1D0-571 CIW v5 Security Essentials Questions and Answers

The netstat command and a packet sniffer

The ps command and a network scanner

The ping command and User Manager

The iptables command and Windows desktop firewall

Discipline specific end users as object lessons to the rest of the staff and reset passwords on all systems immediately.

Change all passwords on the company servers immediately and inform end users that their passwords will be changing on a regular basis.

Set passwords to expire at specific intervals and establish mandatory continual training sessions.

Inform end users that their passwords will be changing on a regular basis and require more complex passwords.

User authentication

Confidentiality

Security policy

Auditing

Signing files, for data integrity

Encrypting files, for data confidentiality

Key exchange, for user authentication

User authentication, for non-repudiation

Key transport across a network

Speed of encryption

Denial-of-service attacks

Inability to support convergence traffic

From the internal network, use your Web browser to determine whether all internal users can access the Web server.

From the internal network, use your e-mail client to determine whether all internal users can access the e-mail server.

From the external network, use your Web browser to determine whether all external users can access the Web server.

From the external network, use your e-mail client to determine whether all external users can access the e-mail server.

An overview of the security policy and suggestions for the next response plan

Estimates of how much the attack cost the company, and a list of the applications used by the attacker

The time and date of the attack, and the names of employees who were contacted during the response

The network resources involved in the attack, and recommendations for thwarting future attacks

The ICMP Time Exceeded message, with the threat of a denial-of-service attack

The SIP three-way handshake, with the threat of a buffer overflow

The TCP three-way handshake, with the threat of a man-in-the-middle attack

The DNS name query, with the threat of cache poisoning

Installing software updates for the Web server daemon

Using the POST method instead of the GET method for a Web form

Installing an intrusion detection service to monitor logins

Using the GET method instead of the POST method for a Web form

Enable virtualization

Contact the backup service

Contact a disk recovery service

Rebuild your RAID 0 array

Authentication

Data integrity

Access control

Intrusion detection

strong password policy.

restricted access policy.

firewall configuration policy.

proxy server policy.

It is a passive FTP session, which is easier for firewalls to process.

It is an active FTP session, which is necessary in order to support IPv6.

It is an extended passive FTP session, which is necessary to support IPv6.

It is an active FTP session, which is supported by all FTP clients.

Configuring network intrusion-detection software to monitor end user activity

Conducting a training session at the time of hire

Reconfiguring the network firewall

Assembling a team of security professionals to monitor the network

Enable stateful multi-layer inspection on the packet filter

Implement caching on the network proxy server

Enable authentication on the network proxy server

Implement a screening router on the network DMZ