ciw 1d0-571 practice test

You have been asked to encrypt a large file using a secure encryption algorithm so you can send it via
e-mail to your supervisor. Encryption speed is important. The key will not be transmitted across a
network. Which form of encryption should you use?

• A. Asymmetric
• B. PGP
• C. Hash
• D. Symmetric

Which of the following is the most likely first step to enable a server to recover from a denial-of-
service attack in which all hard disk data is lost?

• A. Enable virtualization
• B. Contact the backup service
• C. Contact a disk recovery service
• D. Rebuild your RAID 0 array

You purchased a network scanner six months ago. In spite of regularly conducting scans using this
software, you have noticed that attackers have been able to compromise your servers over the last
month. Which of the following is the most likely explanation for this problem?

• A. The network scanner needs to be replaced.
• B. The network scanner is no substitute for scans conducted by an individual.
• C. The network scanner has a trojan.
• D. The network scanner needs an update.

What is the primary use of hash (one-way) encryption in networking?

• A. Signing files, for data integrity
• B. Encrypting files, for data confidentiality
• C. Key exchange, for user authentication
• D. User authentication, for non-repudiation

Which of the following will best help you ensure a database server can withstand a recently
discovered vulnerability?

• A. Updating the company vulnerability scanner and conducting a new scan
• B. Adding a buffer overflow rule to the intrusion detection system
• C. Reconfiguring the firewall
• D. Installing a system update

You have determined that the company Web server has several vulnerabilities, including a buffer
overflow that has resulted in an attack. The Web server uses PHP and has direct connections to an
Oracle database server. It also uses many CGI scripts. Which of the following is the most effective
way to respond to this attack?

• A. Installing software updates for the Web server daemon
• B. Using the POST method instead of the GET method for a Web form
• C. Installing an intrusion detection service to monitor logins
• D. Using the GET method instead of the POST method for a Web form

Which of the following standards is used for digital certificates?

• A. DES
• B. Diffie-Hellman
• C. X.509
• D. RC5

At the beginning of an IPsec session, which activity occurs during the Internet Key Exchange (IKE)?

• A. Determining the number of security associations
• B. Negotiating the authentication method
• C. Determining the network identification number
• D. Negotiating the version of IP to be used

A security breach has occurred in which a third party was able to obtain and misuse legitimate
authentication information. After investigation, you determined that the specific cause for the
breach was that end users have been placing their passwords underneath their keyboards. Which
step will best help you resolve this problem?

• A. Discipline specific end users as object lessons to the rest of the staff and reset passwords on all systems immediately.
• B. Change all passwords on the company servers immediately and inform end users that their passwords will be changing on a regular basis.
• C. Set passwords to expire at specific intervals and establish mandatory continual training sessions.
• D. Inform end users that their passwords will be changing on a regular basis and require more complex passwords.

You have implemented a version of the Kerberos protocol for your network. What service does
Kerberos primarily offer?

• A. Authentication
• B. Encryption
• C. Non-repudiation
• D. Data integrity