Black Friday Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

How to Easily Pass the CIW 1D0-571 Exam: Expert Advice

Questions 1

Consider the following series of commands from a Linux system: iptables -A input -p icmp -s 0/0 -d 0/0 -j REJECT Which explanation best describes the impact of the resulting firewall ruleset?

Options:

A.

Individuals on remote networks will no longer be able to use SSH to control internal network resources.

B.

Internal hosts will not be able to ping each other using ICMP.

C.

Stateful multi-layer inspection has been enabled.

D.

Individuals on remote networks will not be able to use ping to troubleshoot connections.

Buy Now
Questions 2

What is the primary drawback of using symmetric-key encryption?

Options:

A.

Key transport across a network

B.

Speed of encryption

C.

Denial-of-service attacks

D.

Inability to support convergence traffic

Buy Now
Questions 3

A CGI application on the company's Web server has a bug written into it. This particular bug allows the application to write data into an area of memory that has not been properly allocated to the application. An attacker has created an application that takes advantage of this bug to obtain credit card information. Which of the following security threats is the attacker exploiting, and what can be done to solve the problem?

Options:

A.

- Buffer overflow

- Work with the Web developer to solve the problem

B.

- SQL injection

- Work with a database administrator to solve the problem

C.

- Denial of service

- Contact the organization that wrote the code for the Web server

D.

- Man-in-the-middle attack

- Contact the company auditor

Buy Now
Questions 4

Which of the following is the most likely first step to enable a server to recover from a denial-of-service attack in which all hard disk data is lost?

Options:

A.

Enable virtualization

B.

Contact the backup service

C.

Contact a disk recovery service

D.

Rebuild your RAID 0 array

Buy Now
Questions 5

Which of the following activities is the most effective at keeping the actions of nae end users from putting the company's physical and logicalWhich of the following activities is the most effective at keeping the actions of na?e end users from putting the company's physical and logical resources at risk?

Options:

A.

Configuring network intrusion-detection software to monitor end user activity

B.

Conducting a training session at the time of hire

C.

Reconfiguring the network firewall

D.

Assembling a team of security professionals to monitor the network

Buy Now
Questions 6

Which of the following is most likely to address a problem with an operating system's ability to withstand an attack that attempts to exploit a buffer overflow?

Options:

A.

Firewall

B.

Software update

C.

Intrusion detection system

D.

Network scanner

Buy Now
Questions 7

Jason is attempting to gain unauthorized access to a corporate server by running a program that enters passwords from a long list of possible passwords. Which type of attack is this?

Options:

A.

Brute force

B.

Denial of service

C.

Botnet

D.

Buffer overflow

Buy Now
Questions 8

What is the primary strength of symmetric-key encryption?

Options:

A.

It allows easy and secure exchange of the secret key.

B.

It creates a ash?of a text, enabling data integrity.It creates a ?ash?of a text, enabling data integrity.

C.

It can encrypt large amounts of data very quickly.

D.

It provides non-repudiation services more efficiently than asymmetric-key encryption.

Buy Now
Questions 9

Which of the following is most likely to pose a security threat to a Web server?

Options:

A.

CGI scripts

B.

Database connections

C.

Flash or Silverlight animation files

D.

LDAP servers

Buy Now
Questions 10

Which of the following is a typical target of a trojan on a Linux system?

Options:

A.

Kernel modules

B.

Shared libraries

C.

Boot sector files

D.

System32 DLL files

Buy Now