112-51 Practice Exam Questions with Answers Network Defense Essentials (NDE) Exam Certification

The loT communication model that serves as an analyzer for a company to track monthly or yearly energy consumption is the device-to-cloud model. The device-to-cloud model is a loT communication model where the loT devices, such as smart meters, sensors, or thermostats, send data directly to the cloud platform, such as AWS, Azure, or Google Cloud, over the internet. The cloud platform then processes, analyzes, and stores the data, and provides feedback, control, or visualization to the users or applications. The device-to-cloud model enables the company to monitor and optimize the energy consumption of the loT devices in real time, and to leverage the cloud services, such as machine learning, big data analytics, or artificial intelligence, to perform advanced energy management and demand response.The device-to-cloud model also reduces the complexity and cost of the loT infrastructure, as it does not require intermediate gateways or servers to connect the loT devices to the cloud123.References:

• Network Defense Essentials Courseware, EC-Council, 2020, pp. 3-38 to 3-39
• loT Communication Models: Device-to-Device, Device-to-Cloud, Device-to-Gateway, and Back-End Data-Sharing, DZone, July 9, 2018
• loT Communication Models: Device-to-Device, Device-to-Cloud, Device-to-Gateway, and Back-End Data-Sharing, Medium, March 26, 2019

The type of attack initiated by Jacob in the above scenario is a cross-container attack. A cross-container attack is a type of attack that targets container technology and exploits the shared resources and network connections between containers. A cross-container attack can compromise the security and availability of multiple containers and the underlying host by performing actions such as stealing data, executing commands, consuming resources, or spreading malware. A cross-container attack can be launched by an external attacker who gains access to a container through a network vulnerability, or by a malicious insider who runs a rogue container on the same host or cluster.A cross-container attack can be prevented or mitigated by implementing security best practices for container technology, such as isolating containers, limiting privileges, enforcing policies, scanning images, and monitoring network traffic123.References:

• Network Defense Essentials Courseware, EC-Council, 2020, pp. 3-37 to 3-38
• 6 Common Kubernetes and Container Attack Techniques and How to Prevent Them - Palo Alto Networks, Palo Alto Networks, March 2, 2022
• The evolution of a matrix: How ATT&CK for Containers was built - Microsoft, Microsoft, July 21, 2021

A gateway is a component of IoT architecture that collects data from IoT devices and performs data pre-processing. A gateway acts as a bridge between the IoT devices and the cloud platform, and it can filter, aggregate, compress, encrypt, or transform the data before sending it to the cloud for storage and analysis. A gateway can also perform edge computing, which means processing the data locally and providing real-time feedback or actions. A gateway can support various communication protocols, such as WiFi, Bluetooth, Zigbee, or cellular, and it can enhance the security and reliability of the IoT system.A gateway is the component that matches the description given in the question123

anonymous proxy is a type of proxy that hides the user’s IP address and other identifying information from the web servers they access. An anonymous proxy acts as an intermediary between the user and the internet, and it modifies the HTTP headers to prevent the web servers from tracking the user’s location, browser, or device. An anonymous proxy can help the user bypass geo-restrictions, censorship, and online surveillance. However, an anonymous proxy does not encrypt the user’s traffic, and it may still leak some information to the proxy provider or other third parties. An anonymous proxy is the type of proxy employed by Mary in the above scenario, as she used a proxy tool that makes her online activity untraceable.References:

• What is a Proxy Server and How Does it Work?
• 13 Best Proxy Tools for PC [2024 Reviewed]- Section: Anonymous proxies
• The Fastest Free Proxy

Role-based access control (RBAC) is a model that assigns permissions and privileges to users based on their roles in an organization. In RBAC, the administrator defines the roles and the access rights for each role, and then assigns users to those roles. This way,the administrator can control the access of users to the resources without having to manage each user individually. In the scenario, Carol is assigned a role that does not have the installation rights, while the administrator has a role that does. Therefore, the access control model demonstrated in the scenario is RBAC.References:Network Defense Essentials - EC-Council Learning,Network Defense Essentials (NDE) | Coursera,EC-Council Network Defense Essentials | NDE Certification

Sharing confidential data on an unsecured network is a security risk associated with mobile usage policies. Mobile devices are often used to access and transmit sensitive information over public or untrusted networks, such as WiFi hotspots, cellular networks, or Bluetooth connections. This exposes the data to interception, modification, or redirection by malicious actors who may exploit mobile security vulnerabilities or use network-based attacks, such as man-in-the-middle, spoofing, or sniffing. To prevent this risk, mobile users should follow best practices such as using encryption, VPN, certificate pinning, and secure protocols to protect the data in transit. They should also avoid sending or receiving sensitive data over unsecured networks or applications, and verify the identity and integrity of the endpoint servers before establishing a connection.References:

• The 9 Most Common Security Threats to Mobile Devices in 2021, Auth0, June 25, 2021
• 7 Mobile App Security Risks and How to Mitigate Them, Cypress Data Defense, July 10, 2020
• The Latest Mobile Security Threats and How to Prevent Them, Security Intelligence, February 19, 2019

A sprinkler system is a type of fire-fighting system that uses a distribution piping system to suppress the fire. A sprinkler system consists of sprinkler heads that are connected to a water supply and activated by heat or smoke detectors. When a fire is detected, the sprinkler heads release water to extinguish the fire and prevent it from spreading.A sprinkler system can be wet, dry, pre-action, or deluge, depending on the type of water supply and activation mechanism12.References:Network Defense Essentials - EC-Council Learning,Essentials Of Fire Fighting, 7th Edition, Product Suite - IFSTA

The communication layer of IoT architecture employs protocols and networks for connecting, sending, and receiving data between devices and network. The communication layer is responsible for enabling data exchange among the IoT devices and the cloud or other devices.The communication layer can use various types of networks, such as wired, wireless, cellular, or satellite, and various types of protocols, such as TCP/IP, MQTT, CoAP, or ZigBee12.References:Network Defense Essentials - EC-Council Learning,IoT Architecture: The 4 Layers of an IoT System

System-based risk is a type of mobile device security risk that arises from the vulnerabilities or flaws in the operating system or firmware of the device. System-based risk can expose the device to malware, spyware, ransomware, or other malicious attacks that can compromise the data, functionality, or privacy of the device. System-based risk can be mitigated by applying regular security updates and patches from the manufacturer or vendor, as well as using antivirus or anti-malware software. In the above scenario, Stella’s device faced a system-based risk, as it ran with an obsolete OS version that had vulnerabilities that allowed the files to be replaced. She ignored the messages from the manufacturer for updates, which could have prevented the risk.References:

• Mobile Device Security Risks- Week 8: Mobile Device Security
• Is It Safe to Use an Old or Used Phone? Here’s What You Should Know
• Obsolete products - The National Cyber Security Centre

A permissive policy is a type of Internet access policy that allows users to access the Internet from any device and any location, without any restrictions or security measures. A permissive policy provides convenience and flexibility for the users, but also exposes them to various risks, such as malware infection, data leakage, or cyberattacks. In the scenario, Sarah was accessing confidential office files from a remote location via her personal computer connected to the public Internet, and accidentally downloaded a malicious file onto her computer.This indicates that the organization had a permissive policy for Internet access12.References:Network Defense Essentials - EC-Council Learning,Internet Access Policy: Definition and Best Practices

AES (Advanced Encryption Standard) is an iterated block cipher that works by repeating the defined steps multiple times and has a 128-bit block size, having key sizes of 128, 192, and 256 bits. AES is a symmetric-key algorithm that encrypts and decrypts data using the same secret key. AES operates on a 4x4 matrix of bytes called the state, which undergoes 10, 12, or 14 rounds of transformation depending on the key size. Each round consists of four steps: sub-bytes, shift-rows, mix-columns, and add-round-key. AES is widely used for securing data in various applications and platforms, such as web browsers, VPNs, wireless networks, and smart grids. AES is the algorithm that matches the description given in the question.References:

• AES- Week 4: Cryptography Techniques
• Advanced Encryption Standard (AES)- NIST
• AES Encryption and Decryption Online Tool- Code Beautify

The Sarbanes-Oxley Act (SOX) is a US law that was enacted in 2002 in response to the corporate scandals involving Enron, WorldCom, and others. The SOX aims to protect the public and investors by increasing the accuracy and reliability of corporate disclosures, such as financial statements, audit reports, and internal controls.The SOX also establishes the Public Company Accounting Oversight Board (PCAOB) to oversee the auditing of public companies and imposes criminal penalties for fraud and non-compliance12.References:Network Defense Essentials - EC-Council Learning,Sarbanes-Oxley Act of 2002 (SOX) | U.S. Department of Labor

A device-to-cloud model is a type of IoT communication model that connects the IoT devices directly to the cloud platform, where the data is stored, processed, and analyzed. The device-to-cloud model enables remote access, real-time monitoring, and scalability of IoT applications. The device-to-cloud model requires the IoT devices to have internet connectivity and cloud compatibility. In the above scenario, John used a device-to-cloud model to monitor his grandfather’s health condition, as he placed a smart wearable ECGon his grandfather’s wrist that sent the data to the cloud platform, where John could access it from his mobile phone and receive alerts periodically.References:

• Communication Models in IoT (Internet of Things)- Section: Device-to-Cloud Model
• IoT Communication Models - IoTbyHVM- Section: Device to Cloud Communication Model
• Logical Design of IoT | Communication Models | APIs | Functional Blocks- Section: Device-to-Cloud Communication Model

A coaxial cable is a type of network cable that is made up of a single copper conductor at its center and a plastic layer that provides an insulated center conductor with a braided metal shield. The metal shield helps to reduce electromagnetic interference and noise from external sources.Coaxial cables are commonly used for cable TV, radio, and broadband internet connections12.References:Different Types of Network Cable and Specifications,Network Defense Essentials - EC-Council Learning

The network defense approach that was employed by Alice on her laptop was the preventive approach. The preventive approach aims to stop or deter potential attacks before they happen by implementing security measures that reduce the attack surface and increase the difficulty of exploitation. Biometric authentication is an example of a preventive measure that uses a physical characteristic, such as a fingerprint, iris, or face, to verify the identity of the user and grant access to the device or system. Biometric authentication is more secure than traditional methods, such as passwords or PINs, because it is harder to forge, guess, or steal. By locking her laptop and using biometric authentication, Alice prevented Bob from accessing her laptop and her confidential files without her permission.References:

• Network Defense Essentials Courseware, EC-Council, 2020, pp. 1-7 to 1-8
• What is Biometric Authentication?, Norton, July 29, 2020
• An introduction to network defense basics, Enable Sysadmin, November 26, 2019