CIW v5 Security Essentials v6.0

Page:    1 / 5   
Exam contains 62 questions

A disgruntled employee has discovered that the company Web server is not protected against a particular buffer overflow vulnerability. The disgruntled employee has created an application to take advantage of this vulnerability and secretly obtain sensitive data from the Web server's hard disk. This application sends a set of packets to the Web server that causes it to present an unauthenticated terminal with root privileges. What is the name for this particular type of attack?

  • A. Man-in-the-middle attack
  • B. Trojan
  • C. Denial of service
  • D. Zero-day attack


Answer : D

Which of the following details should be included in documentation of an attack?

  • A. An overview of the security policy and suggestions for the next response plan
  • B. Estimates of how much the attack cost the company, and a list of the applications used by the attacker
  • C. The time and date of the attack, and the names of employees who were contacted during the response
  • D. The network resources involved in the attack, and recommendations for thwarting future attacks


Answer : C

Which of the following errors most commonly occurs when responding to a security breach?

  • A. Shutting down network access using the firewall, rather than the network router
  • B. Adhering to the company policy rather than determining actions based on the IT manager's input
  • C. Making snap judgments based on emotions, as opposed to company policy
  • D. Taking too much time to document the attack


Answer : C

You have implemented a service on a Linux system that allows a user to read and edit resources. What is the function of this service?

  • A. Authentication
  • B. Data integrity
  • C. Access control
  • D. Intrusion detection


Answer : C

Which of the following can help you authoritatively trace a network flooding attack?

  • A. Your ISP
  • B. Firewall logs
  • C. Router logs
  • D. Ping


Answer : A

You want to create a certificate for use in a Secure Sockets Layer (SSL) session. Which of the following is responsible for verifying the identity of an individual and also issuing the certificate?

  • A. Kerberos server
  • B. Certificate authority
  • C. Certificate revocation entity
  • D. Certificate repository


Answer : B

Which of the following describes the practice of stateful multi-layer inspection?

  • A. Using a VLAN on a firewall to enable masquerading of private IP addresses
  • B. Prioritizing voice and video data to reduce congestion
  • C. Inspecting packets in all layers of the OSI/RM with a packet filter
  • D. Using Quality of Service (QoS) on a proxy-oriented firewall


Answer : C

Which choice lists typical firewall functions?

  • A. Creating a VLAN and configuring the intrusion-detection system
  • B. Issuing alerts and limiting host access
  • C. Logging traffic and creating a choke point
  • D. Implementing the security policy and scanning the internal network


Answer : C

Which algorithm can use a 128-bit key, and has been adopted as a standard by various governments and corporations?

  • A. MARS
  • B. RC2
  • C. Advanced Encryption Standard (AES)
  • D. International Data Encryption Algorithm (IDEA)


Answer : C

Consider the following image:
From the information in this image, what type of attack is occurring?

  • A. A man-in-the-middle attack
  • B. A brute-force attack
  • C. A connection-hijacking attackC.A connection-hijacking attack
  • D. A spoofing attackD.A spoofing attack


Answer : B

A new video conferencing device has been installed on the network. You have been assigned to troubleshoot a connectivity problem between remote workers and the central company. Specifically, remote workers are having problems making any connection at all.
Which technique will most likely help you solve this problem while retaining the existing level of security at the firewall?

  • A. Deny all use of UDP above Port 1024.
  • B. Configure the firewall to provide VPN access.
  • C. Configure a second network connection directly to the video conferencing device.
  • D. Allow all use of UDP below Port 1024.


Answer : B

You are creating an information security policy for your company. Which of the following activities will help you focus on creating policies for the most important resources?

  • A. Auditing the firewall
  • B. Implementing non-repudiation
  • C. Logging users
  • D. Classifying systems


Answer : D

Which of the following is the primary weakness of symmetric-key encryption?

  • A. Data encrypted using symmetric-key encryption is subject to corruption during transport.
  • B. Symmetric-key encryption operates slower than asymmetric-key encryption.
  • C. Symmetric-key encryption does not provide the service of data confidentiality.
  • D. Keys created using symmetric-key encryption are difficult to distribute securely.


Answer : D

Which of the following is a common problem, yet commonly overlooked, in regards to physical security in server rooms?

  • A. Firewalls that do not have a dedicated backup
  • B. False ceilings
  • C. Logic bombs
  • D. Biometric malfunctions


Answer : B

Which tool is best suited for identifying applications and code on a Web server that can lead to a SQL injection attack?

  • A. A vulnerability scanner
  • B. A packet sniffer
  • C. An intrusion-detection system
  • D. A network switch


Answer : A

Page:    1 / 5   
Exam contains 62 questions

Talk to us!


Have any questions or issues ? Please dont hesitate to contact us