1D0-671のPDFで合格させるスゴ問題集で1D0-671最新のリアル試験問題 [Q47-Q62]

Share

1D0-671のPDFで合格させるスゴ問題集で1D0-671最新のリアル試験問題

有効な1D0-671テスト解答1D0-671試験PDF問題を試そう

質問 # 47
All servers assume that a valid IP address belongs to the computer that sent it. Because TCP/IP contains no built-in authentication, a hacker can assume the identity of another device.
If your security depends entirely upon the TCP/IP identity, which type of attack can allow a hacker to gain access to your system?

  • A. A social engineering attack
  • B. A denial-of-service attack
  • C. A spoofing attack
  • D. A brute-force attack

正解:C


質問 # 48
After you have determined that a hacker has entered your system, what is the first step you should take?

  • A. Document the hacker's activity after penetration has occurred.
  • B. Review the pre-written security response policy.
  • C. Determine the scope of the breach on affected systems.

正解:B


質問 # 49
Which choice lists typical firewall functions?

  • A. Logging traffic and creating a choke point
  • B. Issuing alerts and limiting host access
  • C. Creating a VLAN and configuring the intrusion-detection system
  • D. Implementing the security policy and scanning the internal network

正解:A


質問 # 50
Which of the following is a typical target of a trojan on a Linux system?

  • A. System32 DLL files
  • B. Kernel modules
  • C. Boot sector files
  • D. Shared libraries

正解:B


質問 # 51
Which term describes an outer corporate network, created using VPN technologies, that extends the corporate network to include suppliers and customers?

  • A. Extended firewall network
  • B. Public Key Infrastructure
  • C. Virtual network
  • D. Virtual network perimeter

正解:D


質問 # 52
Which of the following errors most commonly occurs when responding to a security breach?

  • A. Making snap judgments based on emotions, as opposed to company policy
  • B. Taking too much time to document the attack
  • C. Adhering to the company policy rather than determining actions based on the IT manager's input
  • D. Shutting down network access using the firewall, rather than the network router

正解:A


質問 # 53
Which security standard consists of 11 titles that are designed to improve the accuracy and reliability of corporate disclosure to reinforce investment confidence and protect investors?

  • A. Gramm-Leach-Bliley Act (GLBA)
  • B. The Common Criteria (CC)
  • C. Sarbanes-Oxley (SOX)
  • D. ISO 17799

正解:C


質問 # 54
Consider the following image of a packet capture:
Which of the following best describes the protocol used, along with its primary benefit?

  • A. It is an active FTP session, which is necessary in order to support IPv6.
  • B. It is an active FTP session, which is supported by all FTP clients.
  • C. It is an extended passive FTP session, which is necessary to support IPv6.
  • D. It is a passive FTP session, which is easier for firewalls to process.

正解:D


質問 # 55
Your firewall is configured to forbid all internal traffic from going out to the Internet. You want to allow internal clients to access all Web traffic.
At a minimum, what ports must you open in regards to the internal systems?

  • A. TCP Port 80 and all ports above 1023
  • B. TCP Ports 80 and 443, and all ports above 1023
  • C. TCP Ports 80 and 443
  • D. All TCP ports above 80 and below 1023

正解:B


質問 # 56
Which algorithm can use a 128-bit key, and has been adopted as a standard by various governments and corporations?

  • A. RC2
  • B. International Data Encryption Algorithm (IDEA)
  • C. MARS
  • D. Advanced Encryption Standard (AES)

正解:D


質問 # 57
Which term describes a firewall topology element that consists of a subnet of computers?

  • A. Demilitarized zone (DMZ)
  • B. Security strategy
  • C. Firewall box
  • D. Zone

正解:A


質問 # 58
Which of the following applications can help determine whether a denial-ofservice attack is occurring against a network host?

  • A. The netstat command and a packet sniffer
  • B. The iptables command and Windows desktop firewall
  • C. The ps command and a network scanner
  • D. The ping command and User Manager

正解:A


質問 # 59
To implement a successful security system, you should:

  • A. place your firewall and network in a public area so that authorized users have easy access to them to solve problems as they occur.
  • B. implement beta software and operating systems that hold the promise of enhanced security measures.
  • C. find a product that can offer full protection against all threats.
  • D. use as many security principles and techniques as you can to protect each resource.

正解:D


質問 # 60
David has enabled auditing on the C, D and E drives of his Web server. This server runs Windows Server 2003 and uses all SCSI components. After David has finished his change, the help desk receives calls from customers complaining that transactions are being completed at an unusually slow rate.
What has David failed to consider?

  • A. The performance effects that auditing can have on a system
  • B. Network latency and system uptime requirements that appear to be system performance problems
  • C. The limitation that auditing can be performed on only two disks of a RAID array
  • D. The restriction that auditing cannot be established on a RAID array in Windows Server 2003

正解:A


質問 # 61
You have determined that the company Web server has several vulnerabilities, including a buffer overflow that has resulted in an attack. The Web server uses PHP and has direct connections to an Oracle database server. It also uses many CGI scripts.
Which of the following is the most effective way to respond to this attack?

  • A. Using the GET method instead of the POST method for a Web form
  • B. Using the POST method instead of the GET method for a Web form
  • C. Installing software updates for the Web server daemon
  • D. Installing an intrusion detection service to monitor logins

正解:C


質問 # 62
......

1D0-671問題集はあなたの合格を必ず保証します:https://jp.fast2test.com/1D0-671-premium-file.html


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어