New Year Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

CIW 1D0-571 - CIW v5 Security Essentials

CIW 1D0-571 Premium Access     Download Demo    
Page: 2 / 2
Total 62 questions

Irina has contracted with a company to provide Web design consulting services. The company has asked her to use several large files available via an HTTP server. The IT department has provided Irina with user name and password, as well as the DNS name of the HTTP server. She then used this information to obtain the files she needs to complete her task using Mozilla Firefox. Which of the following is a primary risk factor when authenticating with a standard HTTP server?

A.

HTTP uses cleartext transmission during authentication, which can lead to a man-in-the-middle attack.

B.

Irina has used the wrong application for this protocol, thus increasing the likelihood of a man-in-the-middle attack.

C.

A standard HTTP connection uses public-key encryption that is not sufficiently strong, inviting the possibility of a man-in-the-middle attack.

D.

Irina has accessed the Web server using a non-standard Web browser.

Which of the following is a common problem, yet commonly overlooked, in regards to physical security in server rooms?

A.

Firewalls that do not have a dedicated backup

B.

False ceilings

C.

Logic bombs

D.

Biometric malfunctions

Which of the following standards is used for digital certificates?

A.

DES

B.

Diffie-Hellman

C.

X.509

D.

RC5

Jason is attempting to gain unauthorized access to a corporate server by running a program that enters passwords from a long list of possible passwords. Which type of attack is this?

A.

Brute force

B.

Denial of service

C.

Botnet

D.

Buffer overflow

You want to create a quick solution that allows you to obtain real-time login information for the administrative account on an LDAP server that you feel may become a target. Which of the following will accomplish this goal?

A.

Reinstall the LDAP service on the server so that it is updated and more secure.

B.

Install an application that creates checksums of the contents on the hard disk.

C.

Create a login script for the administrative account that records logins to a separate server.

D.

Create a dummy administrator account on the system so that a potential hacker is distracted from the real login account.

Which of the following organizations provides regular updates concerning security breaches and issues?

A.

IETF

B.

ISO

C.

ICANN

D.

CERT

What is the primary use of hash (one-way) encryption in networking?

A.

Signing files, for data integrity

B.

Encrypting files, for data confidentiality

C.

Key exchange, for user authentication

D.

User authentication, for non-repudiation

You have implemented a service on a Linux system that allows a user to read and edit resources. What is the function of this service?

A.

Authentication

B.

Data integrity

C.

Access control

D.

Intrusion detection