CIW 1D0-571 Free Practice Questions

Question No: 1

Consider the following image of a packet capture:

This packet capture has recorded two types of attacks. Which choice lists both attack types?

A. A dictionary attack and a worm-based attackA.A dictionary attack and a worm-based attack

B. A syn flood attack and a spoofing attackB.A syn flood attack and a spoofing attack

C. A worm attack and a botnet attack C.A worm attack and a botnet attack

D. A SQL injection attack and a virus attackD.A SQL injection attack and a virus attack

View Answer

Question No: 2

A new server has been placed on the network. You have been assigned to protect this server using a packet-filtering firewall. To comply with this request, you have enabled the following ruleset:

Which choice describes the next step to take now that this ruleset has been enabled?

A. From the internal network, use your Web browser to determine whether all internal users can access the Web server.

B. From the internal network, use your e-mail client to determine whether all internal users can access the e-mail server.

C. From the external network, use your Web browser to determine whether all external users can access the Web server.

D. From the external network, use your e-mail client to determine whether all external users can access the e-mail server.

View Answer

Question No: 3

Which of the following errors most commonly occurs when responding to a security breach?

A. Shutting down network access using the firewall, rather than the network router

B. Adhering to the company policy rather than determining actions based on the IT manager's input

C. Making snap judgments based on emotions, as opposed to company policy

D. Taking too much time to document the attack

View Answer

Question No: 4

Which of the following applications can help determine whether a denial-of-service attack is

A. The netstat command and a packet sniffer

B. The ps command and a network scanner

C. The ping command and User Manager

D. The iptables command and Windows desktop firewall

View Answer

Question No: 5

You want to create a certificate for use in a Secure Sockets Layer (SSL) session. Which of the following is responsible for verifying the identity of an individual and also issuing the certificate?

A. Kerberos server

B. Certificate authority

C. Certificate revocation entity

D. Certificate repository

View Answer

Question No: 6

A. Application layer

B. Network layer

C. Session layer

D. Transport layer

View Answer

Question No: 7

Requests for Web-based resources have become unacceptably slow. You have been assigned to implement a solution that helps solve this problem. Which of the following

A. Enable stateful multi-layer inspection on the packet filter

B. Implement caching on the network proxy server

C. Enable authentication on the network proxy server

D. Implement a screening router on the network DMZ

View Answer

Question No: 8

You have discovered that the ls, su and ps commands no longer function as expected. They do not return information in a manner similar to any other Linux system. Also, the implementation of Tripwire you have installed on this server is returning new hash values. Which of the following has most likely occurred?

A. A trojan has attacked the system.

B. A SQL injection attack has occurred.

C. A spyware application has been installed.

D. A root kit has been installed on the system.

View Answer

Question No: 9

Which tool is best suited for identifying applications and code on a Web server that can lead to a SQL injection attack?

A. A vulnerability scanner

B. A packet sniffer

C. An intrusion-detection system

D. A network switch

View Answer

Question No: 10

Which of the following will best help you ensure a database server can withstand a recently discovered vulnerability?

A. Updating the company vulnerability scanner and conducting a new scan

B. Adding a buffer overflow rule to the intrusion detection system

C. Reconfiguring the firewall

D. Installing a system update

View Answer