Regenerate 1D0-571 pdf exam Guide

Act now and download your CIW 1D0-571 test today! Do not waste time for the worthless CIW 1D0-571 tutorials. Download Most up-to-date CIW CIW v5 Security Essentials exam with real questions and answers and begin to learn CIW 1D0-571 with a classic professional.

Q21. You have discovered that the ls, su and ps commands no longer function as expected. They do not return information in a manner similar to any other Linux system. Also, the implementation of Tripwire you have installed on this server is returning new hash values. Which of the following has most likely occurred?

A. Atrojan has attacked the system.

B. A SQL injection attack has occurred.

C. A spyware application has been installed.

D. A root kit has been installed on the system.

Answer: D

Q22. You have implemented a version of the Kerberos protocol for your network. What service does Kerberos primarily offer?

A. Authentication

B. Encryption

C. Non-repudiation

D. Data integrity

Answer: A

Q23. Which tool is best suited for identifying applications and code on a Web server that can lead to a SQL injection attack?

A. A vulnerability scanner

B. A packet sniffer

C. An intrusion-detection system

D. A network switch

Answer: A

Q24. At the beginning of an IPsec session, which activity occurs during the Internet Key Exchange (IKE)?

A. Determining the number of security associations

B. Negotiating the authentication method

C. Determining the network identification number

D. Negotiating the version of IP to be used

Answer: B

Q25. Which of the following is most likely to address a problem with an operating system's ability to withstand an attack that attempts to exploit a buffer overflow?

A. Firewall

B. Software update

C. Intrusion detection system

D. Network scanner

Answer: B

Q26. A new video conferencing device has been installed on the network. You have been assigned to troubleshoot a connectivity problem between remote workers and the central company. Specifically, remote workers are having problems making any connection at all. Which technique will most likely help you solve this problem while retaining the existing level of security at the firewall?

A. Deny all use of UDP above Port 1024.

B. Configure the firewall to provide VPN access.

C. Configure a second network connection directly to the video conferencing device.

D. Allow all use of UDP below Port 1024.

Answer: B

Q27. The best way to thwart a dictionary attack is by enforcing a:

A. strong password policy.

B. restricted access policy.

C. firewall configuration policy.

D. proxy server policy.

Answer: A

Q28. Consider the following image:

From the information in this image, what type of attack is occurring?

A. A man-in-the-middle attack

B. A brute-force attack

C. A connection-hijackingattackC.A connection-hijacking attack

D. A spoofingattackD.A spoofing attack

Answer: B

Q29. Your organization has made a particularly unpopular policy decision. Your supervisor fears that a series of attacks may occur as a result. You have been assigned to increase automated auditing on a server. When fulfilling this request, which of the following resources should you audit the most aggressively?

A. Authentication databases, including directory servers

B. Intrusion detection systems, especially those placed on sensitive networks

C. Log files on firewall systems

D. Firewall settings for desktop systems

Answer: A

Q30. You want to create a quick solution that allows you to obtain real-time login information for the administrative account on an LDAP server that you feel may become a target. Which of the following will accomplish this goal?

A. Reinstall the LDAP service on the server so that it is updated and more secure.

B. Install an application that creates checksums of the contents on the hard disk.

C. Create a login script for the administrative account that records logins to a separate server.

D. Create a dummy administrator account on the system so that a potential hacker is distracted from the real login account.

Answer: C