|
Question 1.
Which two actions are available for Database Rules? Choose 2 that apply.
A. Command Exec action
B. Sdevent action
C. Limit field value range action
D. Update Data action
Answer: A, D
Question 2.
Which two of the following Service Desk components make it possible to trigger an outbound service event which pages the person to whom a service call has been assigned?
Choose 2 that apply.
A. Database Rule Manager
B. sdevent. exe
C. sdexport.exe
D. Service Desk Agent
E. Data Exchange task
Answer: A, D
Question 3.
Which one of the following components is NOT used for outbound service events?
A. Service Desk Agent
B. Database Rule Manager
C. Application Server
D. sdevent
Answer: D
Question 4.
According to the ITIL/Best Practices, where in Service Desk should all bugs be registered?
A. in the Configuration Management Database
B. in the Problem Management module
C. in the Service call module
D. Software bugs are NOT registered in Service Desk
Answer: B
Question 5.
Choose the TRUE statement about the relationship between incidents, problems, known errors and changes in a typical IT environment.
A. There are generally more incidents than problems.
B. All problems result in known errors.
C. All changes are results of problems.
D. The root cause of problems can be found in the related incidents.
Answer: A
Question 6.
Which three types of services can be defined in Service Desk? Choose one answer.
A. business, operations management and underpinning services
B. business, operations management and underlying services
C. hardware, software and network services
Answer: A
Question 7.
Which of the following statements about SLAs in Service Desk are FALSE?
Choose 1 answer that applies.
A. Service Level Agreements are based on services, service levels, the customers and the
suppliers.
B. Service Level Management with SLAs requires the Service Level Management Module in
Service Desk.
C. Service Level Agreements can be related to configuration items.
Answer: C
Question 8.
Incident Management is comprised of several activities. Choose the three most appropriate activities that apply.
A. Communication and promotion of helpdesk activities
B. Identification and tracking of Configuration Items
C. Support for business operations
D. Providing management information
E. Implementation and monitoring of changes
Answer: A, C, D
Question 9.
IT customers often suspect changes are required to the infrastructure.
These requests are initially registered with the ________.
A. Change Advisory Board
B. change manager
C. Help Desk
D. system administrator
Answer: C
Question 10.
According to ITIL/Best Practices, once a service call has been identified as a problem and a solution has been identified, who has the responsibility to close the service call?
A. The helpdesk
B. The problem manager
C. The latest specialist to work on the problem
Answer: A
Question 11.
Which events generally are NOT inserted as service calls in Service Desk?
A. incidents in the IT infrastructure
B. automatic events from other applications
C. requests for change
D. requests for information
Answer: B
Question 12.
The registration of a problem___________ .
A. can be the result of a root cause analysis.
B. results in a known error.
C. can be the result of several related incidents.
D. is always followed by a change request.
Answer: C
Question 13.
Identify the three main activities associated with Problem Management. Choose 3 that apply.
A. identification of problems
B. classification of problems
C. reporting of problems
D. closing calls with the customer that have NOT been closed by the helpdesk
E. reconfiguration of the environment to solve problems
Answer: A, B, C
Question 14.
According to ITIL/Best Practices, what always happens when the root cause of a problem has been identified?
A. The problem will be marked as a known error.
B. The problem will be related to a change.
C. All related service calls will be closed.
D. A change will be inserted to solve the problem.
Answer: A
Question 15.
What is the mission of Configuration Management?
A. to track and register all hardware and software assets
B. to manage and control changes to the configuration items in the IT infrastructure
C. to apply a comprehensive labeling system for all configuration items in order to identify
company assets
D. to track and control the IT Infrastructure and provide information to other service management
processes and general management.
Answer: D
Question 16.
What is the difference between parent-child relations and other CI relations?
A. Parent-child relations have strictly hierarchical relationships, other CI relations do NOT.
B. Parent-child relations can be modified indirectly through work orders, other CI relations
CANNOT.
C. Unique configuration items have parent-child relations, type Configuration Items have free-
form CI relations.
D. As opposed to parent-child relations, other CI relations are used only when you use templates
to generate configuration items.
Answer: A
Question 17.
What kind of configuration items would you register as type CIs?
A. Configuration items that have been registered by means of a template.
B. Configuration items of which at least two are part of your IT infrastructure.
C. Configuration items which share at least the same category and main category.
D. Configuration items to be managed as a group of identical items.
Answer: D
Question 18.
For CIs, what is the difference between category structure and parent-child relations?
A. Parent-child relations are always hierarchical as opposed to categories.
B. Parent-child relations group similar CIs; categories describe how CIs are linked to each other
in the infrastructure.
C. Parent-child relations refer to the way CIs are linked to each other in the infrastructure;
categories group similar CIs.
D. Parent-child relations can be applied to unique configuration items only; categories can group
both unique and type configuration items.
Answer: C
Question 19.
Which of the following three supporting processes are essential for formal Service Level Management? Choose 3 that apply.
A. Availability management
B. Incident management
C. Change management
D. Cost management
Answer: A, B, C
Question 20.
The goal of Service Level Management is to_______________- .
A. achieve a common understanding between the customer and the service provider regarding
managing expectations and delivering results.
B. achieve optimal performance of the IT infrastructure.
C. achieve a better relationship between IT and its customers.
D. manage individual infrastructure components to achieve high levels of throughput and
availability.
Answer: A
|
Question 1. Which type of vulnerability can occur when a developer exposes a reference to an internal implementation object, such as a file, directory, database record, or key, as a URL or form parameter? A. Cross-site Scripting B. Insecure Direct Object Reference C. Injection Flaw D. Cross Site Request Forgery Answer: B Question 2. After 30 minutes your scan stops with an out-of-session error. What is a possible cause of this error? A. Redundant path limit was too low. B. A parameter was not tracked. C. Flash parsing was turned off. D. Platform authentication was not configured. Answer: B Question 3. AppScan sent the following test HTTP request: GET /web/content/index.php?file=/../../../../../../../../etc/passwd%00 HTTP/1.0 Cookie: JSESSIONID=dqt0LSnfhdVyTJkCwTwfLQQSkTTGYX9D79tLLpT1yLQjVhSpZKP9!914376523; customerLanguage=en Accept: */* Accept-Language: en-US User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32) Host: www.ibm.com Although, there is no indication in the response about the existence of a password file, AppScan reported vulnerability with the following reasoning: Global Validation found an embedded script in the response (), which was probably injected by a previous test. The presence of this script in the site suggests that the application is vulnerable to which type of attack? A. Stored Cross-site Scripting B. Cross-site Scripting C. Namazu Path Traversal D. Directory Listing Answer: A Question 4. What information does difference displayed in the Request / Response tab provide? A. the difference between two tests B. how the vulnerability was resolved C. howAppScan constructed the test HTTP request D. how the Web application page has been modified from its previous version Answer: C Question 5. You are scanning a Web site in a pre-production environment. You notice that your scan is running very slowly and there are numerous communication errors. What would you do to resolve the problem? A. increase the number of threads and decrease the timeout limit B. decrease the number of threads and increase the timeout limit C. increase the number of threads and increase the timeout limit D. set the timeout to 0 for infinite timeout Answer: B Question 6. Which type of vulnerability allows an attacker to execute a malicious script in a user browser? A. Cross-site Scripting B. Injection Flaw C. Insecure Direct Object Reference D. Failure to restrict URL access Answer: A Question 7. Which statement is true about infrastructure vulnerabilities? A. They are caused by insecure coding and are fixed by modifying the application code. B. They are detected using application security scanners and exist in the Web application. C. They are known vulnerabilities and are fixed by modifying the application code. D. They exist in third-party components and are fixed by applying security patches. Answer: D Question 8. What does secure session management require? A. session tokens that are given long lifetimes B. session tokensthat are invalidated when the user logs out C. session tokensthat are persistent D. session tokens that are numeric Answer: B Question 9. Your site contains the following URL: http://www.mycompany.com/smb/default.jsp?page=wireless productID=65343, In this URL, the page parameter defines a unique page and the productID parameter defines a different product page, based on a template. How would you configure AppScan to thoroughly explore this site while avoiding redundant URLs? (Choose two.) A. ensure JavaScript Execute is turned on B. ignore the page parameter C. turn off Redundant Path limit D. track the page parameter E. Track theproductID parameter F. Ignore theproductID parameter Answer: C, F Question 10. You are scanning a Web application in a pre-production environment. During your initial assessment, you notice that some of the links are specified by IP and some by host name. Your starting URL contains an IP address, http://12.34.56.67/default.jsp. When the scan completes, you discover that it has not covered a significant portion of your Web application. What could be the reason? A. The host name is not added to the list of additional domains and servers. B. The scan is configured to use only one connection. C. There is no route to IP 12.34.56.67. D. You are not licensed to scan IP 12.34.56.67. Answer: A
Copyright © 2004 CertsBraindumps.com Inc. All rights reserved.