050-SEPROSIEM-01 - RSA Certified SE Professional in Security Information and Event Management
Go back to RSA
Which statement best describes Wired Equivalent Privacy (WEP)?
WEP represents the first attempt at designing an algorithm to protect wireless communication from eavesdropping.
Identify two (2) ways that computer viruses and worms differ. (Choose TWO.)
A virus attaches itself to files or applications; a worm usually resides in memory, and does not need to attach itself to a file or application.
A virus-infected program or file can be detected and repaired with appropriate antivirus software; worms cannot be detected or eliminated until they attempt to infect other computers.
In your web browser you type a URL that starts with https://. To what port will your browser connect, by default?
The keep-state option in a Mac OS X firewall ________.
allows a two-way connection to be established between the source and destination addresses
Which procedure will disable a known Open Firmware password?
Start up in Open Firmware, type "setenv security-mode none", enter the current Open Firmware password at the prompt, then type "reset-all" to restart the computer.
What are the recommended POSIX permissions for a web folder being shared through WebDAV?
user - www group - www user/group/other - 775
How can you train SpamAssassin to differentiate between spam and legitimate email?
Use sa-learn to notify SpamAssassin of false positives and false negatives.
Which action will result in a secure connection to a server?
In Terminal, choose "Connect to Server" from the File menu, then select Secure Shell (ssh) from the Service column, and the server from the Server column.
What two (2) steps are necessary to configure your HTTP website to forward to an SSL website? (Choose TWO.)
In Server Admin's Web pane, select the Enable Secure Sockets Layer (SSL) checkbox and click OK.
In Server Admin's Web pane, edit the http:// site, and select "Add new alias or redirect", then enter the URL for the secure site.
If you see the password dialog shown above, which statement below MUST be true? <e ip="3.312.2209.b"></e>
Mail has found a relevant keychain entry.
What two (2) command-line tools can help identify suspicious activity that could indicate malicious software on a computer? (Choose TWO.)
You are configuring an AirPort network for WPA Enterprise. Which step is required?
On the client, choose the EAP (Extensible Authentication Protocol) of the RADIUS server.
When using the Common Criteria tools, to which file do you add "+lo" if you want to log only successful logins performed by specific users?
________ is a command-line tool that displays the headers of packets seen by a computer's network interface card.
Which two (2) features are provided by SSH, but not by Telnet? (Choose TWO.)
encrypted communication sessions
According to Password Assistant's policy rules, a "memorable" password consists of ________.
a word from the local dictionary, followed by a one- to three-digit number, followed by a punctuation mark, followed by another word from the local dictionary
Which two (2) of these files have privileges that allow the Apache web server to read them? (Choose TWO.)
-rw-r----- 1 bob www 2832 Jan 30 14:26 menu.html
-rw-r--r-- 1 bob staff 2832 Jan 30 14:26 index2.html
How do you enable SpamAssassin in Mail services in Mac OS X Server v10.4?
In Server Admin, choose Mail, then Filters, then select "Scan email for junk mail."
Which two (2) steps to obtain a certificate from a third-party are essential for signing email? (Choose TWO.)
Create a key pair.
Generate a CSR (Certificate Signing Request).
You have various sensitive documents that you want to keep encrypted, while still being able to distribute them to others. Which feature is best for this task?
Encrypted Disk Image
Which two (2) authentication mechanisms are available to SSH users? (Choose TWO.)
public/private key pair
user name and password
Which two (2) steps can you take to prevent your mail service in Mac OS X Server v10.4 from being used as an open relay? (Choose TWO.)
Require SMTP authentication.
Limit the hosts and networks from which you accept relays.
Which two (2) actions might a rootkit perform? (Choose TWO.)
Provide remote access to a computer by opening ports.
Provide a set of tools that allow the system administrator to monitor security events.
When using certificates, what role does a Certificate Authority (CA) play?
A CA is a trusted third party that ensures the identity of the server.
Which statement is true of secure authentication for POP clients using Mac OS X Server mail services?
When using APOP authentication, the Mail server stores passwords in a recoverable form.
Which statement describes a function of the Master Password?
The Master Password accesses a keychain that holds a method to decrypt a FileVault home folder without the user password.
You want to give the group labadmin the ability to unlock any user's screen saver, but not give the group any further administrative rights. How do you do this?
Create a new right and rule in the /etc/authorization file
You have first enabled Personal File Sharing on your computer, and then turned on the built-in firewall. How does the default behavior of the Mac OS X firewall affect file sharing on your computer?
Any computer can connect to your computer via AFP.
Which command will find files that have the SUID bit set?
sudo find / -perm +4000 -print
What does Stealth Mode on the Mac OS X Firewall do?
It disables the sending of denials to blocked packets.
Which command will force users on local computers to create passwords of at least 12 characters, whether or not they are connected to a directory server?
pwpolicy -n /NetInfo/DefaultLocalNode -a administrator -setglobalpolicy minChars=12
The Common Data Security Architecture (CDSA) is ________.
a cryptographic services toolkit
Which statement best describes FileVault?
It provides 128-bit AES encryption to protect data in a user's home folder.
Which statement describes an effective method to conceal an installed rootkit?
Install modified utilities, like ls and ps, that do not see the rootkit.
Which Mac OS X log contains a record of every login and logout performed at the command line or from the login window?
Which statement best describes the Controlled Access Protection Profile (CAPP)?
Written by the National Security Agency, it defines security requirements and auditing capabilities.
By default, which protocol does the VPN service in Mac OS X Server v10.4 use to authenticate users?
You have configured your AirPort Base Station for 128-bit WEP authentication, and have assigned a network passphrase. Why would you need to distribute the 26-digit hex key to your users?
The hex key allows for compatibility with older machines and different platforms
Which command will create an encrypted disk image?
hdiutil create SecretImage.sparseimage -size 2g -encryption -fs HFS+ -volname SecretImage.sparseimage
Which file do you configure to enable Common Criteria auditing on startup?
You must configure Mac OS X so that each of your users can access his or her home folder over the network. Which service, if used to accomplish this goal, would cause a weak hash of each user's password to be stored in the shadow hash file?
Which action will enable ACLs on a Mac OS X v10.4 volume?
Type "sudo /usr/sbin/fsaclctl -p / -e" in Terminal.
How are passwords in a Mac OS X keychain kept secure?
The keychain file is encrypted with 3DES.
Which protocol can be enabled in Mac OS X Mail to handle encryption of communication with a mail server?
You want to use Directory Access Control Lists (DACLs) in LDAP. Which step must you complete?
Edit the AccessControlEntry attribute in Inspector in Workgroup Manager.
You want to check your bank statement using Safari 2.x on a public terminal. In what two (2) ways can you ensure that NO record of your activities will be visible after your banking session is complete? (Choose TWO.)
Choose Reset Safari at the end of your session.
Enable Private Browsing before you begin your session.
Why should you avoid logging in as an administrator to perform routine tasks?
If you log in as an administrator, untrusted programs can write to sensitive areas of the file structure without requiring further authentication.
Consider the following folder listing: drwxrwxrwt 5 root staff 170 May 20 16:39 /Users/Public/Shared/ Inside the folder is the file Report.rtf: -rw-r--r-- 1 kim staff 0 Oct 11 15:51 Report.rtf Who can delete Report.rtf?
Kim and the root user
What Common Criteria tool lets you specify which log events to display?
What is the result of adding the line below to the default slapd.conf file? disallow bind_anon
Clients will be required to provide authentication to use LDAP.