You wish to install a new Windows 2003 Server in your network, and are deciding which of the server roles will best suit your environment. From the following answers, select the option that is not a Windows 2003 Server Role.
Recently, you have seen an increase in intrusion attempts and in network traffic. You decide to use
Snort to run a packet capture and analyze the traffic that is present. Looking at the example, what type of traffic did Snort capture in this log file?
When a cryptanalyst is using linguistic patterns to decrypt ciphertext, what is the analyst doing?
Recently, you have seen an increase in intrusion attempts and in network traffic. You decide to use
Snort to run a packet capture and analyze the traffic that is present. Looking at the example, what type of traffic did Snort capture in this log file?
In Windows Server 2003, there are four methods of implementing IPSec. They are:
1 - Require Security
2 - Request Security
3 - Respond Only
4 - No IPSec Policy
Your network hosts many servers, and different security policies are in place in different locations in the network. The Clients and Servers in your network are configured as follows:
-You have servers numbered 1-9, which have a policy stating they require no network traffic security.
-You have servers numbered 10-19, which have a policy stating they are not required to be secure, but will encrypt network traffic if the client is able to receive it.
-You have servers numbered 20-29, which have a policy stating they are required to be secure and all network traffic they deliver must be secured.
-You have clients numbered 60-79 that are required to access secure servers 20-29.
-You have clients numbered 80-99 that are not required to access secure servers 20-29, but are required to access servers 1-9 and 10-19.
Based on the Client and Server configuration provided above, which of the following computers will implement IPSec method 4?
You wish to manage your Linux system remotely, using a web browser. Which of the following tools will allow you to accomplish your task?
During a routine security inspection of the clients in your network, you find a program called cgiscan.c on one of the computers. You investigate the file, reading part of the contents. Using the portion of the program shown below, identify the function of the program.
Temp[1] = "GET /cgi-bin/phf HTTP/1.0\n\n";
Temp[2] = "GET /cgi-bin/Count.cgi HTTP/1.0\n\n";
Temp[3] = "GET /cgi-bin/test-cgi HTTP/1.0\n\n";
Temp[4] = "GET /cgi-bin/php.cgi HTTP/1.0\n\n";
Temp[5] = "GET /cgi-bin/handler HTTP/1.0\n\n";
Temp[6] = "GET /cgi-bin/webgais HTTP/1.0\n\n";
Temp[7] = "GET /cgi-bin/websendmail HTTP/1.0\n\n";
You have just become the senior security professional in your office. After you have taken a complete inventory of the network and resources, you begin to work on planning for a successful security implementation in the network. You are aware of the many tools provided for securing Windows 2003 machines in your network. What is the function of Secedit.exe?
Recently, you have seen an increase in intrusion attempts and in network traffic. You decide to use Snort to run a packet capture and analyze the traffic that is present. Looking at the example, what type of traffic did Snort capture in this log file?
You have a series of new Windows Server 2003 systems, including 3 new web servers running IIS 6.0.
You are concerned about the overall security of your servers, and are checking with Microsoft for any patches or updates that you might need to apply to your systems. Which of the following would you apply if you need to implement an update based on a critical Microsoft Security Bulletin?
You are creating the User Account section of your organizational security policy. From the following options, select the questions to use for the formation of this section?
You are running some tests in your network, to see if you can remotely identify the operating system of nodes in the network. Using the nmap tool, which of the following commands will identify the operating system of the computer using IP address 192.168.10.1?
To maintain the security of your network you routinely run several checks of the network and computers.
Often you use the built-in tools, such as netstat. If you run the following command:
netstat –e which of the following will be the result?
Your organization assigns an Annual Loss Expectancy to assets during a risk analysis meeting. You have a server which if down for a day will lose the company $35,000, and has a serious root access attack against it once per month. What is the ALE for this attack against this server?
You are working on the authentication systems in your network, and are concerned with your legacy systems. In Windows NT 4.0, before Service Pack 4 (SP4), there were only two supported methods of authentication. What were those two methods?
During a one week investigation into the security of your network you work on identifying the information that is leaked to the Internet, either directly or indirectly. One thing you decide to evaluate is the information stored in the Whois lookup of your organizational website. Of the following, what pieces of information can be identified via this method?
As per the guidelines in the ISO Security Policy standard, what is the purpose of the section on Physical and Environmental Security?
You have a series of new Windows Server 2003 systems, including 3 new web servers running IIS 6.0.
You are concerned about the overall security of your servers, and are checking with Microsoft for any patches or updates that you might need to apply to your systems. Which of the following would you apply if you need to implement a single update, which contains a single cumulative package that includes multiple files that are used to address a problem in your IIS Servers?
Most companies that do business via the Web offer a shopping cart so you can specify all the items you want before placing the order. Poor shopping cart design, however, can allow a different kind of hack. Take a look at the HTML code sample presented here and determine the line that presents the vulnerability:
You read on a security website that hackers are reading Newsgroup messages to try to identify potential targets and target details. You had previously not closed the port for the Newsgroup service on your firewall.
After you close that port, you do an Internet newsgroup search for your domain name. You do find several messages from users in your organization. What type of information may be found by examining these messages?
You work for a medium sized ISP and there have been several attacks of the DNS configuration recently.
You are particularly concerned with DNS Spoofing attacks. If an attacker is able to send out false data to a
DNS client before the response from the DNS server arrives, this is which type of DNS Spoofing?
In Windows 2003, there are four methods of implementing IPSec. They are:
1 - Require Security
2 - Request Security
3 - Respond Only
4 - No IPSec Policy
Your network hosts many servers, and different security policies are in place in different locations in the network. The Clients and Servers in your network are configured as follows:
-You have servers numbered 1-9, which have a policy stating they require no network traffic security.
-You have servers numbered 10-19, which have a policy stating they are not required to be secure, but will encrypt network traffic if the client is able to receive it.
-You have servers numbered 20-29, which have a policy stating they are required to be secure and all network traffic they deliver must be secured.
-You have clients numbered 60-79 that are required to access secure servers 20-29.
-You have clients numbered 80-99 that are not required to access secure servers 20-29, but are required to access servers 1-9 and 10-19.
Based on the Client and Server configuration provided above, which of the following computers must implement IPSec method 3?
You are running a Linux Server for your organization. You realize after a security scan that the Telnet service is accepting connections, which you do not want. In order to disable the computers ability to accept incoming Telnet sessions, the easiest method for you to choose is which of the following?
After installing a new SuSe Linux system, you wish to enhance the security of this computer. You type in the following commands (with actions in parenthesis): grub (press Enter) md5crypt qwerty (copy the result of this command) quit
gedit /boot/grub/menu.1st & password -md5 (Paste what you copied earlier)
(Save and close gedit)
What is the effect of following these commands and actions?
Recently, you have seen an increase in intrusion attempts and in network traffic. You decide to use
Snort to run a packet capture and analyze the traffic that is present. Looking at the example, what type of traffic did Snort capture in this log file?
You have decided to alter the default permissions of files on your SuSe Linux system. To do so, you are going to change the umask settings. Where is the umask setting located?
You are creating a new Auditing and Logging policy for your network. On a Windows 2003 system, if you wish to audit events like the computer restarting, which of the following options would you use?
You are showing a colleague some of the commands available in Linux, and you type telinit 6 what is the result of typing this command?
Exin certification | SCNP Questions Answers | SCNP Test Prep | SCNP Strategic Infrastructure Security Questions PDF | SCNP Online Exam | SCNP Practice Test | SCNP PDF | SCNP Test Questions | SCNP Study Material | SCNP Exam Preparation | SCNP Valid Dumps | SCNP Real Questions | Exin certification SCNP Exam Questions