|
Question 1. In a Linux system, how do you stop the POP3, IMAPD, and FTP services? A. By changing the permissions on the configuration file that controls the service (/sbin/inetd), then recompiling /etc/inetd.config B. By commenting out the service using the # symbol in the text file /etc/inetd.conf, then restarting the inetd daemon C. By recompiling the system kernel, making sure you have disabled that service D. By commenting out the service using the $ symbol in the text file /etc/inetd.conf, then restarting the inetd daemon. Answer: B Explanation: Use the # symbol to comment out the service, and then restart inetd. Incorrect Answers: A: If this made any sense, you would also lock out the WWW service and disable the Web Server, which is not want you want to do here. Inetd.conf does not get compiled. C: The services for inetd are loaded based on the control cards in the text file. It is not specified in the kernel, so recompiling it will not accomplish stopping the services. D: The comment symbol is a #, not a $. Question 2. Which of the following choices lists the ports that Microsoft internal networking uses that should be blocked from outside access? A. UDP 137 and 138, and TCP 139 B. Ports 11, 112, and 79 C. UDP 1028, 31337 and 6000 D. Port 80, 134 and 31337 Answer: A Explanation: UDP & TCP 137 are used for NETBIOS name service. UDP 138 is used for the NETBIOS Datagram Service, and TCP 139 is used for the NETBIOS Session Service. Internal networking for Microsoft Windows systems uses NETBIOS for its redirector. Hacking into the Windows systems would be blocked if NETBIOS could not pass through the firewall. To logon to Windows, or access file or printer shares, access will have to be done via SMB (Service Message Blocks) which ride on NETBIOS. Incorrect Answers: B: 11 is systat, 112 is not used, and 79 is finger. Although you might want to block out these ports, including port 79 (finger) which can expose server information to a hacker, these are not part of Microsoft internal networking. C: These ports are outside of the well known ports, and blocking them does not close any holes. These ports are not part of Microsoft internal networking. D: Port 80 is HTTP, so to block it disables web browsing. Port 134 is not assigned to a service, and port 31337 is not a well known port. These ports are not part of Microsoft internal networking. Question 3. What is the best way to keep employees on a LAN from unauthorized activity or other mischief? A. Reduce each user’s permissions to the minimum needed to perform the tasks required by his or her job B. Limit the number of logins available to all users to one at a time C. Limit the number of files that any one user can have open at any given time D. Implement a zero-tolerance policy in regard to employees who load games or other unauthorized software on the company's computers Answer: A Explanation: Obviously you don’t give the employees free roam of the LAN. Accidents can happen (type a file name or file path wrong) or some employees may become curious. By giving them only the permissions that they need to do their job, can drastically limit where those users can go and cause damage. Incorrect Answers: B: The objective in the question is how to prevent an employee from unauthorized activity. Having multiple logons does cause some security concerns, but not that of the user. As long as the permissions are locked up tight, it won't matter how many logons the user has, if one can't get unauthorized access, then none should C: To limit the number of open files does not prevent this activity, and may prevent the user from actually doing work. Some programs will open multiple files, most programs open more than one file. D: This is a good step and policy to implement. It still does not prevent unauthorized activity of corporate assets. Question 4. What is a spoofing attack? A. A hacker pretends to be the superuser and spoofs a user into allowing him into the system B. A hacker calls a user and pretends to be a system administrator in order to get the user’s password C. A computer (or network) pretends to be a trusted host (or network) D. A hacker gains entrance to the building where the network resides and accesses the system by pretending to be an employee Answer: C Explanation: Spoofing is usually when you change your identity to portray yourself as someone else. One example is to change the source IP address in an IP packet to make it appear that the packet was sent by someone else. Incorrect Answers: A: The program that acts as another program is not called spoofing. This technique is called man in the middle. B: This is called social engineering. D: This is called social engineering. Question 5. Abjee is going to log on to his network. His network does not employ traffic padding mechanisms. Why will it be easy for someone to steal his password? A. Because his password could be more than two weeks old B. Because of he predictability of the length of the login and password prompts C. Because the Cleartext user name and password are not encrypted D. Because there is no provision for log analysis without traffic padding, thus no accountability when passwords are lost Answer: B Explanation: By monitoring the size of the packets, it could be determined the password length. This makes brute force attacks easier to conduct, since you can eliminate passwords that are shorter or longer than the detected amount. Another issue on padding is timing. Suppose the successful password took longer to process, but the failed password gave a quick response. Using this timing, a hacker could determine whether a password would work just based on the response time of the login. If bad logons were padded out so they look the same elapsed time as a successful login, then this guessing and analysis could not be done. Incorrect Answers: A: Traffic padding would not protect a password based on the age of the password. C: Passwords that are encrypted will still be the same length, because encryption is not compression. So it does not matter whether the password is in the clear or encrypted, the key here is to prevent guessing of the password length to make password guessing more difficult. D: Log analysis is not related to traffic padding. The passwords would not even be logged, as that causes potential exposure of gaining access to the passwords, should the log file be compromised. Question 6. In a typical corporate environment, which of the following resources demands the highest level of security on the network? A. Purchasing B. Engineering C. Sales D. Accounting Answer: D Explanation: Accounting information is highly confidential and crucial for a business. Incorrect Answers: A: Purchasing is usually an internal application, and would not have outside users accessing the system. However, outside vendors may be given access to the system, but the vendors are identified up front, so they can be controlled, if necessary. B: Engineering applications would be an internal application, with few outside users. If there are outside users, these can be easily identified and controlled C: Sales require high security as well. However, accounting demands the highest level of security. Note: Sales will require the high security because using electronic sales, such as an e-commerce site, communicates with customers that will be accessing the sales application from outside the safe and confined corporate network. Many transactions may require the exchange of confidential information, including the customer's credit card information. For these types of transactions, SET (Secure Electronic Transactions) using SSL (Secure Sockets Layer) is commonly used to provide a secure transaction. Most of the potential customers are unknown until they want to make a purchase, leaving little notice and little control over the customers who want to make a purchase. Question 7. Luke is documenting all of his network attributes. He wants to know the type of network-level information that is represented by the locations of access panels, wiring closets and server rooms. Which of the following is the correct term for this activity? A. Network mapping B. IP service routing C. Router and switch designing D. War dialing Answer: A Explanation: Network mapping is the process of documenting and diagramming the network infrastructure. This includes locations of access panels, wiring closets and server rooms. Incorrect Answers: B: IP service routing concerns the routing of IP packets and not the documentation of the location of access panels, wiring closets and server rooms. C: Router and switch designing concerns the planning of the deployment of routers and switches. D: War dialing is a process used by hackers to find and locate modem banks. The dialer will dial phone numbers until it hit a modem carrier signal. This computer cracking technique uses a software program to automatically call thousands of telephone numbers to look for any that have a modem attached. Question 8. Which service, command or tool allows a remote user to interface with a system as if he were sitting in front of the terminal? A. Host B. Finger C. SetRequest D. Telnet Answer: D Explanation: Telnet, which operates on port 23, is a client that provides a terminal window on the target system. Incorrect Answers: A: Host is a Unix based command used to resolve a host name to an IP address, or IP address to the host name, and can also provide information on mail servers. B: Finger is a command used to find out information about a node. C: Set Request is a function of SNMP, which is used for network monitoring and control. Question 9. When accessing the risk to a machine or network, what step should you take first? A. Analyzing, categorizing and prioritizing resources B. Evaluating the existing perimeter and internal security C. Checking for a written security policy D. Analyzing the use of existing management and control architecture Answer: C Explanation: The first step is to check for a written security policy. The next step is Analyzing, categorizing and prioritizing resources The next step is Consider Business Concerns The next step is evaluating the existing perimeter and internal security The next step is Analyzing the use of existing management and control architecture You first check for a written security policy to find out what is already in place and to assess the current situation. Incorrect Answers: A, B, D: are not the first, but above they are listed in the proper sequence. Question 10. Your company has suffered several denial-of-service attacks involving Microsoft Outlook e-mail clients. How can you protect your systems from such attacks in the future, yet still allows client users to accomplish their jobs? A. Install antivirus applications on the clients and the e-mail server B. Filter out all attachments from e-mail messages at the e-mail server C. Filter out all attachments from e-mail messages at the e-mail server, and install antivirus applications on the clients D. Install personal firewalls in the e-mail server and on each client Answer: A Explanation: DoS attacks coming from an e-mail applications that affects the client is usually virus code that causes damage to the client system so that it is disabled. Detection of these viruses before they can do damage is critical. Using antivirus applications on the clients and the e-mail server for this detection will help prevent future attacks. Also, if possible, scanning software can also be added to the firewall or proxy server. Incorrect Answers: B, C: Without the attachments, client users won't be able to still do their jobs. Those attachments can have documents or spreadsheets that those users need to process. D: A firewall won't help, unless it can detect and act upon any threatening code in the e-mail message payloads. Question 11. Under the level C2 security classification, what does “discretionary access control” mean? A. Discretionary access control means that the owner of a resource must be able to use that resource B. Discretionary access control is the ability of the system administrator to limit the time any user spends on a computer C. Discretionary access control is a policy that limits the use of any resource to a group or a security profile D. Discretionary access control is a rule set by the security auditor to prevent others from downloading unauthorized scripts or programs. Answer: A Explanation: This is a definition, and basically it says that the owner of the resource should be able to use the resource. The point is simple, what good is a security system if no one can do their work. Some people will joke that the most secure system is a system that is powered off. And in some senses, this is correct, if the computer is powered off, no code is executed, so no damage can occur. But there would be no discretionary access since the owners of the resources would not be able to use those resources. Incorrect Answers: B,C,D: are wrong because they do not fall into the definition, as explained above. Question 12. Michel wants to write a computer virus that will cripple UNIX systems. What is going to be the main obstacle preventing him from success? A. UNIX computers are extremely difficult to access illicitly over the internet, and therefore computer viruses are not an issue with UNIX systems B. Due to the file permission structure and the number of variations in the UNIX hardware architectures, a virus would have to gain root privileges as well as identify the hardware and UNIX flavor in use. C. Due to availability of effective free anti-virus tools, computer viruses are caught early and often. Michel’s virus would have to evade detection for it to succeed. D. Due to the extensive use of ANSI “C” in the programming of UNIX, the virus would have to mimic some of the source code used in the infected iteration of the UNIX operating system Answer: B Explanation: Unix has a strong permission structure that in order to breach the system, root privilege will be required. Root is a superuser account, and is kept locked up by a secure system because of the power that the root user has. Hardware variations will make the use of machine and assembly language difficult. Most viruses depend on modifying machine instructions, and the instruction set can vary widely. Since Unix is written in C language, the operating system is very portable. But to write an effective virus, the use of machine language is NOT portable, so the virus will not really work on all platforms. Incorrect Answers: A: Unix systems are easy to access, and many accounts get cracked due to easy passwords or no passwords at all. However, from the accounts that do get accessed, not much damage can be done. The root account has to be breached in order to do some serious damage. C: Because of the ingenious variations of virus coding, there still is not an effective detection tool to find new virus attacking the system. Usually a virus is found after the fact, and detection tools are put into place to scan for the virus signature of the new virus. Until the virus is detected, and a detection signature is built and distributed, an effective virus can do a lot of damage. D: Most Unix source code is freely distributed, so finding out the coding will not be difficult. Since the virus does not operate at the C compiler level, but at a lower machine language level, the virus needs to mimic the machine language generated by that source code, which varies based on platform. Question 13. Which of the following best describes the problem with share permissions and share points in Windows NT? A. Share points must be the same value as the directory that serves the share point B. Share points contains permissions; and any file under the share point must possess the same permissions C. Share permissions are exclusive to root directories and files; they do not involve share points, which define user permissions D. Share points are set when connection is established, therefore the static nature of file permissions can conflict with share points if they are not set with read and write permissions for everyone. Answer: B Explanation: If we give assign permission to the share point, this permission is applied to all folders and files within that share point. Note: A share point is a share in Windows NT and Windows 2000. The share point allows the resource to be shared across the network When using a file system, such as NTFS, the files and directories also have permissions. The effective permissions of a file or directory access through a share point is the most limiting of both. For example, for a file NTFS says read and write, but the share point permissions says read-only. The effective permission is read-only - the most restrictive. The only way to prevent this type of conflict is set the share point permission to full control, and let the NTFS permissions take precedence. Incorrect Answers: A: Share point naming is not dependent on the directory (folder) that the share point is based. You can even have multiple share points on the same directory. C: Share permissions are not exclusive to root directories, they also restrict subdirectories. Also, devices, such as printers, may be assigned permissions which can conflict with the share permissions for that device. D: Both share permissions and file permissions are applied. Microsoft recommends using Full permission for everyone and restrict with file permission. This is just a recommendation and doesn't have to be followed. Question 14. What do the discretionary ACL (access control list) and the system ACL in Windows NT have in common? A. Both share properties for storing secure object identifiers B. Both can grant or deny permissions to parts of the system C. Both are installed by default on the system in different sections of the client/server model D. Both are responsible for creation of the master access control list Answer: A Explanation: Both ACLs are used to restrict or grant access to a resource. Incorrect Answers: B: Only the system ACL can restrict parts of the system. C: Only the system ACL is installed by default. DACL is added later by the administrator when locking down resources. D: The ACLs work together, but do not create the master access control list. Question 15. Winlogon loads the GINA DLL. What does the GINA DLL then do? A. It provides the interface for processing logon requests B. It creates the link to the user database for the update of the local security authority C. It creates the link to the master access list on the server D. It checks the user database for correct date/time stamps of last modification Answer: A Explanation: GINA DLL is the interface part of Winlogon that prompts for the userid and password and checks the values against the SAM database. Incorrect Answers: B: The local security authority (LSA) is not updated as the result of the logon request. C: Any connection to the master access list is not done yet in this stage. D: The date/time stamps of last modification does not need to be checked. Validation of the userid and password is what will happen in GINA DLL.
|
Question 1.
Prior to installing Document Manager servers, the PATH system environment variable should include which of the following?
A. Information Integrator C++ Connector DLL directory
B. %IBMCMROOT%\cmgmt directory
C. Information Integrator installation directory
D. Information Integrator Java Connector directory
Answer: A
Question 2.
Which application must be used by DM to create a thumbnail rendition from a CAD file?
A. Cimmetry AutoVue
B. AutoDesk AutoCAD
C. Bentley MicroStation
D. Informatative Graphics MYRIAD
Answer: A
Question 3.
If the Name field of the properties of a Cache Service does not equal a LibraryName value in ddmcasrv.ini, what happens to the Document Manager Desktop when an attempt to log on is made?
A. The Document Manager Desktop will fail to connect to the selected library and return an error.
B. The Document Manager Desktop will succeed in connecting to the selected library.
C. The Document Manager Desktop will hang until a predetermined timeout value is reached.
D. The Document Manager Desktop will succeed in connecting to the selected library with
degraded performance.
Answer: A
Question 4.
When configuring Designer to connect to a library, the Name field in the Library Configuration must match the LibraryName in which file?
A. ddmsmtp.ini
B. ddmcasrv.ini
C. ddmcfgsv.ini
D. ddmlogconfig.properties
Answer: B
Question 5.
In order to conduct a web based install of the Document Manager Desktop, which of the following files must be copied to the web server directory?
A. ddminst.htm, ddmdsktp.cab, ddmdsktp.js, index.htm, default.htm
B. ddmdsktp.htm, ddmdsktp.cab, ddmdsktp.js, index.htm, default.htm
C. ddminst.htm, ddmdsktp.htm, ddmdsktp.cab, ddmdsktp.js, default.htm
D. ddmdsktp.htm, ddmcasrv.ini, ddmdsktp.cab, ddmdsktp.js, default.htm
Answer: C
Question 6.
The System Administrator can configure datastore pooling to improve the overall performance of a DB2 Document Manager system.
How does datastore pooling improve performance?
A. It allows the specification of a department-level cache server that is used to "pool" document
data that is local to that department.
B. It allows the administrator to specify allocation of pools of memory that can be shared by
different item types in the repository.
C. It reduces the overhead associated with opening a new connection each time a request is
issued by a user by reusing cached datastores.
D. It retains a database connection for each user of the system for a period of hours as defined in
the DdmConnCfg.ini file.
Answer: C
Question 7.
Assuming standard naming conventions, which metadata information is required, in Document Manager's Library Configuration, to work with data in the library?
A. Class and Revision
B. Class and State
C. Revision and Properties
D. State and Revision
Answer: B
Question 8.
In addition to a user name, password, and DM Library Server name, which additional item is required for the Designer to login to the library?
A. The Content Manager machine name.
B. A user with the SysAdminCM privilege set.
C. The Content Manager database name.
D. SOAP information if the server is not behind a firewall.
Answer: C
Question 9.
Which of the following commands can be used to determine the currently installed version of IBM Information Integrator for Content?
A. cmlevel
B. dmlevel
C. db2level
D. ii4clevel
Answer: A
Question 10.
Which INI file must be configured after the Document Manager Server is installed?
A. ddmconncfg.ini
B. ddmcache.ini
C. ddmcfgsv.ini
D. ddmcasrv.ini
Answer: D
Copyright © 2004 CertsBraindumps.com Inc. All rights reserved.