1D0-571 - CIW v5 Security Essentials

Go back to CIW

Example Questions

Consider the following series of commands from a Linux system: iptables -A input -p icmp -s 0/0 -d 0/0 -j REJECT Which explanation best describes the impact of the resulting firewall ruleset? Which tool is best suited for identifying applications and code on a Web server that can lead to a SQL injection attack? At what layer of the OSI/RM does a packet filter operate? Which of the following is most likely to address a problem with an operating system's ability to withstand an attack that attempts to exploit a buffer overflow? You have implemented a version of the Kerberos protocol for your network. What service does Kerberos primarily offer? Which of the following is most likely to pose a security threat to a Web server? You want to create a quick solution that allows you to obtain real-time login information for the administrative account on an LDAP server that you feel may become a target. Which of the following will accomplish this goal? What is the primary drawback of using symmetric-key encryption? Which of the following is considered to be the most secure default firewall policy, yet usually causes the most work from an administrative perspective? You have determined that an attack is currently underway on your database server. An attacker is currently logged in, modifying data. You want to preserve logs, caching and other data on this affected server. Which of the following actions will best allow you to stop the attack and still preserve data? Which of the following standards is used for digital certificates? You purchased a network scanner six months ago. In spite of regularly conducting scans using this software, you have noticed that attackers have been able to compromise your servers over the last month. Which of the following is the most likely explanation for this problem? You have been asked to encrypt a large file using a secure encryption algorithm so you can send it via e-mail to your supervisor. Encryption speed is important. The key will not be transmitted across a network. Which form of encryption should you use? An application is creating hashes of each file on an attached storage device. Which of the following will typically occur during this process? Your organization has made a particularly unpopular policy decision. Your supervisor fears that a series of attacks may occur as a result. You have been assigned to increase automated auditing on a server. When fulfilling this request, which of the following resources should you audit the most aggressively? Which of the following can help you authoritatively trace a network flooding attack? Which of the following is the most likely first step to enable a server to recover from a denial-of- service attack in which all hard disk data is lost? The best way to thwart a dictionary attack is by enforcing a: What is the primary use of hash (one-way) encryption in networking? Which of the following applications can help determine whether a denial-of-service attack is occurring against a network host? You have determined that the company Web server has several vulnerabilities, including a buffer overflow that has resulted in an attack. The Web server uses PHP and has direct connections to an Oracle database server. It also uses many CGI scripts. Which of the following is the most effective way to respond to this attack? Which algorithm can use a 128-bit key, and has been adopted as a standard by various governments and corporations? Which of the following describes the practice of stateful multi-layer inspection? A CGI application on the company's Web server has a bug written into it. This particular bug allows the application to write data into an area of memory that has not been properly allocated to the application. An attacker has created an application that takes advantage of this bug to obtain credit card information. Which of the following security threats is the attacker exploiting, and what can be done to solve the problem? At the beginning of an IPsec session, which activity occurs during the Internet Key Exchange (IKE)? Which of the following is a primary weakness of asymmetric-key encryption? The most popular types of proxy-oriented firewalls operate at which layer of the OSI/RM? You have just deployed an application that uses hash-based checksums to monitor changes in the configuration scripts of a database server that is accessible via the Internet. Which of the following is a primary concern for this solution? Which of the following will best help you ensure a database server can withstand a recently discovered vulnerability? Which of the following errors most commonly occurs when responding to a security breach? You are using a PKI solution that is based on Secure Sockets Layer (SSL). Which of the following describes the function of the asymmetric-key-encryption algorithm used? What is the first tool needed to create a secure networking environment? A disgruntled employee has discovered that the company Web server is not protected against a particular buffer overflow vulnerability. The disgruntled employee has created an application to take advantage of this vulnerability and secretly obtain sensitive data from the Web server's hard disk. This application sends a set of packets to the Web server that causes it to present an unauthenticated terminal with root privileges. What is the name for this particular type of attack? You have discovered that the ls, su and ps commands no longer function as expected. They do not return information in a manner similar to any other Linux system. Also, the implementation of Tripwire you have installed on this server is returning new hash values. Which of the following has most likely occurred? A security breach has occurred in which a third party was able to obtain and misuse legitimate authentication information. After investigation, you determined that the specific cause for the breach was that end users have been placing their passwords underneath their keyboards. Which step will best help you resolve this problem? Irina has contracted with a company to provide Web design consulting services. The company has asked her to use several large files available via an HTTP server. The IT department has provided Irina with user name and password, as well as the DNS name of the HTTP server. She then used this information to obtain the files she needs to complete her task using Mozilla Firefox. Which of the following is a primary risk factor when authenticating with a standard HTTP server? Which of the following is a common problem, yet commonly overlooked, in regards to physical security in server rooms? You have implemented a service on a Linux system that allows a user to read and edit resources. What is the function of this service? Which of the following activities is the most effective at keeping the actions of nae end users from putting the company's physical and logicalWhich of the following activities is the most effective at keeping the actions of na?e end users from putting the company's physical and logical resources at risk? A new video conferencing device has been installed on the network. You have been assigned to troubleshoot a connectivity problem between remote workers and the central company. Specifically, remote workers are having problems making any connection at all. Which technique will most likely help you solve this problem while retaining the existing level of security at the firewall? A security breach has occurred involving the company e-commerce server. Customer credit card data has been released to unauthorized third parties. Which of the following lists the appropriate parties to inform? You have been assigned to provide security measures for your office's reception area. Although the company needs to provide security measures, costs must be kept to a minimum. Which of the following tools is the most appropriate choice? Jason is attempting to gain unauthorized access to a corporate server by running a program that enters passwords from a long list of possible passwords. Which type of attack is this? You want to create a certificate for use in a Secure Sockets Layer (SSL) session. Which of the following is responsible for verifying the identity of an individual and also issuing the certificate? What is the primary strength of symmetric-key encryption? A distributed denial-of-service (DDOS) attack has occurred where both ICMP and TCP packets have crashed the company's Web server. Which of the following techniques will best help reduce the severity of this attack? Which of the following details should be included in documentation of an attack? You have been assigned to configure a DMZ that uses multiple firewall components. Specifically, you must configure a router that will authoritatively monitor and, if necessary, block traffic. This device will be the last one that inspects traffic before it passes to the internal network. Which term best describes this device? Which of the following organizations provides regular updates concerning security breaches and issues? Which of the following is a primary auditing activity?