最新的思科 微软 IBM Oracle HP 题库免费共享 又一个 WordPress 博客

  • EX0-107题库demo免费下载

    Filed under EXIN,Inc
    Sep 23

    EXIN,Inc认证EX0-107考试题库介绍

    考试代号: EX0-107
    问题数量:233 Q&As

    更新时间: 2009-09-23
    注册地点: Prometric/Pearson VUE
    题库全称:SCNP Strategic Infrastructure Security

    免费EX0-107题库Demo赏析

     
     
    Exam : Exin EX0-107
    Title : SCNP Strategic Infrastructure Security

    1. Recently, you have seen an increase in intrusion attempts and in network traffic. You decide to use Snort to run a packet capture and analyze the traffic that is present. Looking at the example, what type of traffic did Snort capture in this log file?
    A. Windows 2000 Ping Request
    B. Windows NT 4.0 Ping Request
    C. Linux Ping Request
    D. Linux Ping Response
    E. Windows NT 4.0 Ping Response
    Answer: B

    2. You are aware of the significance and security risk that Social Engineering plays on your company. Of the following Scenarios, select those that, just as described, represent potentially dangerous Social Engineering:
    A. A writer from a local college newspapers calls and speaks to a network administrator. On the call the writer requests an interview about the current trends in technology and offers to invite the administrator to speak at a seminar.
    B. An anonymous caller calls and wishes to speak with the receptionist. On the call the caller asks the receptionist the normal business hours that the organization is open to the public.
    C. An anonymous caller calls and wishes to speak with the purchaser of IT hardware and software. On the call the caller lists several new products that the purchaser may be interested in evaluating. The caller asks for a time to come and visit to demonstrate the new products.
    D. An email, sent by the Vice President of Sales and Marketing, is received by the Help Desk asking to reset the password of the VP of Sales and Marketing.
    E. An email is received by the Chief Security Officer (CSO) about a possible upgrade coming from the ISP to a different brand of router. The CSO is asked for the current network’s configuration data and the emailer discusses the method, plan, and expected dates for the rollover to the new equipment.
    Answer: DE

    3. Recently, you have seen an increase in intrusion attempts and in network traffic. You decide to use Snort to run a packet capture and analyze the traffic that is present. Looking at the example, what type of traffic did Snort capture in this log file?
    A. NetBus Scan
    B. Trojan Scan
    C. Ping Sweep
    D. Port Scan
    E. Ping Sweep
    Answer: D

    4. You have just downloaded a new file, called scnpfile.tar.gz. You are going to verify the file prior to un-archiving the file. Which command do you need to type to un-compress the file, prior to un-archiving?
    A. tar xvf scnpfile.tar.gz
    B. tar -zxvf scnpfile.tar.gz
    C. gunzip scnpfile.tar.gz
    D. gunzip -xvf scnpfile.tar.gz
    E. gunzip -zxvf scnpfile.tar.gz
    Answer: C

    5. During the review of the security logs you notice some unusual traffic. It seems that a user has connected to your Web site ten times in the last week, and each time has visited every single page on the site. You are concerned this may be leading up to some sort of attack. What is this user most likely getting ready to do?
    A. Mirror the entire web site.
    B. Download entire DNS entries.
    C. Scan all ports on a web server.
    D. Perform a Distributed Denial of Service attack through the Web server.
    E. Allow users to log on to the Internet without an ISP.
    Answer: A

    6. You have just become the senior security professional in your office. After you have taken a complete inventory of the network and resources, you begin to work on planning for a successful security implementation in the network. You are aware of the many tools provided for securing Windows 2003 machines in your network. What is the function of Secedit.exe?
    A. This tool is used to set the NTFS security permissions on objects in the domain.
    B. This tool is used to create an initial security database for the domain.
    C. This tool is used to analyze a large number of computers in a domain-based infrastructure.
    D. This tool provides an analysis of the local system NTFS security.
    E. This tool provides a single point of management where security options can be applied to a local computer or can be imported to a GPO.
    Answer: C

    7. What is a problem with symmetric key cryptography?
    A. It is slower than asymmetric key cryptography
    B. Secure distribution of the public key
    C. There is a lack of encryption protocols that can use symmetric key cryptography
    D. Secure distribution of a secret key
    E. Symmetric key cryptography is reserved for the NSA
    Answer: D

    8. If you encrypt or decrypt files and folders located on a remote computer that has been enabled for remote encryption; the data that is transmitted over the network by this process is not encrypted. In order to keep data encrypted as it is transmitted over the network, which of the following must you do?
    A. You must implement EFS.
    B. You must implement B2 security for Windows.
    C. You must use IPSec.
    D. You must use a recovery agent.
    E. You must transmit the entire folder, not individual files.
    Answer: C

    9. You have become the lead security professional for a mid-sized organization. You are currently studying DNS issues, and configuration options. You come across the concepts of DNS Spoofing, and investigate more. What is DNS Spoofing?
    A. DNS Spoofing is when the DNS client submits a false DNS request to the DNS server, and the DNS server responds with correct data.
    B. DNS Spoofing is the DNS client submits a DNS request to the DNS server using a bogus IP address, and the DNS server responds to the incorrect host.
    C. DNS Spoofing is when a DNS Server responds to an unauthorized DNS client, providing that client with name resolution.
    D. DNS Spoofing is when a DNS client is forced to make a DNS query to an imposter DNS server, which send the client to an imposter resource.
    E. DNS spoofing is when a DNS server provides name resolution to clients that are located in a different IP subnet than the server itself.
    Answer: D

    10. In the process of public key cryptography, which of the following is true?
    A. Only the public key is used to encrypt and decrypt
    B. Only the private key can encrypt and only the public key can decrypt
    C. Only the public key can encrypt and only the private key can decrypt
    D. The private key is used to encrypt and decrypt
    E. If the public key encrypts, then only the private key can decrypt
    Answer: E

    11. As per the guidelines in the ISO Security Policy standard, what is the purpose of the section on Physical and Environmental Security?
    A. The objectives of this section are to avoid breaches of any criminal or civil law, statutory, regulatory or contractual obligations and of any security requirements, and to ensure compliance of systems with organizational security policies and standards.
    B. The objectives of this section are to prevent unauthorized access, damage and interference to business premises and information; to prevent loss, damage or compromise of assets and interruption to business activities; to prevent compromise or theft of information and information processing facilities.
    C. The objectives of this section are to provide management direction and support for information security.
    D. The objectives of this section are to maintain appropriate protection of corporate assets and to ensure that information assets receive an appropriate level of protection.
    E. The objectives of this section are to control access to information, to prevent unauthorized access to information systems, to ensure the protection of networked services, and to prevent unauthorized computer access.
    Answer: B

    12. What is the name of the informational page that is relevant to a particular command in Linux?
    A. Readme Page
    B. Lnx_nfo Page
    C. Man Page
    D. X_Win Page
    E. Cmd_Doc Page
    Answer: C

    13. You are working on the authentication systems in your network, and are concerned with your legacy systems. In Windows NT 4.0, before Service Pack 4 (SP4), there were only two supported methods of authentication. What were those two methods?
    A. NetBIOS
    B. LM
    C. NTLM
    D. NTLMv2
    E. Kerberos
    Answer: BC

    14. Attackers have the ability to use programs that are able to reveal local passwords by placing some kind of a pointer/cursor over the asterisks in a program’s password field. The reason that such tools can uncover passwords in some Operating Systems is because:
    A. the passwords are simply masked with asterisks
    B. the etc/passwd file is on a FAT32 partition
    C. the passwords are decrypted on screen
    D. the password text is stored in ASCII format
    E. the etc/passwd file is on a FAT16 partition
    Answer: A

    15. During a one week investigation into the security of your network you work on identifying the information that is leaked to the Internet, either directly or indirectly. One thing you decide to evaluate is the information stored in the Whois lookup of your organizational website. Of the following, what pieces of information can be identified via this method?
    A. Registrar
    B. Mailing Address
    C. Contact Name
    D. Record Update
    E. Network Addresses (Private)
    Answer: ABCD

    16. You are configuring the lines that control access to exported objects on your server running NFS. If you have a directory called /Tech and you wish to export this directory to network 192.168.20.0/24, allowing root access, and the permissions of read and write, which of the following lines will accomplish this?
    A. (RW) no_root_squash /Tech 192.168.20.0/24
    B. /Tech 192.168.20.0/24 (rw) no_root_squash
    C. (RW) no_root_squash 192.168.20.0/24 /Tech
    D. (RW)no_root_squash:/Tech 192.168.20.0/24
    E. /Tech 192.168.20.0/24(rw) no_root_squash
    Answer: E

    17. What type of cipher is used by an algorithm that encrypts data one bit at a time?
    A. 64-bit encryption Cipher
    B. Block Cipher
    C. Stream Cipher
    D. Diffuse Cipher
    E. Split Cipher
    Answer: C

    18. To increase the security of your network and systems, it has been decided that EFS will be implemented in the appropriate situations. Two users are working on a common file, and often email this file back and forth between each other. Is this a situation where the use of EFS will create effective security, and why (or why not)?
    A. No, the security will remain the same since both users will share the same key for encryption.
    B. Yes, since the file will be using two keys for encryption the security will increase.
    C. No, the security will remain the same since both users will share the same key for decryption.
    D. Yes, since the file will be using two keys for decryption the security will increase.
    E. No, EFS cannot be used for files that are shared between users.
    Answer: E

    19. To maintain the security of your network you routinely run several checks of the network and computers. Often you use the built-in tools, such as netstat. If you run the following command: netstat -e
    which of the following will be the result?
    A. Displays all connections and listening ports
    B. Displays Ethernet statistics
    C. Displays addresses and port numbers in numerical form
    D. Shows connections for the protocol specified
    E. Displays per-protocol statistics
    Answer: B

    20. In order for your newly written security policy to have any weight, it must be implemented. Which of the following are the three components of a successful Security Policy Implementation in an organization?
    A. Policy Monitoring
    B. Policy Design
    C. Policy Committee
    D. Policy Enforcement
    E. Policy Documentation
    Answer: ABD

    免费下载EX0-107题库Demo

    Examsoon提供最新的EXIN Inc Certification认证 EX0-107题库,其全名为:(SCNP Strategic Infrastructure Security). 在您决定是否购买之前 可以先下载EX0-107题库的部分演示. Examsoon是全球唯一提供所有IT认证考试题库demo免费下载的厂商 ,以下为免费EX0-107模拟测试题的下载链接

    免费的EX0-107题库PDF下载链接

    EXIN,Inc EX0-107学习指南

    EXIN Inc Certification认证 EX0-107考试已经证明了它在全世界的广泛性和重要性,因此明白这项认证考试的世界各地的人必须具备与认证考试相关领域所需的技能和知识。EXIN,Inc认证 EX0-107学习指南的目的是检查考生的能力和他对概念的意识。很多时候练习测试EX0-107考试都已经被修改过了,删掉了许多过时的东西,而那些需求是在考试课程。当应用到时候你所学的知识的时候,就会鉴定出你所学到的东西以及对所学知识的应用是多么的恰到好处。EXIN,Inc认证 EX0-107是在IT行业的知名品牌,所以如果您通过了这样一个知名公司举行的一次考试,你可以想象你将来的事业会做的多么好。

    想要通过这个考试当然存在很多困难。你所要做的就是准备好充足的勇气和信心,而这些都来源与你平时训练的好坏.建议大家可以去Examsoon这个网站看一下,它的EX0-107考试是为了测试您在这方面的知识的掌握程度,最好的部分是它可以使你不断更新你所学的知识,不断进步。如果你知道所有的概念和如何使用他们的时候才是你真正掌握了Examsoon的用意。这门考试检查了您的能力和一旦你通过这次考验你将成为最优秀的人才,其他EX0-107考试的Examsoon结算值得注意的影响就是你的薪水将直线上升这大概也是每个人都希望获得的,所以要找一些好的资源才行。

    Examsoon考题大师EX0-107试题都是考试原题的完美组合,覆盖率95%以上,答案由多位专业资深讲师原版破解得出,正确率100%,只要您使用Examsoon的考试题库参加EX0-107考试,保证您一次轻松通过考试;

    售后服务第一!我们相信要想在当今时代取得成功,必须为广大用户提供全套的周到细致的全程优质售后服务,只有客户满意了,才能发展。客户至上是Examsoon考题大师的一贯宗旨;

    No Comments

Leave a Reply

You must be logged in to post a comment.

 
Powered by Testinside考题大师
IT认证题库专家 || IT认证考试资源网

友情链接 | Examsoon IT 认证考试网 思科认证资源网 思科微軟考古題 IT證照模擬試題 考古題考試模擬軟件 70-649 70-643 70-646 640-802 640-863 e20-340 HP0-085 HP0-A25