You purchased a network scanner six months ago. In spite of regularly conducting scans using this software, you have noticed that attackers have been able to compromise your servers over the last month. Which of the following is the most likely explanation for this problem?
A. The network scanner needs to be replaced.
B. The network scanner is no substitute for scans conducted by an individual.
C. The network scanner has atrojan.
D. The network scanner needs an update.
Which of the following organizations provides regular updates concerning security breaches and issues?
A. IETF
B. ISO
C. ICANN
D. CERT
You have been asked to encrypt a large file using a secure encryption algorithm so you can send it via email to your supervisor. Encryption speed is important. The key will not be transmitted across a network. Which form of encryption should you use?
A. Asymmetric
B. PGP
C. Hash
D. Symmetric
You have discovered that the ls, su and ps commands no longer function as expected. They do not return information in a manner similar to any other Linux system. Also, the implementation of Tripwire you have installed on this server is returning new hash values. Which of the following has most likely occurred?
A. Atrojan has attacked the system.
B. A SQL injection attack has occurred.
C. A spyware application has been installed. D. A root kit has been installed on the system.
Requests for Web-based resources have become unacceptably slow. You have been assigned to implement a solution that helps solve this problem. Which of the following would you recommend?
A. Enablestateful multi-layer inspection on the packet filter
B. Implement caching on the network proxy server
C. Enable authentication on the network proxy server
D. Implement a screening router on the network DMZ
Which of the following is most likely to pose a security threat to a Web server?
A. CGI scripts
B. Database connections
C. Flash or Silverlight animation files
D. LDAP servers
What is the first tool needed to create a secure networking environment?
A. User authentication
B. Confidentiality
C. Security policy
D. Auditing
Irina has contracted with a company to provide Web design consulting services. The company has asked her to use several large files available via an HTTP server. The IT department has provided Irina with user name and password, as well as the DNS name of the HTTP server. She then used this information to obtain the files she needs to complete her task using Mozilla Firefox. Which of the following is a primary risk factor when authenticating with a standard HTTP server?
A. HTTP usescleartext transmission during authentication, which can lead to a man-in-the- middle attack.
B. Irina has used the wrong application for this protocol, thus increasing the likelihood of a man-in- the-middle attack.
C. A standard HTTP connection uses public-key encryption that is not sufficiently strong, inviting the possibility of a man-in-the-middle attack.
D. Irina has accessed the Web server using a non-standard Web browser.
Which of the following is considered to be the most secure default firewall policy, yet usually causes the most work from an administrative perspective?
A. Configuring the firewall to respond automatically to threats
B. Blocking all access by default, then allowing only necessary connections
C. Configuring the firewall to coordinate with the intrusion-detection system
D. Allowing all access by default, then blocking only suspect network connections
You have been assigned to configure a DMZ that uses multiple firewall components. Specifically, you must configure a router that will authoritatively monitor and, if necessary, block traffic. This device will be the last one that inspects traffic before it passes to the internal network. Which term best describes this device?
A. Screening router
B. Bastion host
C. Proxy server
D. Choke router
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CIW exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 1D0-571 exam preparations and CIW certification application, do not hesitate to visit our Vcedump.com to find your solutions here.