Network Defense Essentials (NDE)
Exam Latest Version: 6.0 Practice Exam
Newest 2026
Question: 1
George, a certified security professional, was hired by an organization
to ensure that the server accurately responds to customer requests. In
this process, George employed a security solution to monitor the
network traffic toward the server. While monitoring the traffic, he
identified attack signatures such as SYN flood and ping of death
attempts on the server.
Which of the following categories of suspicious traffic signature has
George identified in the above scenario?
A. Informational
B. Reconnaissance
C. Unauthorized access
D. Denial-of-service (DoS)
Answer: D
Explanation:
Denial-of-service (DoS) is the category of suspicious traffic signature
that George identified in the above scenario. DoS signatures are
designed to detect attempts to disrupt or degrade the availability or
performance of a system or network by overwhelming it with
excessive or malformed traffic. SYN flood and ping of death are
,examples of DoS attacks that exploit the TCP/IP protocol to consume
the resources or crash the target server. A SYN flood attack sends a
large number of TCP SYN packets to the target server, without
completing the three-way handshake, thus creating a backlog of half-
open connections that exhaust the server’s memory or bandwidth. A
ping of death attack sends a malformed ICMP echo request packet
that exceeds the maximum size allowed by the IP protocol, thus
causing the target server to crash or reboot. DoS attacks can cause
serious damage to the organization’s reputation, productivity, and
revenue, and should be detected and mitigated as soon as
possible123. Reference:
Network Defense Essentials Courseware, EC-Council, 2020, pp. 3-33 to
3-34
What is a denial-of-service attack?, Cloudflare, 2020
Denial-of-service attack - Wikipedia, Wikipedia, March 16, 2021
Question: 2
Identify the loT communication model that serves as an analyzer for a
company to track monthly or yearly energy consumption. Using this
analysis, companies can reduce the expenditure on energy.
A. Device-to-devicemodel
B. Cloud-to-cloud model
C. Device-to-cloud model
D. Device-to-gateway model
Answer: C
Explanation:
The loT communication model that serves as an analyzer for a
company to track monthly or yearly energy consumption is the device-
to-cloud model. The device-to-cloud model is a loT communication
model where the loT devices, such as smart meters, sensors, or
thermostats, send data directly to the cloud platform, such as AWS,
Azure, or Google Cloud, over the internet. The cloud platform then
, processes, analyzes, and stores the data, and provides feedback,
control, or visualization to the users or applications. The device-to-
cloud model enables the company to monitor and optimize the energy
consumption of the loT devices in real time, and to leverage the cloud
services, such as machine learning, big data analytics, or artificial
intelligence, to perform advanced energy management and demand
response. The device-tocloud model also reduces the complexity and
cost of the loT infrastructure, as it does not require intermediate
gateways or servers to connect the loT devices to the cloud123.
Reference: Network Defense Essentials Courseware, EC-Council, 2020,
pp. 3-38 to 3-39 loT Communication Models: Device-to-Device, Device-
to-Cloud, Device-to-Gateway, and BackEnd Data-Sharing, DZone, July
9, 2018 loT Communication Models: Device-to-Device, Device-to-
Cloud, Device-to-Gateway, and BackEnd Data-Sharing, Medium, March
26, 2019
Question: 3
Finch, a security professional, was instructed to strengthen the
security at the entrance. At the doorway, he implemented a security
mechanism that allows employees to register their retina scan and a
unique six- digit code, using which they can enter the office at any
time. Which of the following combinations of authentication
mechanisms is implemented in the above scenario?
A. Biornetricand password authentication
B. Password and two-factor authentication
C. Two-factor and smart card authentication
D. Smart card and password authentication
Answer: A
Explanation:
The combination of authentication mechanisms that is implemented in
the above scenario is biometric and password authentication.
Biometric authentication is a type of authentication that uses an
Exam Latest Version: 6.0 Practice Exam
Newest 2026
Question: 1
George, a certified security professional, was hired by an organization
to ensure that the server accurately responds to customer requests. In
this process, George employed a security solution to monitor the
network traffic toward the server. While monitoring the traffic, he
identified attack signatures such as SYN flood and ping of death
attempts on the server.
Which of the following categories of suspicious traffic signature has
George identified in the above scenario?
A. Informational
B. Reconnaissance
C. Unauthorized access
D. Denial-of-service (DoS)
Answer: D
Explanation:
Denial-of-service (DoS) is the category of suspicious traffic signature
that George identified in the above scenario. DoS signatures are
designed to detect attempts to disrupt or degrade the availability or
performance of a system or network by overwhelming it with
excessive or malformed traffic. SYN flood and ping of death are
,examples of DoS attacks that exploit the TCP/IP protocol to consume
the resources or crash the target server. A SYN flood attack sends a
large number of TCP SYN packets to the target server, without
completing the three-way handshake, thus creating a backlog of half-
open connections that exhaust the server’s memory or bandwidth. A
ping of death attack sends a malformed ICMP echo request packet
that exceeds the maximum size allowed by the IP protocol, thus
causing the target server to crash or reboot. DoS attacks can cause
serious damage to the organization’s reputation, productivity, and
revenue, and should be detected and mitigated as soon as
possible123. Reference:
Network Defense Essentials Courseware, EC-Council, 2020, pp. 3-33 to
3-34
What is a denial-of-service attack?, Cloudflare, 2020
Denial-of-service attack - Wikipedia, Wikipedia, March 16, 2021
Question: 2
Identify the loT communication model that serves as an analyzer for a
company to track monthly or yearly energy consumption. Using this
analysis, companies can reduce the expenditure on energy.
A. Device-to-devicemodel
B. Cloud-to-cloud model
C. Device-to-cloud model
D. Device-to-gateway model
Answer: C
Explanation:
The loT communication model that serves as an analyzer for a
company to track monthly or yearly energy consumption is the device-
to-cloud model. The device-to-cloud model is a loT communication
model where the loT devices, such as smart meters, sensors, or
thermostats, send data directly to the cloud platform, such as AWS,
Azure, or Google Cloud, over the internet. The cloud platform then
, processes, analyzes, and stores the data, and provides feedback,
control, or visualization to the users or applications. The device-to-
cloud model enables the company to monitor and optimize the energy
consumption of the loT devices in real time, and to leverage the cloud
services, such as machine learning, big data analytics, or artificial
intelligence, to perform advanced energy management and demand
response. The device-tocloud model also reduces the complexity and
cost of the loT infrastructure, as it does not require intermediate
gateways or servers to connect the loT devices to the cloud123.
Reference: Network Defense Essentials Courseware, EC-Council, 2020,
pp. 3-38 to 3-39 loT Communication Models: Device-to-Device, Device-
to-Cloud, Device-to-Gateway, and BackEnd Data-Sharing, DZone, July
9, 2018 loT Communication Models: Device-to-Device, Device-to-
Cloud, Device-to-Gateway, and BackEnd Data-Sharing, Medium, March
26, 2019
Question: 3
Finch, a security professional, was instructed to strengthen the
security at the entrance. At the doorway, he implemented a security
mechanism that allows employees to register their retina scan and a
unique six- digit code, using which they can enter the office at any
time. Which of the following combinations of authentication
mechanisms is implemented in the above scenario?
A. Biornetricand password authentication
B. Password and two-factor authentication
C. Two-factor and smart card authentication
D. Smart card and password authentication
Answer: A
Explanation:
The combination of authentication mechanisms that is implemented in
the above scenario is biometric and password authentication.
Biometric authentication is a type of authentication that uses an
