1D0-671試験無料問題集（126題）「CIW Web Security Associate 認定」

出題：1

Which of the following is a common problem, yet commonly overlooked, in regards to physical security in server rooms?

A. Logic bombs

B. False ceilings

C. Biometric malfunctions

D. Firewalls that do not have a dedicated backup

正解：B 解答を投票する

出題：2

Which security management concept is the ability for a department to accurately determine the costs of using various networking security services?

A. Performance management

B. Chargeback

C. Capacity forecasting

D. Amortization

正解：B 解答を投票する

出題：3

Which of the following applications can help determine whether a denial-ofservice attack is occurring against a network host?

A. The netstat command and a packet sniffer

B. The iptables command and Windows desktop firewall

C. The ping command and User Manager

D. The ps command and a network scanner

正解：A 解答を投票する

出題：4

Danielle was informed by her network administrator that an audit may be conducted during the night to determine the hosts that exist on the network and document any open ports. The next day, Danielle was unable to access any network services.
What may have occurred instead of the anticipated audit?

A. A brute-force attack

B. A zero-day attack

C. A social engineering attack

D. A scanning attack

正解：D 解答を投票する

出題：5

The best way to thwart a dictionary attack is by enforcing a:

A. restricted access policy.

B. proxy server policy.

C. strong password policy.

D. firewall configuration policy.

正解：C 解答を投票する

出題：6

Which term describes a dedicated system meant only to house firewall software?

A. Proxy server

B. Virtual Private Network (VPN)

C. Firewall appliance

D. Kernel firewall

正解：C 解答を投票する

出題：7

In relation to security, which of the following is the primary benefit of classifying systems?

A. Collection of information for properly configuring the firewall

B. Ability to recover quickly from a natural or man-made disaster

C. Ability to identify common attacks

D. Identification of highest-priority systems to protect

正解：D 解答を投票する

出題：8

What is the first tool needed to create a secure networking environment?

A. Auditing

B. User authentication

C. Confidentiality

D. Security policy

正解：D 解答を投票する

出題：9

Irina has contracted with a company to provide Web design consulting services. The company has asked her to use several large files available via an HTTP server.
The IT department has provided Irina with user name and password, as well as the DNS name of the HTTP server. She then used this information to obtain the files she needs to complete her task using Mozilla Firefox.
Which of the following is a primary risk factor when authenticating with a standard HTTP server?

A. HTTP uses cleartext transmission during authentication, which can lead to a man-in-the- middle attack.

B. Irina has accessed the Web server using a non-standard Web browser.

C. Irina has used the wrong application for this protocol, thus increasing the likelihood of a man-in- the- middle attack.

D. A standard HTTP connection uses public-key encryption that is not sufficiently strong, inviting the possibility of a man-in-the-middle attack.

正解：A 解答を投票する

出題：10

What would be the result if you were the recipient of a SYN flood or malformed packet?

A. You would be misdirected to a fraudulent Web site without your knowledge or consent.

B. The files on your boot sector would be replaced with infected code.

C. You would be unable to access a legitimate service, such as establishing a network connection.

D. A virus would be unleashed on your system at the time the SYN flood or malformed packet was received.

正解：C 解答を投票する

1D0-671試験無料問題集「CIW Web Security Associate 認定」