces. In this protocol, servers define the time, and clients have to be synchronized with the defined time. These clients can choose the most reliable source of time defined from the several NTP servers for their information transmission. Answer option C is incorrect. The Data Link Switching Client Access Protocol (DCAP) is an application layer protocol that is used between workstations and routers for transporting SNA/NetBIOS traffic over TCP sessions. It was introduced in order to address a few deficiencies by the Data Link Switching Protocol (DLSw). The DLSw raises the important issues of scalability and efficiency, and since DLSw is a switch-to-switch protocol, it is not efficient when implemented on workstations. DCAP was introduced in order to address these issues. Answer option B is incorrect. The BOOTP protocol is used by diskless workstations to collect configuration information from a network server. It is also used to acquire a boot image from the server.

Correct Answer: B

Ettercap is a Unix and Windows tool for computer network protocol analysis and security auditing. It is capable of intercepting traffic on a network segment, capturing passwords, and conducting active eavesdropping against a number of

common protocols. It is a free open source software. Ettercap supports active and passive dissection of many protocols (including ciphered ones) and provides many features for network and host analysis. Answer option C is incorrect.

BackTrack is a Linux distribution distributed as a Live CD, which is used for penetration testing. It allows users to include customizable scripts, additional tools and configurable kernels in personalized distributions. It contains various tools,

such as Metasploit integration, RFMON injection capable wireless drivers, kismet, autoscan-network (network discovering and managing application), nmap, ettercap, wireshark (formerly known as Ethereal).

Answer option A is incorrect. AirSnort is a Linux-based WLAN WEP cracking tool that recovers encryption keys. AirSnort operates by passively monitoring transmissions. It uses Ciphertext Only Attack and captures approximately 5 to 10

million packets to decrypt the WEP keys. Answer option D is incorrect. Aircrack is the fastest WEP/WPA cracking tool used for 802.11a/b/g WEP and WPA cracking.

Correct Answer: ABCD

The responsibilities of the disaster recovery team are as follows: To develop, deploy, and monitor the implementation of appropriate disaster recovery plans after analysis of business objectives and threats to organizations To notify management, affected personnel, and third parties about the disaster To initiate the execution of the disaster recovery procedures To monitor the execution of the disaster recovery plan and assess the results To return operations to normal conditions To modify and update the disaster recovery plan according to the lessons learned from previous disaster recovery efforts To increase the level of the organization's disaster recovery preparedness by conducting mock drills, regular DR systems testing, and threat analysis to create awareness among various stakeholders of the organization by conducting training and awareness sessions

Correct Answer: A

A stateful firewall is a firewall that keeps track of the state of network connections (such as TCP streams, UDP communication) traveling across it. The firewall is programmed to distinguish legitimate packets for different types of connections.

Only packets matching a known connection state will be allowed by the firewall; others will be rejected. Answer option B is incorrect. A stateless packet filter firewall allows direct connections from the external network to hosts on the internal

network and is included with router configuration software or with Open Source operating systems.

Answer option C is incorrect. It applies security mechanisms when a TCP or UDP connection is established.

Answer option D is incorrect. An application gateway firewall applies security mechanisms to specific applications, such as FTP and Telnet servers.

Correct Answer: D

Correct Answer: C

RG-59 type of coaxial cable is used for cable TV and cable modems.

Answer option A is incorrect. RG-8 coaxial cable is primarily used as a backbone in an Ethernet LAN environment and often connects one wiring closet to another. It is also known as 10Base5 or ThickNet.

Answer option B is incorrect. RG-62 coaxial cable is used for ARCNET and automotive radio antennas.

Answer option D is incorrect. RG-58 coaxial cable is used for Ethernet networks. It uses baseband signaling and 50-Ohm terminator. It is also known as 10Base2 or ThinNet.

Correct Answer: C

Correct Answer: C