EX0-107 - SCNP Strategic Infrastructure Security
Go back to EXIN
After you have configured your new Linux file server, a colleague wishes to check the permission settings on some files. You run the command to view the permissions, and the onscreen result is: -rwx-rw-rw- 1 ps_admin root 2345 10:23 file1 Which of the following are true based on this output?
The owner has read, write, and execute permissions
ps_admin is the owner
root is the group
You have a file on your Linux system, and you need to modify the file's permissions. The permissions you wish to apply are: Read and Write for the User; Read and Write for the Group: and Read for the others. What command will allow you to achieve this?
chmod 664 test_file.tar.gz
During a discussion of asset classification and protection with a coworker, you realize that your coworker does not know the basic concepts of asset protection. You are asked to describe the types of asset protection. Which of the following describes the concept of feasible protection of an asset?
The cost to protect the asset is less than the cost of recovery of the asset.
To manage the risk analysis of your organization you must first identify the method of analysis to use. Which of the following organizations defines the current standards of risk analysis methodologies?
To maintain the security of your network you routinely run several checks of the network and computers. Often you use the built-in tools, such as netstat. If you run the following command: netstat -e which of the following will be the result?
Displays Ethernet statistics
In order to obtain public IP addresses, Internet Service Providers (ISPs) contact their upstream registry or their appropriate regional registry (an IANA subsidiary) at which of the following?
You have recently installed a new Linux machine, running Apache as your web server. You are running Novell SuSe Linux, and are going to use YaST to disable some unneeded modules. In the left-hand options of YaST, which section would you choose in order to disable modules for your Apache web server?
In order to check on the passwords in your organization, you have been given the authority to run a password checking tool. You are going to use the tool LCP to check the passwords. What are the three main options available to you to configure LCP to attack and check passwords?
Brute Force Attack
Which one of the following is an incorrect mod equation?
(6-1) mod 3 = 0
Which cryptographic process took advantage of a physical machine using rotors?
You have a file on your Linux system, and you need to modify the file's permissions. The permissions you wish to apply are: Read, Write, and Execute for the User; Read for the Group: and Read for the others. What command will allow you to achieve this?
chmod 744 test_file.tar.gz
You have a file on your Linux system, and you need to modify the file's permissions. The permissions you wish to apply are: Read, Write, and Execute for the User; Read and Write for the Group: and Read for the Others. What command will allow you to achieve this?
chmod 774 test_file.tar.gz
You have recently hired an assistant to help you with managing the security of your network. You are currently running an all Windows Server 2003 environment, and are describing the issues associated with sharing folders. You describe different shared folder permissions. Which of the following describes the maximum abilities of the Read permission?
Display folder names, filenames and data, and execute files
You work for a medium sized ISP and there have been several attacks of the DNS configuration recently. You are particularly concerned with DNS Spoofing attacks. If an attacker is able to send out false data to a DNS client before the response from the DNS server arrives, this is which type of DNS Spoofing?
Spoofing the DNS Response
You are forming the security policy for your organization. You have identified those in the organization who will participate in the creation of the policy. Several of the people you have contacted wish to know what will be on the agenda during the first meeting. During the very first policy design meeting, which of the following issues will you tell those in the policy committee to discuss?
Identification of the critical business resources
Determination of the type of policy to create
Identification of the critical business policies
You have a series of new Windows Server 2003 systems, including 3 new web servers running IIS 6.0. You are concerned about the overall security of your servers, and are checking with Microsoft for any patches or updates that you might need to apply to your systems. Which of the following would you apply if you need to implement a single update, which contains a single cumulative package that includes multiple files that are used to address a problem in your IIS Servers?
In the past it was, at times, difficult to locate current information on security vulnerabilities. What is the name of the security communitys effort to create a comprehensive database of multiple vulnerabilities and security tools?
Common Vulnerabilities and Exposures
On your Linux computer you are examining the contents of various files to ensure they are secured and contain the designated information. Entries in the /etc/hosts file consist of which of the following?
The IP address, the host-name and aliases (if any)
You are creating the Remote Access section of your organizational security policy. From the following options, select the questions to use for the formation of this section?
What methods of remote access are allowed (cable modem, DSL, and so on)?
What is the process for becoming authorized for remote access?
Is the entire network accessible remotely?
You are studying the current attack methods and find that one of your servers is vulnerable to a Buffer Overflow attack. Which of the following do Buffer Overflows exploit?
A program that does not do bounds checking
Recently you found out that there has been a flood of bogus network traffic hitting your Email server. Because of this flood, authorized users have not been able to consistently send or receive email. What is happening to your Email server?
A Denial of Service Attack
If you wanted to use Public Key cryptography to encrypt data transmissions, which of the following ciphers could you use?
Which of the following types of attack is a vulnerability of DH?
It has come to your attention that some machine has tried to send a packet to your DNS server containing both a DNS query and an answer that is false. What type of attack was used against your network?
DNS cache poisoning
During a test of your SuSe Linux machine, you have noticed a specific process that is no longer working as desired. What is the proper command to restart a process?
kill -HUP <pid>
Default DES implementations use a key length that is how long?
Often times attackers will run scans against the network to identify different network and operating systems, and resources that are available. If an attacker runs scans on the network, and you are logging the connections, which of the following represent the legitimate combination of packets that will be sent between the attacker and target?
Attacker NULL Scan, Target RST Response
Attacker FIN Scan, Target RST Response
During a one week investigation into the security of your network you work on identifying the information that is leaked to the Internet, either directly or indirectly. One thing you decide to evaluate is the information stored in the Whois lookup of your organizational website. Of the following, what pieces of information can be identified via this method?
You wish to install a new Windows 2003 Server in your network, and are deciding which of the server roles will best suit your environment. From the following answers, select the option that is not a Windows 2003 Server Role.
Recently at your organization you have been requested to lead the team in performing a new Risk Analysis of the organization. During the first team meeting you identify to your team the three areas of Risk Analysis. What are those three areas?
Predicting Risk, Quantifying Risk, Mitigating Risk
It has been decided that the network you manage will implement new Windows 2003 Servers, using Active Directory. You are configuring several of the Active Directory objects in your Windows 2003 network. What is used as the default security for these objects?
When a cryptanalyst is using linguistic patterns to decrypt ciphertext, what is the analyst doing?
Analyzing the frequency of letters
Which of the following is the name of the Active X authentication system Microsoft has included to prevent Active X controls from being altered or corrupted by attackers wanting to perform unwarranted operations?
You are aware of the significance and security risk that Social Engineering plays on your company. Of the following Scenarios, select those that, just as described, represent potentially dangerous Social Engineering:
An email, sent by the Vice President of Sales and Marketing, is received by the Help Desk asking to reset the password of the VP of Sales and Marketing.
An email is received by the Chief Security Officer (CSO) about a possible upgrade coming from the ISP to a different brand of router. The CSO is asked for the current network's configuration data and the emailer discusses the method, plan, and expected dates for the rollover to the new equipment.
Your network has been hit by a very bad virus recently. As you tracked the virus through the network, it was changing from system, to system. Each time it went to infect a system; it had evolved slightly to have a different file size, or different file structure. After extensive work, you and your team were able to isolate and remove the virus from the network. Which of the following best identifies the type of virus that was in your network?
In your Windows 2003 Active Directory enabled network it has been decided that Dynamic DNS will be implemented. Once implemented this should help to minimize IP address to name mapping issues. One of your assistants wonders if using DDNS will present a single point of failure for the network. Which of the following is the reason that this is not the case?
All the Windows 2003 domain controllers maintain a copy of the DDNS database.
You are reviewing the lines used in the configuration of TCP Wrappers on your Linux system. When placed in the denial file, what is the function of the following line? in.telnetd: 192.168.23.: spawn (/bin/echo %c >> /var/log/telnet.log)
This line will write a log line that contains client information when a host from the 192.168.23.0/24 network attempts to use Telnet.
If you have enabled the Shadow Password file on your Linux system, what will be visible as the password for a user account in the /etc/passwd file?
A single X
You are running a Linux machine as a dedicated file server for your network. You are trying to use Nmap to perform some security tests. On your Linux machine, in order to run TCP SYN scans from a host using Nmap or NmapFE you must have which of the following?
You have just installed a new SuSe Linux machine, and you are working on managing the processes running on the system. What command will you need to issue in order to see the running processes, with the screen being updated every 10 seconds?
top d 10
During a routine security inspection of the clients in your network, you find a program called cgiscan.c on one of the computers. You investigate the file, reading part of the contents. Using the portion of the program shown below, identify the function of the program. Temp = "GET /cgi-bin/phf HTTP/1.0\n\n"; Temp = "GET /cgi-bin/Count.cgi HTTP/1.0\n\n"; Temp = "GET /cgi-bin/test-cgi HTTP/1.0\n\n"; Temp = "GET /cgi-bin/php.cgi HTTP/1.0\n\n"; Temp = "GET /cgi-bin/handler HTTP/1.0\n\n"; Temp = "GET /cgi-bin/webgais HTTP/1.0\n\n"; Temp = "GET /cgi-bin/websendmail HTTP/1.0\n\n";
The program is a vulnerability scanner
In Windows Server 2003, there are four methods of implementing IPSec. They are: 1 - Require Security 2 - Request Security 3 - Respond Only 4 - No IPSec Policy Your network hosts many servers, and different security policies are in place in different locations in the network. The Clients and Servers in your network are configured as follows: -You have servers numbered 1-9, which have a policy stating they require no network traffic security. -You have servers numbered 10-19, which have a policy stating they are not required to be secure, but will encrypt network traffic if the client is able to receive it. -You have servers numbered 20-29, which have a policy stating they are required to be secure and all network traffic they deliver must be secured. -You have clients numbered 60-79 that are required to access secure servers 20-29. -You have clients numbered 80-99 that are not required to access secure servers 20-29, but are required to access servers 1-9 and 10-19. Based on the Client and Server configuration provided above, which of the following computers will implement IPSec method 4?
Computers numbered 1-9
Computers numbered 80-99
During the configuration of your Linux system, you are working with the available drives in the computer. What syntax defines the First (Primary) IDE hard disk drive?
When the first new user is created in Linux, what is the starting value for the assignment of a User Identifier?
You wish to add a new group to your Linux system. The group is called SCNP_Admins, and is to be given a Group Identifier of 1024. What is the correct command to add this new group?
groupadd -g 1024 SCNP_Admins
When using the 3DES encryption ( C = EK1[DK2[EK1[P]]] ), what is the function of D?
D is the decryption key
Which three of the following are examples of the reason that Message Authentication is needed?
You have just become the senior security professional in your office. After you have taken a complete inventory of the network and resources, you begin to work on planning for a successful security implementation in the network. You are aware of the many tools provided for securing Windows 2003 machines in your network. What is the function of Secedit.exe?
This tool is used to analyze a large number of computers in a domain-based infrastructure.
You are in the process of securing several new machine on your Windows 2003 network. To help with the process Microsoft has defined a set of Security Templates to use in various situations. Which of the following best describes the Secure Security Templates (SECURE*.INF)?
This template is provided to implement suggested security settings for all security areas, except for the following: files, folders, and Registry keys.
You are going to use EFS to increase the security of the files and folders on your Windows Server 2003 systems in your network. You wish to have complete knowledge of the process of EFS, so that you may manage any situations or problems that may arise. What is file data encrypted with when using EFS?
FEK (File Encryption Key)