
2024年最新ののCIW 1D0-671問題集PDF1D0-671最速合格したいならここ
1D0-671練習試験問題集で99%合格率CIW試験合格させます
質問 # 65
Which of the following is the primary weakness of symmetric-key encryption?
- A. Keys created using symmetric-key encryption are difficult to distribute securely.
- B. Symmetric-key encryption does not provide the service of data confidentiality.
- C. Data encrypted using symmetric-key encryption is subject to corruption during transport.
- D. Symmetric-key encryption operates slower than asymmetric-key encryption.
正解:A
質問 # 66
Which of the following constitutes a problem when conducting a reverse scan?
- A. IP address spoofing
- B. An older system kernel
- C. SYN floods
- D. Default settings on target systems
正解:A
質問 # 67
Which of the following organizations provides regular updates concerning security breaches and issues?
- A. ISO
- B. ICANN
- C. CERT
- D. IETF
正解:C
質問 # 68
Which of the following is most likely to address a problem with an operating system's ability to withstand an attack that attempts to exploit a buffer overflow?
- A. Firewall
- B. Software update
- C. Network scanner
- D. Intrusion detection system
正解:B
質問 # 69
Which of the following tools allows you to implement packet filtering for a network?
- A. Browser
- B. Bridge
- C. Router
- D. Hub
正解:C
質問 # 70
A distributed denial-of-service (DDOS) attack has occurred where both ICMP and TCP packets have crashed the company's Web server.
Which of the following techniques will best help reduce the severity of this attack?
- A. Filtering traffic at the firewall
- B. Placing the database and the Web server on separate systems
- C. Installing Apache Server rather than Microsoft IIS
- D. Changing your ISP
正解:A
質問 # 71
Which of the following can effectively thwart VLAN hopping?
- A. Enabling multiple firewalls on your broadcast domain
- B. Enabling your network's autotrunking capability
- C. Ensuring that each trunk port retains its default VLAN setting (VLAN1)
- D. Removing the default VLAN setting (VLAN1) from any trunk port
正解:D
質問 # 72
Which of the following errors most commonly occurs when responding to a security breach?
- A. Making snap judgments based on emotions, as opposed to company policy
- B. Shutting down network access using the firewall, rather than the network router
- C. Taking too much time to document the attack
- D. Adhering to the company policy rather than determining actions based on the IT manager's input
正解:A
質問 # 73
All servers assume that a valid IP address belongs to the computer that sent it. Because TCP/IP contains no built-in authentication, a hacker can assume the identity of another device.
If your security depends entirely upon the TCP/IP identity, which type of attack can allow a hacker to gain access to your system?
- A. A brute-force attack
- B. A denial-of-service attack
- C. A spoofing attack
- D. A social engineering attack
正解:C
質問 # 74
Which of the following accurately describes an aspect of an access control list (ACL)?
- A. The ACL defines users that have access to a resource on a database server.
- B. The ACL defines the database roles that users have on a database server.
- C. The ACL cannot determine whether a user has access to an object, but can define exactly what the user can do with that object.
- D. The ACL lists entities that can access a database server, but does not provide access levels.
正解:B
質問 # 75
You have been assigned to configure a DMZ that uses multiple firewall components. Specifically, you must configure a router that will authoritatively monitor and, if necessary, block traffic. This device will be the last one that inspects traffic before it passes to the internal network.
Which term best describes this device?
- A. Bastion host
- B. Choke router
- C. Screening router
- D. Proxy server
正解:B
質問 # 76
Which type of encryption poses challenges to key transport?
- A. Symmetric-key encryption
- B. Diffie-Hellman
- C. Asymmetric-key encryption
- D. Hash encryption
正解:A
質問 # 77
Consider the following diagram involving two firewall-protected networks:
Which of the following is necessary for each of the firewalls to allow private IP addresses to be passed on to the Internet?
- A. Chargeback
- B. Stateful multi-layer inspection
- C. Masquerading
- D. DMZ creation
正解:C
質問 # 78
What is the most common attack method against TCP?
- A. Trojan
- B. IP address spoofing
- C. Illicit server
- D. SYN flood attack
正解:D
質問 # 79
To implement a successful security system, you should:
- A. find a product that can offer full protection against all threats.
- B. implement beta software and operating systems that hold the promise of enhanced security measures.
- C. use as many security principles and techniques as you can to protect each resource.
- D. place your firewall and network in a public area so that authorized users have easy access to them to solve problems as they occur.
正解:C
質問 # 80
Consider the following image of a packet capture:
Which of the following best describes the protocol used, along with its primary benefit?
- A. It is an active FTP session, which is necessary in order to support IPv6.
- B. It is a passive FTP session, which is easier for firewalls to process.
- C. It is an active FTP session, which is supported by all FTP clients.
- D. It is an extended passive FTP session, which is necessary to support IPv6.
正解:B
質問 # 81
After you have determined that a hacker has entered your system, what is the first step you should take?
- A. Review the pre-written security response policy.
- B. Determine the scope of the breach on affected systems.
- C. Document the hacker's activity after penetration has occurred.
正解:A
質問 # 82
......
最新の検証済み1D0-671問題と解答で合格保証:https://www.jpntest.com/shiken/1D0-671-mondaishu
1D0-671認証と実際の解答:https://drive.google.com/open?id=144NKZLCJwxAFQYOxp7cfcR0etdzmxJPp