Exam Prep Questions


Question 1

Which of the following are applicable reasons why you should create a security policy?

  • A. To establish what security equipment is needed

  • B. To establish preferred security vendors

  • C. To outline security procedures in case a security breach occurs

  • D. To establish an acceptable use policy

  • E. To identify acceptable behaviors

A1:

Answers: C, E. Additional reasons to create a security policy are to determine necessary tools and procedures, to define roles and communicate consensus, to structure security implementations , and to assess the present network security posture .

Question 2

What are some of the significant components of a security policy?

  • A. Chain of authority

  • B. Statement of authority

  • C. Access policies

  • D. Acceptable use policy

  • E. Incident-response procedures

A2:

Answers: B, C, D, E. A good security policy should contain these components.

Question 3

Eavesdropping can be a threat to network security. Which activities could be considered eavesdropping?

  • A. Data manipulation

  • B. Rerouting attack

  • C. Trojan horse installation

  • D. Network snooping

  • E. Packet sniffing

A3:

Answers: D, E. Encryption provides protection against eavesdropping. In some cases, the attacker changes routing tables on all the routers between the source and destination.

Question 4

An IP spoofing attack is when an attacker changes the contents of packets. What field or field is changed in an IP spoofing attack?

  • A. Destination MAC address

  • B. Source IP address

  • C. Source MAC address

  • D. Destination IP address

  • E. TCP or UDP header flags

A4:

Answer: B. IP spoofing is an attack that changes the source IP address of a packet.

Question 5

An attack is directed against a bug that is unknowingly contained within an application. How should you classify this attack?

  • A. DoS attack

  • B. Protocol weakness

  • C. Application weakness

  • D. Vulnerability

  • E. Technology weakness

A5:

Answer: D. An exploit is an attack used to take advantage of a vulnerability.

Question 6

Joe works for BlueWidgets.com and decides to download a port scanner to determine what it can do. He directs it against his employer's network. What type of threat is Joe?

  • A. Common threat

  • B. External threat

  • C. Internal threat

  • D. Structured threat

  • E. Unstructured threat

A6:

Answers: C, E. Joe does not know what a port scanner is and is therefore an unstructured threat. Additionally, because Joe is using the tool against his employer's network, Joe is an internal threat. Because Joe is using the tool from the corporate intranet, the attack is internal.

Question 7

What type of attack is the most difficult to eliminate?

  • A. DoS

  • B. Access

  • C. Application

  • D. Trust exploitation

  • E. IP spoofing

A7:

Answer: A. A DoS attack is the most difficult to completely eliminate because it relies upon the structure of protocols and because of the variety of DoS attacks that are available.




CCSP SECUR Exam Cram 2
CCSP SECUR Exam Cram 2 (642-501)
ISBN: B000MU86IQ
EAN: N/A
Year: 2003
Pages: 291
Authors: Raman Sud

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net