1D0-671無料問題集「CIW Web Security Associate」

質問 1

Which two protocols can be found at the transport layer of the TCP/IP stack?

（A）File Transfer Protocol (FTP) and Hypertext Transfer Protocol (HTTP)

（B）Post Office Protocol 3 (POP3) and Simple Mail Transfer Protocol (SMTP)

（C）Internet Protocol (IP) and Internet Control Message Protocol (ICMP)

（D）Transmission Control Protocol (TCP) and User Datagram Protocol (UDP)

正解：D 解答を投票する

質問 2

Which of the following applications can help determine whether a denial-ofservice attack is occurring against a network host?

（A）The ping command and User Manager

（B）The ps command and a network scanner

（C）The iptables command and Windows desktop firewall

（D）The netstat command and a packet sniffer

正解：D 解答を投票する

質問 3

David has enabled auditing on the C, D and E drives of his Web server. This server runs Windows Server 2003 and uses all SCSI components. After David has finished his change, the help desk receives calls from customers complaining that transactions are being completed at an unusually slow rate.
What has David failed to consider?

（A）The limitation that auditing can be performed on only two disks of a RAID array

（B）The restriction that auditing cannot be established on a RAID array in Windows Server 2003

（C）Network latency and system uptime requirements that appear to be system performance problems

（D）The performance effects that auditing can have on a system

正解：D 解答を投票する

質問 4

What is the primary strength of symmetric-key encryption?

（A）It allows easy and secure exchange of the secret key.

（B）It creates a ash?of a text, enabling data integrity.It creates a ?ash?of a text, enabling data integrity.

（C）It can encrypt large amounts of data very quickly.

（D）It provides non-repudiation services more efficiently than asymmetric-key encryption.

正解：C 解答を投票する

質問 5

Which protocol uses cleartext communication by default?

（A）SSL

（B）HTTP

（C）IPSEC

（D）POP3

正解：B 解答を投票する

質問 6

At the beginning of an IPsec session, which activity occurs during the Internet Key Exchange (IKE)?

（A）Negotiating the version of IP to be used

（B）Negotiating the authentication method

（C）Determining the network identification number

（D）Determining the number of security associations

正解：B 解答を投票する

質問 7

You are creating an information security policy for your company.
Which of the following activities will help you focus on creating policies for the most important resources?

（A）Logging users

（B）Implementing non-repudiation

（C）Classifying systems

（D）Auditing the firewall

正解：C 解答を投票する

質問 8

How do activity logs help to implement and maintain a security plan?

（A）Activity logs provide advice on firewall installation, because they enable network baseline creation.

（B）Activity logs remind users to log on with strong passwords, because the logs can be analyzed to see if users are complying with policy.

（C）Activity logs dissuade would-be hackers from breaching your security.

（D）Activity logs allow you to determine if and how an unauthorized activity occurred.

正解：D 解答を投票する

質問 9

When Tripwire discovers that a file or database has been altered, how will it alert you?

（A）Via an e-mail message only

（B）Via a pager configured to receive a special signal

（C）Via e-mail or a log file entry

（D）Via a log file entry only

正解：C 解答を投票する

質問 10

All servers assume that a valid IP address belongs to the computer that sent it. Because TCP/IP contains no built-in authentication, a hacker can assume the identity of another device.
If your security depends entirely upon the TCP/IP identity, which type of attack can allow a hacker to gain access to your system?

（A）A social engineering attack

（B）A denial-of-service attack

（C）A brute-force attack

（D）A spoofing attack

正解：D 解答を投票する

1D0-671 無料問題集「CIW Web Security Associate」

弊社を連絡する

関連リンク

トップ試験