Study Guides and Actual Real Exam Questions For Oracle OCP, MCSE, MCSA, CCNA, CompTIA


Advertise

Submit Braindumps

Forum

Tell A Friend

    Contact Us

 Home

 Search

Latest Brain Dumps

 BrainDump List

 Certifications Dumps

 Microsoft

 CompTIA

 Oracle

  Cisco
  CIW
  Novell
  Linux
  Sun
  Certs Notes
  How-Tos & Practices 
  Free Online Demos
  Free Online Quizzes
  Free Study Guides
  Free Online Sims
  Material Submission
  Test Vouchers
  Users Submissions
  Site Links
  Submit Site

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Online Training Demos and Learning Tutorials for Windows XP, 2000, 2003.

 

 

 

 





Braindumps for "1D0-470" Exam

CIW Security Professional

 Question 1.
In a Linux system, how do you stop the POP3, IMAPD, and FTP services?

A.	By changing the permissions on the configuration file that controls the service (/sbin/inetd), then recompiling /etc/inetd.config
B.	By commenting out the service using the # symbol in the text file /etc/inetd.conf, then restarting the inetd daemon
C.	By recompiling the system kernel, making sure you have disabled that service
D.	By commenting out the service using the $ symbol in the text file /etc/inetd.conf, then restarting the inetd daemon.

Answer:   B

Explanation: 
Use the # symbol to comment out the service, and then restart inetd.

Incorrect Answers:
A: If this made any sense, you would also lock out the WWW service and disable the Web Server, which is not want you want to do here. Inetd.conf does not get compiled.
C: The services for inetd are loaded based on the control cards in the text file. It is not specified in the kernel, so recompiling it will not accomplish stopping the services.
D: The comment symbol is a #, not a $.

Question 2.
Which of the following choices lists the ports that Microsoft internal networking uses that should be blocked from outside access?

A. UDP 137 and 138, and TCP 139
B. Ports 11, 112, and 79
C. UDP 1028, 31337 and 6000
D. Port 80, 134 and 31337

Answer:   A

Explanation: 
UDP & TCP 137 are used for NETBIOS name service. UDP 138 is used for the NETBIOS Datagram Service, and TCP 139 is used for the NETBIOS Session Service. Internal networking for Microsoft Windows systems uses NETBIOS for its redirector. Hacking into the Windows systems would be blocked if NETBIOS could not pass through the firewall. To logon to Windows, or access file or printer shares, access will have to be done via SMB (Service Message Blocks) which ride on NETBIOS.

Incorrect Answers:
B: 11 is systat, 112 is not used, and 79 is finger. Although you might want to block out these ports, including port 79 (finger) which can expose server information to a hacker, these are not part of Microsoft internal networking.
C: These ports are outside of the well known ports, and blocking them does not close any holes. These ports are not part of Microsoft internal networking.
D: Port 80 is HTTP, so to block it disables web browsing. Port 134 is not assigned to a service, and port 31337 is not a well known port. These ports are not part of Microsoft internal networking.

Question 3.
What is the best way to keep employees on a LAN from unauthorized activity or other mischief?

A.	Reduce each user’s permissions to the minimum needed to perform the tasks required by his or her job
B.	Limit the number of logins available to all users to one at a time
C.	Limit the number of files that any one user can have open at any given time
D.	Implement a zero-tolerance policy in regard to employees who load games or other unauthorized software on the company's computers

Answer:   A

Explanation: 
Obviously you don’t give the employees free roam of the LAN. Accidents can happen (type a file name or file path wrong) or some employees may become curious. By giving them only the permissions that they need to do their job, can drastically limit where those users can go and cause damage.

Incorrect Answers:
B: The objective in the question is how to prevent an employee from unauthorized activity. Having multiple logons does cause some security concerns, but not that of the user. As long as the permissions are locked up tight, it won't matter how many logons the user has, if one can't get unauthorized access, then none should 
C: To limit the number of open files does not prevent this activity, and may prevent the user from actually doing work. Some programs will open multiple files, most programs open more than one file.
D: This is a good step and policy to implement. It still does not prevent unauthorized activity of corporate assets.

Question 4.
What is a spoofing attack?

A.	A hacker pretends to be the superuser and spoofs a user into allowing him into the system
B.	A hacker calls a user and pretends to be a system administrator in order to get the user’s password
C.	A computer (or network) pretends to be a trusted host (or network)
D.	A hacker gains entrance to the building where the network resides and accesses the system by pretending to be an employee

Answer:   C

Explanation: 
Spoofing is usually when you change your identity to portray yourself as someone else. One example is to change the source IP address in an IP packet to make it appear that the packet was sent by someone else.

Incorrect Answers:
A: The program that acts as another program is not called spoofing. This technique is called man in the middle.
B: This is called social engineering.
D: This is called social engineering.

Question 5.
Abjee is going to log on to his network. His network does not employ traffic padding mechanisms. 

Why will it be easy for someone to steal his password?

A.	Because his password could be more than two weeks old
B.	Because of he predictability of the length of the login and password prompts
C.	Because the Cleartext user name and password are not encrypted
D.	Because there is no provision for log analysis without traffic padding, thus no accountability when passwords are lost

Answer:   B

Explanation: 
By monitoring the size of the packets, it could be determined the password length. This makes brute force attacks easier to conduct, since you can eliminate passwords that are shorter or longer than the detected amount. Another issue on padding is timing. Suppose the successful password took longer to process, but the failed password gave a quick response. Using this timing, a hacker could determine whether a password would work just based on the response time of the login. If bad logons were padded out so they look the same elapsed time as a successful login, then this guessing and analysis could not be done.

Incorrect Answers:
A: Traffic padding would not protect a password based on the age of the password.
C: Passwords that are encrypted will still be the same length, because encryption is not compression. So it does not matter whether the password is in the clear or encrypted, the key here is to prevent guessing of the password length to make password guessing more difficult.
D: Log analysis is not related to traffic padding. The passwords would not even be logged, as that causes potential exposure of gaining access to the passwords, should the log file be compromised.

Question 6.
In a typical corporate environment, which of the following resources demands the highest level of security on the network?

A. Purchasing
B. Engineering
C. Sales
D. Accounting

Answer:   D

Explanation:
Accounting information is highly confidential and crucial for a business.

Incorrect Answers:
A: Purchasing is usually an internal application, and would not have outside users accessing the system.
However, outside vendors may be given access to the system, but the vendors are identified up front, so they can be controlled, if necessary.
B: Engineering applications would be an internal application, with few outside users. If there are outside users, these can be easily identified and controlled
C: Sales require high security as well. However, accounting demands the highest level of security.

Note:
Sales will require the high security because using electronic sales, such as an e-commerce site, communicates with customers that will be accessing the sales application from outside the safe and confined corporate network. Many transactions may require the exchange of confidential information, including the customer's credit card information. For these types of transactions, SET (Secure Electronic Transactions) using SSL (Secure Sockets Layer) is commonly used to provide a secure transaction. Most of the potential customers are unknown until they want to make a purchase, leaving little notice and little control over the customers who want to make a purchase.

Question 7.
Luke is documenting all of his network attributes. He wants to know the type of network-level information that is represented by the locations of access panels, wiring closets and server rooms. Which of the following is the correct term for this activity?

A. Network mapping
B. IP service routing
C. Router and switch designing
D. War dialing

Answer:   A

Explanation: 
Network mapping is the process of documenting and diagramming the network infrastructure. This includes locations of access panels, wiring closets and server rooms.

Incorrect Answers:
B: IP service routing concerns the routing of IP packets and not the documentation of the location of access panels, wiring closets and server rooms.
C: Router and switch designing concerns the planning of the deployment of routers and switches.
D: War dialing is a process used by hackers to find and locate modem banks. The dialer will dial phone numbers until it hit a modem carrier signal. This computer cracking technique uses a software program to automatically call thousands of telephone numbers to look for any that have a modem attached.

Question 8.
Which service, command or tool allows a remote user to interface with a system as if he were sitting in front of the terminal?

A. Host
B. Finger
C. SetRequest
D. Telnet

Answer:   D

Explanation: 
Telnet, which operates on port 23, is a client that provides a terminal window on the target system.

Incorrect Answers:
A: Host is a Unix based command used to resolve a host name to an IP address, or IP address to the host name, and can also provide information on mail servers.
B: Finger is a command used to find out information about a node.
C: Set Request is a function of SNMP, which is used for network monitoring and control.

Question 9.
When accessing the risk to a machine or network, what step should you take first?

A. Analyzing, categorizing and prioritizing resources
B. Evaluating the existing perimeter and internal security
C. Checking for a written security policy
D. Analyzing the use of existing management and control architecture

Answer:   C

Explanation:
The first step is to check for a written security policy.
The next step is Analyzing, categorizing and prioritizing resources
The next step is Consider Business Concerns
The next step is evaluating the existing perimeter and internal security
The next step is Analyzing the use of existing management and control architecture
You first check for a written security policy to find out what is already in place and to assess the current situation.

Incorrect Answers:
A, B, D: are not the first, but above they are listed in the proper sequence.

Question 10.
Your company has suffered several denial-of-service attacks involving Microsoft Outlook e-mail clients. 

How can you protect your systems from such attacks in the future, yet still allows client users to accomplish their jobs?

A.	Install antivirus applications on the clients and the e-mail server
B.	Filter out all attachments from e-mail messages at the e-mail server
C.	Filter out all attachments from e-mail messages at the e-mail server, and install antivirus applications on the clients
D.	Install personal firewalls in the e-mail server and on each client

Answer:   A

Explanation: 
DoS attacks coming from an e-mail applications that affects the client is usually virus code that causes damage to the client system so that it is disabled. Detection of these viruses before they can do damage is critical. Using antivirus applications on the clients and the e-mail server for this detection will help prevent future attacks. Also, if possible, scanning software can also be added to the firewall or proxy server.

Incorrect Answers:
B, C: Without the attachments, client users won't be able to still do their jobs. Those attachments can have documents or spreadsheets that those users need to process.

D: A firewall won't help, unless it can detect and act upon any threatening code in the e-mail message payloads.
 
Question 11.
Under the level C2 security classification, what does “discretionary access control” mean?

A.	Discretionary access control means that the owner of a resource must be able to use that resource
B.	Discretionary access control is the ability of the system administrator to limit the time any user spends on a computer
C.	Discretionary access control is a policy that limits the use of any resource to a group or a security profile
D.	Discretionary access control is a rule set by the security auditor to prevent others from downloading unauthorized scripts or programs.

Answer:   A

Explanation: 
This is a definition, and basically it says that the owner of the resource should be able to use the resource. The point is simple, what good is a security system if no one can do their work. Some people will joke that the most secure system is a system that is powered off. And in some senses, this is correct, if the computer is powered off, no code is executed, so no damage can occur. But there would be no discretionary access since the owners of the resources would not be able to use those resources.

Incorrect Answers:
B,C,D: are wrong because they do not fall into the definition, as explained above.

Question 12.
Michel wants to write a computer virus that will cripple UNIX systems. What is going to be the main obstacle preventing him from success?

A.	UNIX computers are extremely difficult to access illicitly over the internet, and therefore computer viruses are not an issue with UNIX systems
B.	Due to the file permission structure and the number of variations in the UNIX hardware architectures, a virus would have to gain root privileges as well as identify the hardware and UNIX flavor in use.
C.	Due to availability of effective free anti-virus tools, computer viruses are caught early and often. Michel’s virus would have to evade detection for it to succeed.
D.	Due to the extensive use of ANSI “C” in the programming of UNIX, the virus would have to mimic some of the source code used in the infected iteration of the UNIX operating system

Answer:   B

Explanation: 
Unix has a strong permission structure that in order to breach the system, root privilege will be required. Root is a superuser account, and is kept locked up by a secure system because of the power that the root user has. Hardware variations will make the use of machine and assembly language difficult. Most viruses depend on modifying machine instructions, and the instruction set can vary widely. Since Unix is written in C language, the operating system is very portable. But to write an effective virus, the use of machine language is NOT portable, so the virus will not really work on all platforms.

Incorrect Answers:
A: Unix systems are easy to access, and many accounts get cracked due to easy passwords or no passwords at all. However, from the accounts that do get accessed, not much damage can be done. The root account has to be breached in order to do some serious damage.
C: Because of the ingenious variations of virus coding, there still is not an effective detection tool to find new virus attacking the system. Usually a virus is found after the fact, and detection tools are put into place to scan for the virus signature of the new virus. Until the virus is detected, and a detection signature is built and distributed, an effective virus can do a lot of damage.
D: Most Unix source code is freely distributed, so finding out the coding will not be difficult. Since the virus does not operate at the C compiler level, but at a lower machine language level, the virus needs to mimic the machine language generated by that source code, which varies based on platform.

Question 13.
Which of the following best describes the problem with share permissions and share points in Windows NT?

A.	Share points must be the same value as the directory that serves the share point
B.	Share points contains permissions; and any file under the share point must possess the same permissions
C.	Share permissions are exclusive to root directories and files; they do not involve share points, which define user permissions
D.	Share points are set when connection is established, therefore the static nature of file permissions can conflict with share points if they are not set with read and write permissions for everyone.

Answer:   B

Explanation: 
If we give assign permission to the share point, this permission is applied to all folders and files within that share point.

Note:
A share point is a share in Windows NT and Windows 2000. The share point allows the resource to be shared across the network When using a file system, such as NTFS, the files and directories also have permissions. The effective permissions of a file or directory access through a share point is the most limiting of both. For example, for a file NTFS says read and write, but the share point permissions says read-only. The effective permission is read-only - the most restrictive. The only way to prevent this type of conflict is set the share point permission to full control, and let the NTFS permissions take precedence.

Incorrect Answers:
A: Share point naming is not dependent on the directory (folder) that the share point is based. You can even have multiple share points on the same directory.
C: Share permissions are not exclusive to root directories, they also restrict subdirectories. Also, devices, such as printers, may be assigned permissions which can conflict with the share permissions for that device.
D: Both share permissions and file permissions are applied. Microsoft recommends using Full permission for everyone and restrict with file permission. This is just a recommendation and doesn't have to be followed.

Question 14.
What do the discretionary ACL (access control list) and the system ACL in Windows NT have in common?

A. Both share properties for storing secure object identifiers
B. Both can grant or deny permissions to parts of the system
C. Both are installed by default on the system in different sections of the client/server model
D. Both are responsible for creation of the master access control list

Answer:   A

Explanation: 
Both ACLs are used to restrict or grant access to a resource.

Incorrect Answers:
B: Only the system ACL can restrict parts of the system.
C: Only the system ACL is installed by default. DACL is added later by the administrator when locking down resources.
D: The ACLs work together, but do not create the master access control list.

Question 15.
Winlogon loads the GINA DLL. What does the GINA DLL then do?

A. It provides the interface for processing logon requests
B. It creates the link to the user database for the update of the local security authority
C. It creates the link to the master access list on the server
D. It checks the user database for correct date/time stamps of last modification

Answer:   A

Explanation: 
GINA DLL is the interface part of Winlogon that prompts for the userid and password and checks the values against the SAM database.

Incorrect Answers:
B: The local security authority (LSA) is not updated as the result of the logon request.
C: Any connection to the master access list is not done yet in this stage.
D: The date/time stamps of last modification does not need to be checked. Validation of the userid and password is what will happen in GINA DLL.


Google
 
Web www.certsbraindumps.com


Braindumps: Dumps for JN0-400 Exam Brain Dump

Study Guides and Actual Real Exam Questions For Oracle OCP, MCSE, MCSA, CCNA, CompTIA


Advertise

Submit Braindumps

Forum

Tell A Friend

    Contact Us





Braindumps for "JN0-400" Exam

Juniper Networks EX, Associate (JNCIA-EX)

 Question 1.
Which statement is true regarding the EX-series file system?

A. Contents in the /var directory are automatically removed upon a successful software upgrade.
B. The file system must be cleaned manually after every upgrade.
C. Contents in the /var directory are automatically archived for future software rollbacks.
D. The file system must be cleaned manually before every upgrade.

Answer: A

Question 2.
Which two statements describe the EX 4200 switches? (Choose two.)

A. All EX 4200 switches support either partial or full Power over Ethernet (PoE) support.
B. The fan tray used for the EX 4200 switches is not field replaceable.
C. The EX 4200 switches support redundant load-sharing AC power supplies.
D. The EX 4200 switches can be interconnected to form a single virtual chassis.

Answer: C, D

Question 3.
Click the Exhibit button.

In the exhibit, what does the asterisk (*) indicate?
 

A. The interface is configure for PoE.
B. The interface receives untagged frames.
C. The interface is up and active.
D. The interface contains Layer 3 configuration.

Answer: C

Question 4.
Which Spanning Tree Protocol is enabled in the factory-default configuration?

A. STP
B. PVST
C. MSTP
D. RSTP

Answer: D

Question 5.
Which statement is true for configuring a link aggregation group?

A. No more than 10 member links can belong to a link aggregation group.
B. Link duplex mode and speed must match within a link aggregation group.
C. Layer 2 and Layer 3 interfaces can be mixed when creating a link aggregation group.
D. Member links cannot span multiple member switches within a virtual chassis.

Answer: B

Question 6.
Which three statement describe benefits of bridging? (Choose three.)

A. Bridging allows mixed physical media types on a common LAN.
B. Bridging uses Layer 2 bridge tables to intelligently forward traffic towards its destination.
C. Bridging logically segments user groups based on administrative policy.
D. Bridging allows for the creation of multiple broadcast domains.
E. Bridging can reduce the number of collisions on a LAN.

Answer: A, B, E

Question 7.
When configuring a redundant trunk group (RTG) on an interface, which restriction would apply?

A. The interface must be configured as a Layer 3 interface with an assigned IP address.
B. The interface cannot be configured as a Layer 2 trunk.
C. The gratuitous-ARP-reply must be disabled on the interface.
D. Spanning Tree Protocol (STP) cannot be configured on the interface.

Answer: D

Question 8.
Which two commands are valid for verifying NTP operation? (Choose two.)

A. show ntp status
B. show ntp associations
C. show ntp synchronization
D. show ntp server

Answer: A, B

Question 9.
What describes the way the JUNOS software evaluates a route against a policy?

A. The JUNOS software evaluates all terms in a policy sequentially. When it finds that the route 
    matches all criteria specified in the match clause of a term, it applies the actions specified in 
    the then clause and stops processing further terms.
B. The JUNOS software evaluates all terms in a policy sequentially. When it finds that the route 
    matches all criteria specified in the from clause of a term, it applies the actions specified in the 
    then clause and continues processing further terms if the accept action was specified.
C. The JUNOS software evaluates all terms in a policy sequentially. When it finds that the route 
    matches any criteria specified in the from clause of a term, it applies the actions specified in 
    the then clause and stops processing further terms.
D. The JUNOS software evaluates all terms in a policy sequentially. When it finds that the route  
    matches all criteria specified in the from clause of a term, it applies the actions specified in the 
    then clause and stops processing further terms.

Answer: D

Question 10.
Click the Exhibit button.

In the exhibit, in which configuration hierarchy would the block-stuff filter be defined?
 

A. [edit firewall family vlan]
B. [edit firewall family ethernet]
C. [edit firewall family ethernet-switching]
D. [edit firewall family inet]

Answer: C


Google
 
Web www.certsbraindumps.com


Study Guides and Real Exam Questions For Oracle OCP, MCSE, MCSA, CCNA, CompTIA





              Privacy Policy                   Disclaimer                    Feedback                    Term & Conditions

www.helpline4IT.com

ITCertKeys.com

Copyright © 2004 CertsBraindumps.com Inc. All rights reserved.