CIW CIW Certification 1D0-571 Questions & Answers

• Question 1:

  At what layer of the OSI/RM does a packet filter operate?

  A. Layer 1

  B. Layer 3

  C. Layer 5

  D. Layer 7

  Correct Answer: B

• Question 2:

  Which of the following is most likely to address a problem with an operating system's ability to withstand an attack that attempts to exploit a buffer overflow?

  A. Firewall

  B. Software update

  C. Intrusion detection system

  D. Network scanner

  Correct Answer: B

• Question 3:

  Consider the following diagram:

  

  Which of the following best describes the protocol activity shown in the diagram, along with the most likely potential threat that accompanies this protocol?

  A. The ICMP Time Exceeded message, with the threat of a denial-of-service attack

  B. The SIP three-way handshake, with the threat of a buffer overflow

  C. The TCP three-way handshake, with the threat of a man-in-the-middle attack

  D. The DNS name query, with the threat of cache poisoning

  Correct Answer: C

• Question 4:

  Consider the following image of a packet capture:

  

  

  Which of the following best describes the protocol used, along with its primary benefit?

  A. It is a passive FTP session, which is easier for firewalls to process.

  B. It is an active FTP session, which is necessary in order to support IPv6.

  C. It is an extended passive FTP session, which is necessary to support IPv6.

  D. It is an active FTP session, which is supported by all FTP clients.

  Correct Answer: A

• Question 5:

  You have been assigned to provide security measures for your office's reception area. Although the company needs to provide security measures, costs must be kept to a minimum. Which of the following tools is the most appropriate choice?

  A. Firewall

  B. Intrusion-detection system

  C. Camera

  D. Security guard

  Correct Answer: C

• Question 6:

  What is the primary strength of symmetric-key encryption?

  A. It allows easy and secure exchange of the secret key.

  B. It creates aash?of a text, enabling data integrity.It creates a ?ash?of a text, enabling data integrity.

  C. It can encrypt large amounts of data very quickly.

  D. It provides non-repudiation services more efficiently than asymmetric-key encryption.

  Correct Answer: C

• Question 7:

  Which of the following is a primary weakness of asymmetric-key encryption?

  A. It is slow because it requires extensive calculations by the computer. B. It can lead to the corruption of encrypted data during network transfer.

  B. It is reliant on the Secure Sockets Layer (SSL) standard, which has been compromised.

  C. It is difficult to transfer any portion of an asymmetric key securely.

  Correct Answer: A

• Question 8:

  Consider the following diagram involving two firewall-protected networks: Which of the following is necessary for each of the firewalls to allow private IP addresses to be passed on to the Internet?

  

  A. Chargeback

  B. Stateful multi-layer inspection

  C. Masquerading

  D. DMZ creation

  Correct Answer: C

• Question 9:

  Consider the following diagram:

  

  Which type of attack is occurring?

  A. Polymorphic virus-based attack

  B. Denial-of-service attack

  C. Distributed denial-of-service attack

  D. Man-in-the-middle attack using a packet sniffer

  Correct Answer: C

• Question 10:

  Jason is attempting to gain unauthorized access to a corporate server by running a program that enters passwords from a long list of possible passwords. Which type of attack is this?

  A. Brute force

  B. Denial of service

  C. Botnet

  D. Buffer overflow

  Correct Answer: A