Question 1
Below are the various steps involved in the creation of a data retention policy.
1.Understand and determine the applicable legal requirements of the organization
2.Ensure that all employees understand the organization's data retention policy
3.Build a data retention policy development team
4.ldentify and classify the data to be included in the data retention policy
5.Develop the data retention policy
Identify the correct sequence of steps involved.
- A. 3 -- >2 -- >5 -- >4 -- >1
- B. 3 -- >1 -- >4 -- >5 -- >2
- C. 1 -- >3 -- >4 -- >2 -- >5
- D. 1 -- >5 -- >4 -- >2 -- >3
Answer:
B
Explanation:
The correct sequence of steps involved in the creation of a data retention policy is 3 -> 1 -> 4 -> 5 ->
2. This is based on the following description of the data retention policy creation process from the
web search results:
Build a team: To design a data retention policy, you need a team of industry experts, such as legal, IT,
compliance, and business representatives, who can contribute their knowledge and perspectives to
the policy.
The team should have a clear leader who can coordinate the tasks and communicate the
goals and expectations1
.
Determine legal requirements: The team should research and understand the applicable legal and
regulatory requirements for data retention that affect the organization, such as GDPR, HIPAA, PCI
DSS, etc.
The team should also consider any contractual obligations or industry standards that may
influence the data retention policy2134
.
Identify and classify the data: The team should inventory and categorize all the data that the
organization collects, stores, and processes, based on their function, subject, or type.
The team
should also assess the value, risk, and sensitivity of each data category, and determine the
appropriate retention period, format, and location for each data category2134
.
Develop the data retention policy: The team should draft the data retention policy document that
outlines the purpose, scope, roles, responsibilities, procedures, and exceptions of the data retention
policy. The policy should be clear, concise, and consistent, and should reflect the legal and business
requirements of the organization.
The policy should also include a data retention schedule that
specifies the retention period and disposition method for each data category2134
.
Ensure that all employees understand the organization’s data retention policy: The team should
communicate and distribute the data retention policy to all the relevant employees and
stakeholders, and provide training and guidance on how to comply with the policy.
The team should
also monitor and enforce the policy, and review and update the policy regularly to reflect any
changes in the legal or business environment2134
.
Reference:
How to Create a Data Retention Policy | Smartsheet
, Smartsheet, July 17, 2019
What Is a Data Retention Policy? Best Practices + Template
, Drata, November 29, 2023
Data Retention Policy: What It Is and How to Create One - SpinOne
, SpinOne, 2020
How to Develop and Implement a Retention Policy - SecureScan
, SecureScan, 2020
Comments
Question 2
Cibel.org, an organization, wanted to develop a web application for marketing its products to the
public. In this process, they consulted a cloud service provider and requested provision of
development tools, configuration management, and deployment platforms for developing
customized applications.
Identify the type of cloud service requested by Cibel.org in the above scenario.
- A. Security-as-a-service (SECaaS)
- B. Platform-as-a-service
- C. Infrastructure-as-a-service {laaS)
- D. ldentity-as-a-service {IDaaS)
Answer:
B
Explanation:
The type of cloud
The type of cloud service requested by Cibel.org in the above scenario is Platform-as-a-service
(PaaS). PaaS is a cloud-based service that delivers a range of developer tools and deployment
capabilities. PaaS provides a complete, ready-to-use, cloud-hosted platform for developing, running,
maintaining and managing applications. PaaS customers do not need to install, configure, or manage
the underlying infrastructure, such as servers, storage, network, or operating system. Instead, they
can focus on the application development and deployment process, using the tools and services
provided by the cloud service provider. PaaS solutions support cloud-native development
technologies, such as microservices, containers, Kubernetes, serverless computing, that enable
developers to build once, then deploy and manage consistently across private cloud, public cloud
and on-premises environments. PaaS also offers features such as scalability, availability, security,
backup, and monitoring for the applications.
PaaS is suitable for organizations that want to develop
customized applications without investing in or maintaining the infrastructure123
. Reference:
Network Defense Essentials Courseware
, EC-Council, 2020, pp. 3-40 to 3-41
What is PaaS? A Beginner’s Guide to Platform as a Service - G2
, G2, February 19, 2020
Cloud Service Models Explained: SaaS, IaaS, PaaS, FaaS - Jelvix
, Jelvix, July 14, 2020
Comments
Question 3
Ben, a computer user, applied for a digital certificate. A component of PKI verifies Ben's identity
using the credentials provided and passes that request on behalf of Ben to grant the digital
certificate.
Which of the following PKI components verified Ben as being legitimate to receive the certificate?
- A. Certificate authority (CA)
- B. Registration authority {RA)
- C. Certificate directory
- D. Validation authority (VA)
Answer:
B
Explanation:
The PKI component that verified Ben as being legitimate to receive the certificate is the registration
authority (RA). An RA is an entity that is responsible for identifying and authenticating certificate
applicants, approving or rejecting certificate applications, and initiating certificate revocations or
suspensions under certain circumstances. An RA acts as an intermediary between the certificate
authority (CA) and the certificate applicant, and performs the necessary checks and validations
before forwarding the request to the CA. The CA is the entity that signs and issues the certificates,
and maintains the certificate directory and the certificate revocation list. A certificate directory is a
repository of issued certificates that can be accessed by users or applications to verify the validity
and status of a certificate.
A validation authority (VA) is an entity that provides online certificate
validation services, such as OCSP or SCVP, to verify the revocation status of a certificate in real
time123
. Reference:
Public key infrastructure - Wikipedia
, Wikipedia, March 16, 2021
Components of a PKI - The National Cyber Security Centre
, NCSC, 2020
Network Defense Essentials Courseware
, EC-Council, 2020, pp. 3-26 to 3-27
Comments
Question 4
George, a certified security professional, was hired by an organization to ensure that the server
accurately responds to customer requests. In this process, George employed a security solution to
monitor the network traffic toward the server. While monitoring the traffic, he identified attack
signatures such as SYN flood and ping of death attempts on the server.
Which of the following categories of suspicious traffic signature has George identified in the above
scenario?
- A. Informational
- B. Reconnaissance
- C. Unauthorized access
- D. Denial-of-service (DoS)
Answer:
D
Explanation:
Denial-of-service (DoS) is the category of suspicious traffic signature that George identified in the
above scenario. DoS signatures are designed to detect attempts to disrupt or degrade the availability
or performance of a system or network by overwhelming it with excessive or malformed traffic. SYN
flood and ping of death are examples of DoS attacks that exploit the TCP/IP protocol to consume the
resources or crash the target server. A SYN flood attack sends a large number of TCP SYN packets to
the target server, without completing the three-way handshake, thus creating a backlog of half-open
connections that exhaust the server’s memory or bandwidth. A ping of death attack sends a
malformed ICMP echo request packet that exceeds the maximum size allowed by the IP protocol,
thus causing the target server to crash or reboot.
DoS attacks can cause serious damage to the
organization’s reputation, productivity, and revenue, and should be detected and mitigated as soon
as possible123
. Reference:
Network Defense Essentials Courseware
, EC-Council, 2020, pp. 3-33 to 3-34
What is a denial-of-service attack?
, Cloudflare, 2020
Denial-of-service attack - Wikipedia
, Wikipedia, March 16, 2021
Comments
Question 5
Identify the loT communication model that serves as an analyzer for a company to track monthly or
yearly energy consumption. Using this analysis, companies can reduce the expenditure on energy.
- A. Device-to-device model
- B. Cloud-to-cloud model
- C. Device-to-cloud model
- D. Device-to-gateway model
Answer:
C
Explanation:
The loT communication model that serves as an analyzer for a company to track monthly or yearly
energy consumption is the device-to-cloud model. The device-to-cloud model is a loT
communication model where the loT devices, such as smart meters, sensors, or thermostats, send
data directly to the cloud platform, such as AWS, Azure, or Google Cloud, over the internet. The
cloud platform then processes, analyzes, and stores the data, and provides feedback, control, or
visualization to the users or applications. The device-to-cloud model enables the company to
monitor and optimize the energy consumption of the loT devices in real time, and to leverage the
cloud services, such as machine learning, big data analytics, or artificial intelligence, to perform
advanced energy management and demand response.
The device-to-cloud model also reduces the
complexity and cost of the loT infrastructure, as it does not require intermediate gateways or servers
to connect the loT devices to the cloud123
. Reference:
Network Defense Essentials Courseware
, EC-Council, 2020, pp. 3-38 to 3-39
loT Communication Models: Device-to-Device, Device-to-Cloud, Device-to-Gateway, and Back-End
Data-Sharing
, DZone, July 9, 2018
loT Communication Models: Device-to-Device, Device-to-Cloud, Device-to-Gateway, and Back-End
Data-Sharing
, Medium, March 26, 2019
Comments
Question 6
Finch, a security professional, was instructed to strengthen the security at the entrance. At the
doorway, he implemented a security mechanism that allows employees to register their retina scan
and a unique six- digit code, using which they can enter the office at any time.
Which of the following combinations of authentication mechanisms is implemented in the above
scenario?
- A. Biornetric and password authentication
- B. Password and two-factor authentication
- C. Two-factor and smart card authentication
- D. Smart card and password authentication
Answer:
A
Explanation:
The combination of authentication mechanisms that is implemented in the above scenario is
biometric and password authentication. Biometric authentication is a type of authentication that
uses an inherent factor, such as a retina scan, to verify the identity of the user. Password
authentication is a type of authentication that uses a knowledge factor, such as a six-digit code, to
verify the identity of the user. By combining biometric and password authentication, Finch has
implemented a two-factor authentication (2FA) system that requires the user to provide two
different types of authentication factors to gain access to the office. 2FA is a more secure way of
authentication than using a single factor, as it reduces the risk of unauthorized access due to stolen
or compromised credentials.
Biometric and password authentication is a common 2FA method that
is used in many applications, such as banking, e-commerce, or health care123
. Reference:
Network Defense Essentials Courseware
, EC-Council, 2020, pp. 3-28 to 3-29
What is Biometric Authentication?
, Norton, July 29, 2020
What is Two-Factor Authentication (2FA)?
, Authy, 2020
Comments
Question 7
Identify the UBA tool that collects user activity details from multiple sources and uses artificial
intelligence and machine learning algorithms to perform user behavior analysis to prevent and
detect various threats before the fraud is perpetrated.
- A. Nmap
- B. ClamWin
- C. Dtex systems
- D. Wireshark
Answer:
C
Explanation:
Dtex Systems is the UBA tool that collects user activity details from multiple sources and uses
artificial intelligence and machine learning algorithms to perform user behavior analysis to prevent
and detect various threats before the fraud is perpetrated. Dtex Systems is a user and entity behavior
analytics (UEBA) platform that provides visibility, detection, and response capabilities for insider
threats, compromised accounts, data loss, and fraud. Dtex Systems collects user activity data from
endpoints, servers, cloud applications, and network traffic, and applies advanced analytics and
machine learning to establish baselines of normal user behavior, identify anomalies, and assign risk
scores. Dtex Systems also provides contextual information, such as user intent, motivation, and
sentiment, to help security teams understand and respond to the threats.
Dtex Systems can integrate
with other security tools, such as SIEM, DLP, or IAM, to enhance the security posture of the
organization123
. Reference:
Network Defense Essentials Courseware
, EC-Council, 2020, pp. 3-35 to 3-36
Dtex Systems - Wikipedia
, Wikipedia, March 16, 2021
Dtex Systems - User and Entity Behavior Analytics (UEBA)
, Dtex Systems, 2020
Comments
Question 8
Below is the list of encryption modes used in a wireless network.
1.WPA2 Enterprise with RADIUS
2.WPA3
3.WPA2 PSK
4.WPA2 Enterprise
Identify the correct order of wireless encryption modes in terms of security from high to low.
- A. 2 -- >1 -- >4 -- >3
- B. 3 -- >1 -- >4 -- >2
- C. 4 -- >2 -- >3 -- >1
- D. 4 -- >3 -- >2 -- >1
Answer:
A
Explanation:
Explore
The correct order of wireless encryption modes in terms of security from high to low is 2 -> 1 -> 4 ->
3. This is based on the following comparison of the wireless encryption modes:
WPA3: WPA3 is the latest and most secure wireless encryption mode, introduced in 2018 as a
successor to WPA2. WPA3 uses the AES encryption protocol and provides several security
enhancements, such as stronger password protection, individualized encryption, forward secrecy,
and protection against brute-force and dictionary attacks. WPA3 also supports two modes: WPA3-
Personal and WPA3-Enterprise, which offer different levels of security for home and business
networks. WPA3-Personal uses Simultaneous Authentication of Equals (SAE) to replace the Pre-
Shared Key (PSK) method and provide more robust password-based authentication.
WPA3-Enterprise
uses 192-bit cryptographic strength to provide additional protection for sensitive data and
networks123
.
WPA2 Enterprise with RADIUS: WPA2 Enterprise with RADIUS is a wireless encryption mode that
combines the security features of WPA2 Enterprise and the authentication features of RADIUS. WPA2
Enterprise is a mode of WPA2 that uses the AES encryption protocol and provides stronger security
than WPA2 Personal, which uses the PSK method. WPA2 Enterprise uses the 802.1X standard to
implement Extensible Authentication Protocol (EAP) methods, such as EAP-TLS, EAP-TTLS, or PEAP,
to authenticate users and devices before granting access to the network. RADIUS is a protocol that
allows a central server to manage authentication, authorization, and accounting for network access.
RADIUS can integrate with WPA2 Enterprise to provide centralized and scalable authentication for
large and complex networks, such as corporate or campus networks .
WPA2 Enterprise: WPA2 Enterprise is a wireless encryption mode that uses the AES encryption
protocol and provides stronger security than WPA2 Personal, which uses the PSK method. WPA2
Enterprise uses the 802.1X standard to implement Extensible Authentication Protocol (EAP)
methods, such as EAP-TLS, EAP-TTLS, or PEAP, to authenticate users and devices before granting
access to the network. WPA2 Enterprise is suitable for business or public networks that require
individual and secure authentication for each user or device .
WPA2 PSK: WPA2 PSK is a wireless encryption mode that uses the AES encryption protocol and
provides better security than WEP or WPA, which use the TKIP encryption protocol. WPA2 PSK uses
the Pre-Shared Key (PSK) method, which means that all users and devices share the same password
or passphrase to join the network. WPA2 PSK is easy to set up and use, but it has some security
drawbacks, such as being vulnerable to brute-force and dictionary attacks, or having the password
compromised by a rogue user or device. WPA2 PSK is suitable for home or small networks that do
not require individual authentication or advanced security features .
Reference:
Wi-Fi Security: Should You Use WPA2-AES, WPA2-TKIP, or Both? - How-To Geek
, How-To Geek, March
12, 2023
WiFi Security: WEP, WPA, WPA2, WPA3 And Their Differences - NetSpot
, NetSpot, February 8, 2024
What is WPA3? And some gotchas to watch out for in this Wi-Fi security upgrade - CSO Online
, CSO
Online, November 18, 2020
[Types of Wireless Security Encryption - GeeksforGeeks], GeeksforGeeks, 2020
[Wireless Security Protocols: WEP, WPA, and WPA2 - Lifewire], Lifewire, February 17, 2021
[WPA vs. WPA2 vs. WPA3: Wi-Fi Security Explained - MakeUseOf], MakeUseOf, January 13, 2021
Comments
Question 9
Which of the following IDS components analyzes the traffic and reports if any suspicious activity is
detected?
- A. Command console
- B. Network sensor
- C. Database of attack signatures
- D. Response system
Answer:
B
Explanation:
The IDS component that analyzes the traffic and reports if any suspicious activity is detected is the
network sensor. A network sensor is a device or software application that is deployed at a strategic
point or points within the network to monitor and capture the network traffic to and from all devices
on the network. A network sensor can operate in one of two modes: promiscuous or inline. In
promiscuous mode, the network sensor passively listens to the network traffic and copies the
packets for analysis. In inline mode, the network sensor actively intercepts and filters the network
traffic and can block or modify the packets based on predefined rules. A network sensor analyzes the
network traffic using various detection methods, such as signature-based, anomaly-based, or
reputation-based, and compares the traffic patterns with a database of attack signatures or a model
of normal behavior. If the network sensor detects any suspicious or malicious activity, such as a
reconnaissance scan, an unauthorized access attempt, or a denial-of-service attack, it generates an
alert and reports it to the IDS manager or the operator.
A network sensor can also integrate with a
response system to take appropriate actions, such as logging, notifying, or blocking, in response to
the detected activity123
. Reference:
Network Defense Essentials Courseware
, EC-Council, 2020, pp. 3-33 to 3-34
Intrusion Detection System (IDS) - GeeksforGeeks
, GeeksforGeeks, 2020
Intrusion detection system - Wikipedia
, Wikipedia, March 16, 2021
Comments
Question 10
Which of the following objects of the container network model (CNM) contains the configuration
files of a container's network stack, such as routing table, container's interfaces, and DNS settings?
- A. Endpoint
- B. Sandbox
- C. Network drivers
- D. IPAM drivers
Answer:
B
Explanation:
The object of the container network model (CNM) that contains the configuration files of a
container’s network stack, such as routing table, container’s interfaces, and DNS settings, is the
Sandbox. A Sandbox is a logical entity that encapsulates the network configuration and state of a
container. A Sandbox can contain one or more endpoints from different networks, and provides
isolation and security for the container’s network stack. A Sandbox can be implemented using
various technologies, such as Linux network namespaces, FreeBSD jails, or Windows compartments.
A Sandbox allows the container to have its own view and control of the network resources, such as
interfaces, addresses, routes, and DNS settings123
. Reference:
The Container Networking Model | Training
, Training, 2020
A Comprehensive Guide To Docker Networking - KnowledgeHut
, KnowledgeHut, September 27, 2023
Design - GitHub: Let’s build from here
, GitHub, 2020
Comments
Page 1 out of 7
Viewing questions 1-10 out of 75
page 2