|
Question 1. In a Linux system, how do you stop the POP3, IMAPD, and FTP services? A. By changing the permissions on the configuration file that controls the service (/sbin/inetd), then recompiling /etc/inetd.config B. By commenting out the service using the # symbol in the text file /etc/inetd.conf, then restarting the inetd daemon C. By recompiling the system kernel, making sure you have disabled that service D. By commenting out the service using the $ symbol in the text file /etc/inetd.conf, then restarting the inetd daemon. Answer: B Explanation: Use the # symbol to comment out the service, and then restart inetd. Incorrect Answers: A: If this made any sense, you would also lock out the WWW service and disable the Web Server, which is not want you want to do here. Inetd.conf does not get compiled. C: The services for inetd are loaded based on the control cards in the text file. It is not specified in the kernel, so recompiling it will not accomplish stopping the services. D: The comment symbol is a #, not a $. Question 2. Which of the following choices lists the ports that Microsoft internal networking uses that should be blocked from outside access? A. UDP 137 and 138, and TCP 139 B. Ports 11, 112, and 79 C. UDP 1028, 31337 and 6000 D. Port 80, 134 and 31337 Answer: A Explanation: UDP & TCP 137 are used for NETBIOS name service. UDP 138 is used for the NETBIOS Datagram Service, and TCP 139 is used for the NETBIOS Session Service. Internal networking for Microsoft Windows systems uses NETBIOS for its redirector. Hacking into the Windows systems would be blocked if NETBIOS could not pass through the firewall. To logon to Windows, or access file or printer shares, access will have to be done via SMB (Service Message Blocks) which ride on NETBIOS. Incorrect Answers: B: 11 is systat, 112 is not used, and 79 is finger. Although you might want to block out these ports, including port 79 (finger) which can expose server information to a hacker, these are not part of Microsoft internal networking. C: These ports are outside of the well known ports, and blocking them does not close any holes. These ports are not part of Microsoft internal networking. D: Port 80 is HTTP, so to block it disables web browsing. Port 134 is not assigned to a service, and port 31337 is not a well known port. These ports are not part of Microsoft internal networking. Question 3. What is the best way to keep employees on a LAN from unauthorized activity or other mischief? A. Reduce each user’s permissions to the minimum needed to perform the tasks required by his or her job B. Limit the number of logins available to all users to one at a time C. Limit the number of files that any one user can have open at any given time D. Implement a zero-tolerance policy in regard to employees who load games or other unauthorized software on the company's computers Answer: A Explanation: Obviously you don’t give the employees free roam of the LAN. Accidents can happen (type a file name or file path wrong) or some employees may become curious. By giving them only the permissions that they need to do their job, can drastically limit where those users can go and cause damage. Incorrect Answers: B: The objective in the question is how to prevent an employee from unauthorized activity. Having multiple logons does cause some security concerns, but not that of the user. As long as the permissions are locked up tight, it won't matter how many logons the user has, if one can't get unauthorized access, then none should C: To limit the number of open files does not prevent this activity, and may prevent the user from actually doing work. Some programs will open multiple files, most programs open more than one file. D: This is a good step and policy to implement. It still does not prevent unauthorized activity of corporate assets. Question 4. What is a spoofing attack? A. A hacker pretends to be the superuser and spoofs a user into allowing him into the system B. A hacker calls a user and pretends to be a system administrator in order to get the user’s password C. A computer (or network) pretends to be a trusted host (or network) D. A hacker gains entrance to the building where the network resides and accesses the system by pretending to be an employee Answer: C Explanation: Spoofing is usually when you change your identity to portray yourself as someone else. One example is to change the source IP address in an IP packet to make it appear that the packet was sent by someone else. Incorrect Answers: A: The program that acts as another program is not called spoofing. This technique is called man in the middle. B: This is called social engineering. D: This is called social engineering. Question 5. Abjee is going to log on to his network. His network does not employ traffic padding mechanisms. Why will it be easy for someone to steal his password? A. Because his password could be more than two weeks old B. Because of he predictability of the length of the login and password prompts C. Because the Cleartext user name and password are not encrypted D. Because there is no provision for log analysis without traffic padding, thus no accountability when passwords are lost Answer: B Explanation: By monitoring the size of the packets, it could be determined the password length. This makes brute force attacks easier to conduct, since you can eliminate passwords that are shorter or longer than the detected amount. Another issue on padding is timing. Suppose the successful password took longer to process, but the failed password gave a quick response. Using this timing, a hacker could determine whether a password would work just based on the response time of the login. If bad logons were padded out so they look the same elapsed time as a successful login, then this guessing and analysis could not be done. Incorrect Answers: A: Traffic padding would not protect a password based on the age of the password. C: Passwords that are encrypted will still be the same length, because encryption is not compression. So it does not matter whether the password is in the clear or encrypted, the key here is to prevent guessing of the password length to make password guessing more difficult. D: Log analysis is not related to traffic padding. The passwords would not even be logged, as that causes potential exposure of gaining access to the passwords, should the log file be compromised. Question 6. In a typical corporate environment, which of the following resources demands the highest level of security on the network? A. Purchasing B. Engineering C. Sales D. Accounting Answer: D Explanation: Accounting information is highly confidential and crucial for a business. Incorrect Answers: A: Purchasing is usually an internal application, and would not have outside users accessing the system. However, outside vendors may be given access to the system, but the vendors are identified up front, so they can be controlled, if necessary. B: Engineering applications would be an internal application, with few outside users. If there are outside users, these can be easily identified and controlled C: Sales require high security as well. However, accounting demands the highest level of security. Note: Sales will require the high security because using electronic sales, such as an e-commerce site, communicates with customers that will be accessing the sales application from outside the safe and confined corporate network. Many transactions may require the exchange of confidential information, including the customer's credit card information. For these types of transactions, SET (Secure Electronic Transactions) using SSL (Secure Sockets Layer) is commonly used to provide a secure transaction. Most of the potential customers are unknown until they want to make a purchase, leaving little notice and little control over the customers who want to make a purchase. Question 7. Luke is documenting all of his network attributes. He wants to know the type of network-level information that is represented by the locations of access panels, wiring closets and server rooms. Which of the following is the correct term for this activity? A. Network mapping B. IP service routing C. Router and switch designing D. War dialing Answer: A Explanation: Network mapping is the process of documenting and diagramming the network infrastructure. This includes locations of access panels, wiring closets and server rooms. Incorrect Answers: B: IP service routing concerns the routing of IP packets and not the documentation of the location of access panels, wiring closets and server rooms. C: Router and switch designing concerns the planning of the deployment of routers and switches. D: War dialing is a process used by hackers to find and locate modem banks. The dialer will dial phone numbers until it hit a modem carrier signal. This computer cracking technique uses a software program to automatically call thousands of telephone numbers to look for any that have a modem attached. Question 8. Which service, command or tool allows a remote user to interface with a system as if he were sitting in front of the terminal? A. Host B. Finger C. SetRequest D. Telnet Answer: D Explanation: Telnet, which operates on port 23, is a client that provides a terminal window on the target system. Incorrect Answers: A: Host is a Unix based command used to resolve a host name to an IP address, or IP address to the host name, and can also provide information on mail servers. B: Finger is a command used to find out information about a node. C: Set Request is a function of SNMP, which is used for network monitoring and control. Question 9. When accessing the risk to a machine or network, what step should you take first? A. Analyzing, categorizing and prioritizing resources B. Evaluating the existing perimeter and internal security C. Checking for a written security policy D. Analyzing the use of existing management and control architecture Answer: C Explanation: The first step is to check for a written security policy. The next step is Analyzing, categorizing and prioritizing resources The next step is Consider Business Concerns The next step is evaluating the existing perimeter and internal security The next step is Analyzing the use of existing management and control architecture You first check for a written security policy to find out what is already in place and to assess the current situation. Incorrect Answers: A, B, D: are not the first, but above they are listed in the proper sequence. Question 10. Your company has suffered several denial-of-service attacks involving Microsoft Outlook e-mail clients. How can you protect your systems from such attacks in the future, yet still allows client users to accomplish their jobs? A. Install antivirus applications on the clients and the e-mail server B. Filter out all attachments from e-mail messages at the e-mail server C. Filter out all attachments from e-mail messages at the e-mail server, and install antivirus applications on the clients D. Install personal firewalls in the e-mail server and on each client Answer: A Explanation: DoS attacks coming from an e-mail applications that affects the client is usually virus code that causes damage to the client system so that it is disabled. Detection of these viruses before they can do damage is critical. Using antivirus applications on the clients and the e-mail server for this detection will help prevent future attacks. Also, if possible, scanning software can also be added to the firewall or proxy server. Incorrect Answers: B, C: Without the attachments, client users won't be able to still do their jobs. Those attachments can have documents or spreadsheets that those users need to process. D: A firewall won't help, unless it can detect and act upon any threatening code in the e-mail message payloads. Question 11. Under the level C2 security classification, what does “discretionary access control” mean? A. Discretionary access control means that the owner of a resource must be able to use that resource B. Discretionary access control is the ability of the system administrator to limit the time any user spends on a computer C. Discretionary access control is a policy that limits the use of any resource to a group or a security profile D. Discretionary access control is a rule set by the security auditor to prevent others from downloading unauthorized scripts or programs. Answer: A Explanation: This is a definition, and basically it says that the owner of the resource should be able to use the resource. The point is simple, what good is a security system if no one can do their work. Some people will joke that the most secure system is a system that is powered off. And in some senses, this is correct, if the computer is powered off, no code is executed, so no damage can occur. But there would be no discretionary access since the owners of the resources would not be able to use those resources. Incorrect Answers: B,C,D: are wrong because they do not fall into the definition, as explained above. Question 12. Michel wants to write a computer virus that will cripple UNIX systems. What is going to be the main obstacle preventing him from success? A. UNIX computers are extremely difficult to access illicitly over the internet, and therefore computer viruses are not an issue with UNIX systems B. Due to the file permission structure and the number of variations in the UNIX hardware architectures, a virus would have to gain root privileges as well as identify the hardware and UNIX flavor in use. C. Due to availability of effective free anti-virus tools, computer viruses are caught early and often. Michel’s virus would have to evade detection for it to succeed. D. Due to the extensive use of ANSI “C” in the programming of UNIX, the virus would have to mimic some of the source code used in the infected iteration of the UNIX operating system Answer: B Explanation: Unix has a strong permission structure that in order to breach the system, root privilege will be required. Root is a superuser account, and is kept locked up by a secure system because of the power that the root user has. Hardware variations will make the use of machine and assembly language difficult. Most viruses depend on modifying machine instructions, and the instruction set can vary widely. Since Unix is written in C language, the operating system is very portable. But to write an effective virus, the use of machine language is NOT portable, so the virus will not really work on all platforms. Incorrect Answers: A: Unix systems are easy to access, and many accounts get cracked due to easy passwords or no passwords at all. However, from the accounts that do get accessed, not much damage can be done. The root account has to be breached in order to do some serious damage. C: Because of the ingenious variations of virus coding, there still is not an effective detection tool to find new virus attacking the system. Usually a virus is found after the fact, and detection tools are put into place to scan for the virus signature of the new virus. Until the virus is detected, and a detection signature is built and distributed, an effective virus can do a lot of damage. D: Most Unix source code is freely distributed, so finding out the coding will not be difficult. Since the virus does not operate at the C compiler level, but at a lower machine language level, the virus needs to mimic the machine language generated by that source code, which varies based on platform.
|
Question 1. A customer archives e-mail with many identical attachments. Which Centera feature will improve the efficiency of the storage? A. GM naming scheme B. Multiple Instance Storage C. Single Instance Storage D. Embedded Compression Answer: C Question 2. How are objects replicated from one cluster to another? A. Asynchronous B. Synchronous C. SnapLock D. Adaptive copy Answer: A Question 3. How does Centera manage replaced mirrored disk drives? A. Centera mirrors objects but does not mirror hardware B. Replacement disks and nodes must have the same size storage resources C. Newly provisioned resources are always an even multiple of the drive being replaced D. CenteraStar OS has the intelligence to mirror drives of any size Answer: A Question 4. What is the purpose of block reclamation on the CUA? A. Return free disk space B. Perform data shredding C. Perform data scrubbing D. Defragment disks Answer: A Question 5. What is needed to connect a second Centera rack to an existing rack? A. Additional storage nodes B. Root switch C. Additional access nodes D. Gigabit uplink module Answer: D Question 6. How does the Centera guarantee the integrity and authenticity of content? A. Digital Rights Management B. Content addressing C. Information Life Cycle Management D. Retention period Answer: B Question 7. What is the probability of a content collision using the GM naming scheme? A. 6.02x10 -23 B. 0 C. 4x10 -41 D. 1x10 -54 Answer: C Question 8. Which customer concern does privileged delete address? A. Health Care regulations B. Financial regulations C. Non Repudiation requirements D. Privacy requirements Answer: D Question 9. What is the name of the process of writing data from the CUA to the Centera? A. Write request B. Write-back C. Datawrite D. Invalidate Answer: B Question 10. Which operating systems can natively store information on a CUA? A. Macintosh and UNIX B. Win2K and OS390 C. Macintosh and OS390 D. Win2k and UNIX Answer: D
Copyright © 2004 CertsBraindumps.com Inc. All rights reserved.