What tool used in wireless network analysis has the ability to output its findings to MapPoint?
You are installing a new firewall and your CEO asks what the benefits will be to the organization. Which of the following are benefits to implementing a firewall?
You are configuring your new Intrusion Detection System, and studying the true-false matrix. You read about the different types of alarms and events. Which of the following defines an event where an alarm is indicating an intrusion when there is no actual intrusion?
You have recently taken over the security of a mid-sized network. You are reviewing the current configuration of the IPTables firewall, and notice the following rule:
ipchains -A output -p TCP -d 172.168.35.40 ! www
What is the function of this rule?
You are training some of your team on the concepts of wireless technologies. What are the two types of infrared wireless transmissions?
Your company has created it's security policy and it's time to get the firewall in place. Your group is trying to decide whether to build a firewall or buy one. What are some of the downsides to deciding to build a firewall rather than purchase one?
Your network traffic has increased substantially over the last year, and you are looking into your caching options for frequently visited websites. What are the two types of caching that ISA Server 2006 supports?
After you implemented your IPSec solution, you wish to run some tests to verify functionality. Which of the following provides confidentiality and authentication when implementing IPSec?
The CEO of your company has just issued a statement that the network must be more secure right away.
You have discussed several options with the Chief Security Officer and the Chief Technology Officer. The results of your discussion are to implement IPSec. What are the two prime functions of IPSec that you can let the CEO know will be addressed with the implementation?
Network Monitor was run on a Windows Server 2003. The exhibit shows the actual contents of a Network
Monitor capture file.
What are the IP addresses of the source and destination hosts involved in this communication? To help you determine the two hosts, they have been outlined within the captured content.
You are configuring your new Cisco router. During your configuration you wish to eliminate any security risks you can, as based on your organizational security policy. The policy states that the Cisco Discovery
Protocol is not to be used on any interface on any of the routers. What is the command to turn off CDP for the entire router?
The exhibit represents a simple routed network. Node 7 is a Windows 2000 Professional machine that establishes a TCP communication with Node 10, a Windows 2003 Server. The routers are Cisco 2500 series running IOS 11.2.
While working at Node 10, you run a packet capture. Packets received by Node 10, and sent from Node 7 will reveal which of the following combination of source IP and source Physical addresses:
The exhibit shows a router with three interfaces E0, E1 and S0. Interfaces E0 and E1 are connected to internal networks 192.168.10.0 and 192.168.20.0 respectively and interface S0 is connected to the Internet.
The objective is to allow only network 192.168.20.0 to access e-commerce Web sites on the Internet, while allowing all internal hosts to access resources within the internal network. From the following, select all the access list statements that are required to make this possible.
You have been given the task of building the new wireless networks for your office, and you need to verify that your equipment will not interfere with other wireless equipment frequencies. What wireless standard allows for up to 11 Mbps transmission rates and operates in the 2.4GHz range?
During your investigation into wireless security options, you are reading about the 820.11 standards.
What wireless standard is designed to address the security issues of 802.11 networks?
You are configuring your new IDS machine, where you have recently installed Snort. While you are working with this machine, you wish to create some basic rules to test the ability to log traffic as you desire.
Which of the following Snort rules will log any telnet traffic from any IP address to port 23 of the 10.0.10.0/24 network?
When installing a firewall, what is the process by which you remove un-needed services and features from a machine to reduce the risk of vulnerabilities to the underlying OS called?
You have configured Snort, running on your Windows Server 2003, to connect to a MySQL database.
You are now creating the Snort database in MySQL. At the MySQL prompt, what is the correct command to create a database named: snortdb1?
The main reason you have been hired at a company is to bring the network security of the organization up to current standards. A high priority is to have a full security audit of the network as soon as possible. You have chosen an Operational Audit and are describing it to your coworkers. Which of the following best describes an Operational audit?
As per the specifications of RFC 1191: Path MTU Discovery, MTUs have been defined so that transmitted datagram will not unnecessarily become fragmented when traveling across different types of physical media. You are going to run several packet captures to be sure there are no out of spec packets on
your network. According to these specifications what are the absolute minimum and maximum MTUs?
In your organization a decision has been made to implement a multicasting application. You are configuring your firewall to allow this application to flow through in both directions. What address range are you going to address on the firewall?
During a network analysis session, you capture several TCP/IP sessions. You focus your analysis on the
IP Headers. In an IP Header, what is the function of the first four bits?
The three-way handshake utilizes three steps, identified as: Step 1, 2 and 3, that take place between a client and a server in order to establish a TCP connection.
In Step 2 of a normal three-way handshake, the server is said to be performing:
You are going to migrate the Cisco routers in your network from RIPv1 to RIPv2. What is a security advantage that RIPv2 provides over RIPv1?
When you took over the security responsibilities at your office, you noticed there were no warning banners on any of the equipment. You have decided to create a warning login banner on your Cisco router.
Which of the following shows the correct syntax for the banner creation?
You are configuring your new IDS machine, and are creating new rules. You enter the following rule:
Alert tcp any any -> 10.0.10.0/24 any (msg: "SYN-FIN scan detected"; flags: SF;)
What is the effect of this rule?
You need to add a line to your IPTables Firewall input chain that will stop any attempts to use the default install of Back Orifice against hosts on your network (the 10.10.10.0 network). Which of the following would be the correct command to use?
There are several options for you to choose from when building your wireless security solution. Wireless
Transport Layer Security is based on which fundamental security technology?
You are going to configure your SuSe Linux computer to run Snort as your IDS. Prior to running Snort, you wish to configure Apache and PHP, so you may use Snort monitoring tools in the browser. You need to verify that Apache and PHP are running properly. What line needs to be entered in the info.php file to test PHP on your Apache server?
You are configuring your new IDS machine, and are creating new rules. You enter the following rule:
Alert tcp any any -> 10.0.10.0/24 any (msg: "NULL scan detected"; flags: 0;)
What is the effect of this rule?
DumpsMate's team of experts is always available to respond your queries on exam preparation. Get professional answers on any topic of the certification syllabus. Our experts will thoroughly satisfy you.
TESTED 06 May 2024
