Weekend Special 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sale65best

Free CIW 1D0-571 Practice Exam with Questions & Answers

Questions 1

Consider the following series of commands from a Linux system: iptables -A input -p icmp -s 0/0 -d 0/0 -j REJECT Which explanation best describes the impact of the resulting firewall ruleset?

Options:
A.

Individuals on remote networks will no longer be able to use SSH to control internal network resources.

B.

Internal hosts will not be able to ping each other using ICMP.

C.

Stateful multi-layer inspection has been enabled.

D.

Individuals on remote networks will not be able to use ping to troubleshoot connections.

CIW 1D0-571 Premium Access
Questions 2

What is the primary drawback of using symmetric-key encryption?

Options:
A.

Key transport across a network

B.

Speed of encryption

C.

Denial-of-service attacks

D.

Inability to support convergence traffic

Questions 3

A CGI application on the company's Web server has a bug written into it. This particular bug allows the application to write data into an area of memory that has not been properly allocated to the application. An attacker has created an application that takes advantage of this bug to obtain credit card information. Which of the following security threats is the attacker exploiting, and what can be done to solve the problem?

Options:
A.

- Buffer overflow

- Work with the Web developer to solve the problem

B.

- SQL injection

- Work with a database administrator to solve the problem

C.

- Denial of service

- Contact the organization that wrote the code for the Web server

D.

- Man-in-the-middle attack

- Contact the company auditor

Questions 4

Which of the following is the most likely first step to enable a server to recover from a denial-of-service attack in which all hard disk data is lost?

Options:
A.

Enable virtualization

B.

Contact the backup service

C.

Contact a disk recovery service

D.

Rebuild your RAID 0 array

Questions 5

Which of the following activities is the most effective at keeping the actions of nae end users from putting the company's physical and logicalWhich of the following activities is the most effective at keeping the actions of na?e end users from putting the company's physical and logical resources at risk?

Options:
A.

Configuring network intrusion-detection software to monitor end user activity

B.

Conducting a training session at the time of hire

C.

Reconfiguring the network firewall

D.

Assembling a team of security professionals to monitor the network

Questions 6

Which of the following is most likely to address a problem with an operating system's ability to withstand an attack that attempts to exploit a buffer overflow?

Options:
A.

Firewall

B.

Software update

C.

Intrusion detection system

D.

Network scanner

Questions 7

Jason is attempting to gain unauthorized access to a corporate server by running a program that enters passwords from a long list of possible passwords. Which type of attack is this?

Options:
A.

Brute force

B.

Denial of service

C.

Botnet

D.

Buffer overflow

Questions 8

What is the primary strength of symmetric-key encryption?

Options:
A.

It allows easy and secure exchange of the secret key.

B.

It creates a ash?of a text, enabling data integrity.It creates a ?ash?of a text, enabling data integrity.

C.

It can encrypt large amounts of data very quickly.

D.

It provides non-repudiation services more efficiently than asymmetric-key encryption.

Questions 9

Which of the following is most likely to pose a security threat to a Web server?

Options:
A.

CGI scripts

B.

Database connections

C.

Flash or Silverlight animation files

D.

LDAP servers

Questions 10

Which of the following is a typical target of a trojan on a Linux system?

Options:
A.

Kernel modules

B.

Shared libraries

C.

Boot sector files

D.

System32 DLL files