Free 312-38 Exam Braindumps

Mark is monitoring the network traffic on his organization's network. He wants to detect a TCP and UDP ping sweep on his network. Which type of filter will be used to detect this on the network?

1. A. Tcp.srcport==7 and udp.srcport==7
2. B. Tcp.srcport==7 and udp.dstport==7
3. C. Tcp.dstport==7 and udp.srcport==7
4. D. Tcp.dstport==7 and udp.dstport==7

Correct Answer: D

You are an IT security consultant working on a contract for a large manufacturing company to audit their entire network. After performing all the tests and building your report, you present a number of recommendations to the company and what they should implement to become more secure. One recommendation is to install a network-based device that notifies IT employees whenever malicious or questionable traffic is found. From your talks with the company, you know that they do not want a device that actually drops traffic completely, they only want notification. What type of device are you suggesting?

1. A. The best solution to cover the needs of this company would be a HIDS device.
2. B. A NIDS device would work best for the company
3. C. You are suggesting a NIPS device
4. D. A HIPS device would best suite this company

Correct Answer: B

Which phase of vulnerability management deals with the actions taken for correcting the discovered vulnerability?

1. A. Mitigation
2. B. Assessment
3. C. Remediation
4. D. Verification

Correct Answer: C

------------is a group of broadband wireless communications standards for Metropolitan Area Networks (MANs)

1. A. 802.15
2. B. 802.16
3. C. 802.15.4
4. D. 802.12

Correct Answer: B

Malone is finishing up his incident handling plan for IT before giving it to his boss for review. He is outlining the incident response methodology and the steps that are involved. What is the last step he should list?

1. A. Containment
2. B. Assign eradication
3. C. A follow-up
4. D. Recovery

Correct Answer: C