|
Question 1. Which method is LEAST intrusive to check the environment for known software flaws? A. Port scanner B. Vulnerability scanner C. Penetration test D. Protocol analyzer Answer: B Question 2. On a remote machine, which action will you usually take to determine the operating system? A. MAC flooding B. System fingerprinting C. DNS spoofing D. Privilege escalation Answer: B Question 3. For the following sites, which one has the means (e.g. equipment, software, and communications) to facilitate a full recovery within minutes? A. Cold site B. Hot site C. Warm site D. Reciprocal site Answer: B Question 4. Which description is true about the process of securely removing information from media (e.g. hard drive) for future use? A. Deleting B. Reformatting C. Sanitization D. Destruction Answer: C Question 5. Choose the access control method which provides the most granular access to protected objects? A. Capabilities B. Access control lists C. Permission bits D. Profiles Answer: B Question 6. Why malware that uses virtualization techniques is difficult to detect? A. The malware may be implementing a proxy server for command and control. B. A portion of the malware may have been removed by the IDS. C. The malware may be using a Trojan to infect the system. D. The malware may be running at a more privileged level than the antivirus software. Answer: D Question 7. Which one of the following options is an attack launched from multiple zombie machines in attempt to bring down a service? A. TCP/IP hijacking B. DoS C. DDoS D. Man-in-the-middle Answer: C Question 8. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network uses the RBAC (Role Based Access Control) model. You must plan the security strategy for users to access resources on the ITCertKeys.com network. The types of resources you must control access to are mailboxes, and files and printers. Certways.com is divided into distinct departments and functions named Finance, Sales, Research and Development, and Production respectively. Each user has its own workstation, and accesses resources based on the department wherein he/she works. You must determine which roles to create to support the RBAC (Role Based Access Control) model. Which of the following roles should you create? A. Create mailbox, and file and printer roles. B. Create Finance, Sales, Research and Development, and Production roles. C. Create user and workstation roles. D. Create allow access and deny access roles. Answer: B Question 9. What technology is able to isolate a host OS from some types of security threats? A. Kiting B. Virtualization C. Cloning D. Intrusion detection Answer: B Question 10. Which method could identify when unauthorized access has occurred? A. Implement session termination mechanism. B. Implement previous logon notification. C. Implement session lock mechanism. D. Implement two-factor authentication. Answer: B Question 11. On the topic of the DAC (Discretionary Access Control) model, choose the statement(s) which are TRUE. A. All files that do not have a specified owner cannot be modified. B. The system administrator is an owner of all objects. C. The operating system is an owner of all objects. D. All objects have an owner, and this owner has full control over that specific object. Answer: D
Copyright © 2004 CertsBraindumps.com Inc. All rights reserved.