1D0-671試験無料問題集（126題）「CIW Web Security Associate 認定」

出題：1

Which symmetric algorithm created by the RSA Security Corporation is a stream cipher that encrypts messages as a whole, in real time?

A. RC2

B. RC4

C. RC6

D. RC5

正解：B 解答を投票する

出題：2

Consider the following diagram:
Which of the following best describes the protocol activity shown in the diagram, along with the most likely potential threat that accompanies this protocol?

A. The ICMP Time Exceeded message, with the threat of a denial-of-service attack

B. The TCP three-way handshake, with the threat of a man-in-the-middle attack

C. The DNS name query, with the threat of cache poisoning

D. The SIP three-way handshake, with the threat of a buffer overflow

正解：B 解答を投票する

出題：3

Which tool is best suited for identifying applications and code on a Web server that can lead to a SQL injection attack?

A. A packet sniffer

B. A network switch

C. A vulnerability scanner

D. An intrusion-detection system

正解：C 解答を投票する

出題：4

Which of the following can help you authoritatively trace a network flooding attack?

A. Your ISP

B. Firewall logs

C. Router logs

D. Ping

正解：A 解答を投票する

出題：5

The best way to thwart a dictionary attack is by enforcing a:

A. restricted access policy.

B. proxy server policy.

C. strong password policy.

D. firewall configuration policy.

正解：C 解答を投票する

出題：6

Which of the following commands would you use to create a simple personal firewall that blocks all incoming ICMP traffic?

A. iptables -A INPUT -p icmp -s 10.100.100.0/24 -d 0/0 -j DROP

B. iptables -A INPUT -p icmp -s 10.100.100.0/255.255.255 -d 0/0 -j KILL

C. iptables - INPUT -p icmp -s 0/0 -d 0/0 -j KILL

D. iptables -A INPUT -p icmp -s 0/0 -d 0/0 -j DROP

正解：D 解答を投票する

出題：7

Which of the following standards is used for digital certificates?

A. DES

B. X.509

C. Diffie-Hellman

D. RC5

正解：B 解答を投票する

出題：8

What would be the result if you were the recipient of a SYN flood or malformed packet?

A. You would be misdirected to a fraudulent Web site without your knowledge or consent.

B. The files on your boot sector would be replaced with infected code.

C. You would be unable to access a legitimate service, such as establishing a network connection.

D. A virus would be unleashed on your system at the time the SYN flood or malformed packet was received.

正解：C 解答を投票する

出題：9

In relation to security, which of the following is the primary benefit of classifying systems?

A. Collection of information for properly configuring the firewall

B. Ability to recover quickly from a natural or man-made disaster

C. Ability to identify common attacks

D. Identification of highest-priority systems to protect

正解：D 解答を投票する

出題：10

Why can instant messaging (IM) and peer-to-peer (P2P) applications be considered a threat to network security?

A. Because they usually lie outside the broadcast domain

B. Because they use ports below 1023 and many firewalls are not configured to block this traffic

C. Because they use ports above 1023 and many firewalls are not configured to block this traffic

D. Because they are susceptible to VLAN hopping

正解：C 解答を投票する

1D0-671試験無料問題集「CIW Web Security Associate 認定」