최신 1D0-671 무료덤프 - CIW Web Security Associate

문제1

A security breach has occurred in which a third party was able to obtain and misuse legitimate authentication information. After investigation, you determined that the specific cause for the breach was that end users have been placing their passwords underneath their keyboards.
Which step will best help you resolve this problem?

A. Change all passwords on the company servers immediately and inform end users that their passwords will be changing on a regular basis.

B. Discipline specific end users as object lessons to the rest of the staff and reset passwords on all systems immediately.

C. Set passwords to expire at specific intervals and establish mandatory continual training sessions.

D. Inform end users that their passwords will be changing on a regular basis and require more complex passwords.

정답: C

문제2

Which attribute of a security matrix considers the number of employees necessary to successfully implement and maintain your system?

A. Appropriate cost of ownership

B. Access control

C. Ease of use

D. Flexibility and scalability

정답: A

문제3

Which symmetric algorithm created by the RSA Security Corporation is a stream cipher that encrypts messages as a whole, in real time?

A. RC5

B. RC4

C. RC6

D. RC2

정답: B

문제4

Which protocol uses cleartext communication by default?

A. IPSEC

B. HTTP

C. POP3

D. SSL

정답: B

문제5

The vast majority of hackers are which type of attacker?

A. Disgruntled employee

B. Casual attacker

C. Spy

D. Determined attacker

정답: B

문제6

A flaw is discovered in an application. Before a patch is available, this vulnerability is used to gain access to sensitive data.
What type of attack is being described?

A. Social engineering

B. Zero day

C. Zero day

D. Dictionary

정답: C

문제7

An application is creating hashes of each file on an attached storage device.
Which of the following will typically occur during this process?

A. An increase in the amount of time it takes for the system to respond to requests

B. Reduced risk of an attack

C. Increased risk of an attack

D. A reduction in the amount of time it takes for the system to respond to requests

정답: A

문제8

A disgruntled employee has discovered that the company Web server is not protected against particular buffer overflow vulnerability.
The disgruntled employee has created an application to take advantage of this vulnerability and secretly obtain sensitive data from the Web server's hard disk. This application sends a set of packets to the Web server that causes it to present an unauthenticated terminal with root privileges.
What is the name for this particular type of attack?

A. Trojan

B. Man-in-the-middle attack

C. Zero-day attack

D. Denial of service

정답: C

문제9

Which technique can help to protect an FTP server?

A. Use separate FTP user accounts from those used to access the Web.

B. Place downloads on the same partition as the FTP server binaries.

C. Install the operating system on the same partition as the FTP server.

D. When setting IP-based blocking rules for the FTP server, move the FTP files to C:\ftpfiles for maximum security.

정답: A

문제10

Which of the following can effectively thwart VLAN hopping?

A. Ensuring that each trunk port retains its default VLAN setting (VLAN1)

B. Enabling multiple firewalls on your broadcast domain

C. Enabling your network's autotrunking capability

D. Removing the default VLAN setting (VLAN1) from any trunk port

정답: D

최신 1D0-671 무료덤프 - CIW Web Security Associate

우리와 연락하기

유용한 링크

최신 업데이트