|
Home > Archive > Certified Internet Webmaster - CIW > August 2001 > Security Professional questions help pleasee
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Security Professional questions help pleasee
|
|
| shanalee 2001-08-22, 9:14 am |
| Hi there,
I took the exam and failed the real test and planing to take the test again could please answer some of this question as they did appear in the test.
I will also love some explanation because i could not find them in the courseware to cross check.
1 Which of the following choices best define Window NT Security Account Manager a, its a portion of the GIN that control security b its the database containing the identity of user c it the name of the machine responsible for managin security d its the interface that is resiposible for logging on user id.
2 which of the following best describe the problem with share permission and share point in nt a, share point must be the same value as the directory that serve the share point b, share point contain permision and any file under the share point must possess the same permission c, share permission are exclusive to root directories and the file they do not share point which define user permission
3 Which level of security as define by the NCSC is attained by many out of the box implementation a, level B2 b, Level D level D through B2,
4,what are the security issues that arise in the use of NFS
a, the lack of logging in one place or a machine and the multiple logs this then require.
5, which one of this resources dmand high security on the network a purchase b, sales, accounting
6,which tool will learn the entire address range used by an organisation
a, traceroute, b, Nslookup c,portscanner d, ping scanner
8most hacker run two services to first learn information about a computer in the internet which are choices
a, ping and trace route b, Nslookup and whois c,whois ans ping, d, nslookup and traceroute
7,obtaining the lastest stable version of server services prevent which attack a trojan b llicit server c buffer overflow
8
what host level info. would use to explot default and patches a servers, b routerand swithes c firwall types
9 which system provie relay services b/w two device
VPN, b gateway c proxyserver
10 what is the primary risk of SNMP a Login names and password are not encrypted b data is transferred in clear text
which can control unathrized access to eamil
prohibit relaying b, scan all email messaegs at the firewall or smtp server
which type of port useed by http for control
a ephemeral
b well known
which does NNTP has that SMTP doesn't
is it usability in conjunction to ssl??
which is the most common network attack
a, dos
b, insider attack,
c brute force
which tol use to find open paths tothe system on internet
traceroute, b , portscanner, nslook up
what standard method for securign email message that do not use the email server
a, invoke encryption atthe email server
invoke encry on each client
filter firewall port 42 on the filrewall
which tool utilize a database of known security problem to test a network
SNMP b, Network sccanner c, os add on
how are servers ale to conduct a simple authetication check using DNS
a, reverse dns lookup b, nslook c, rarp
what is the best way to secure CGI scrip
a,disable anoymous http logins when using cgi
b,ensure code check all user input
please help my exam is tomorrow | |
| hacker 2001-08-22, 9:20 am |
| Hmmm, all questions and no attempted answers ... looks like you didn't even take the exam. | |
| shanalee 2001-08-22, 9:30 am |
| i did take the exam and i this are the question i'm unsure about!!!!!!!!!! | |
| hacker 2001-08-22, 9:32 am |
| If you show some of your reasoning, some of us will definitely help iron out the kinks. | |
| shanalee 2001-08-22, 9:39 am |
| the answer i have is
1.d
2.c
3.a
4.a
5.b
6.b
7.c
8.c
9.b gateway
10.b
11.b
12.b well know
13a dos
14 a traceroute
15c filter port 42
16a snmp
17b nslookup
18a
I just some one to verify this answers
are you happy now hacker!!!!!!! | |
| hacker 2001-08-22, 5:13 pm |
| I'm trying to help, but the numbering of your questions and answers don't appear to match up, really hard to go through. | |
| Sotet 2001-08-22, 11:27 pm |
| I don't have any CIW certs, but without studying I already score in the 60%-70% range or so, so I need to work on my own knowledge.
I deal with abuse issues at the moment...Here goes for a few (agrue with me when I'm wrong, the input is disjointed!:
My answers next to *** means the more ******* the more certain I am of my own answer (no notes here)
You wrote:
----------------
which can control unathrized access to eamil
prohibit relaying b, scan all email messaegs at the firewall or smtp server
****SMTP server - this can be turned off -ISPs turn off SMTP servers to customer using their own domain names frequently Verizon has just started doing this.
-
which does NNTP has that SMTP doesn't
is it usability in conjunction to ssl??
************Yes! NNTP is newsgroups =) nothing to do with SSL
which is the most common network attack
a, dos
b, insider attack,
c brute force
****DOS for now
which tol use to find open paths tothe system on internet
traceroute, b , portscanner, nslook up
*******traceroute
-
which tool utilize a database of known security problem to test a network
SNMP b, Network sccanner c, os add on
***network scanner
how are servers ale to conduct a simple authetication check using DNS
a, reverse dns lookup b, nslook c, rarp
****nslookUP (sic) should be it -to verify DNS -use PingPro Pack or for free visualtraceroute.com | |
| shanalee 2001-08-23, 4:37 am |
| Please could someone out there help with the question i posted yesterday on the security proffesional exams.
I will appreciate a reply
Many Thanks | |
|
| I only selected the questions I could understand.
Any comments to what I wrote?
-I took a good 15 min. or so to help you out best I could.
Maybe you can paste the notes and content to a webpage and put the URL here, so it could be more easily read. | |
| hacker 2001-08-23, 6:05 pm |
| We are trying hard to help, but the presentation is really warped, numberings don't match, can't really decipher most of it.
If you repost them and tidy your questions properly, I'm sure we can help you. | |
| Drummer 2001-08-23, 8:43 pm |
| I agree with Hacker. It's hard to read. Remember, the "enter" key is your friend. | |
| shanalee 2001-08-24, 1:25 am |
| sorry for the scrible
here is another version of the question i hope this time its clearHi there,
I took the exam and failed the real test and planing to take the test again could please answer some of this question as they did appear in the test.
I will also love some explanation because i could not find them in the courseware to cross check.
1. Which of the following choices best define Window NT Security Account Manager
a, its a portion of the GIN that control security
b, its the database containing the identity of user
c, it the name of the machine responsible for managin security
d, its the interface that is resiposible for logging on user id.
2 which of the following best describe the problem with share permission and share point in nt.
a, share point must be the same value as the directory that serve the share point
b, share point contain permision and any file under the share point must possess the same permission
c, share permission are exclusive to root directories and the file they do not share point which define user permission
3 Which level of security as define by the NCSC is attained by many out of the box implementation
a, level B2
b, Level D
c,level D through B2,
4,what are the security issues that arise in the use of NFS
a, the lack of logging in one place or a machine and the multiple logs this then require.
b, syncronisation is poor
5, which one of this resources demand high security on the network
a purchase
b, sales,
c, accounting
6,which tool will learn the entire address range used by an organisation
a, traceroute,
b, Nslookup
c,portscanner
d, ping scanner
7.most hacker run two services to first learn information about a computer in the internet which are choices
a, ping and trace route
b, Nslookup and whois
c,whois ans ping,
d, nslookup and traceroute
8.obtaining the lastest stable version of server services prevent which attack
a, trojan
b, llicit server
c, buffer overflow
9, what host level info. would use to explot default and patches
a servers,
b router and swithes
c firwall types
10 which system provie relay services b/w two device
a, VPN,
b gateway
c proxyserver
11 what is the primary risk of SNMP
a Login names and password are not encrypted b data is transferred in clear text
12which can control unathrized access to email
a prohibit relaying
b, scan all email messaegs at the firewall or smtp server
13 which type of port used by http for control
a ephemeral
b well known
14 which does NNTP has that SMTP doesn't
is it usability in conjunction to ssl?? or
strict bounds checking on arrays.
15, which is the most common network attack
a, dos
b, insider attack,
c, brute force
16 which tool use to find open paths to the system on internet
a, traceroute,
b , portscanner,
c nslookup
17 what is standard method for securign email message that do not use the email server.
a, invoke encryption atthe email server
b, invoke encry on each client
c, filter firewall port 42 on the filrewall
18 which tool utilize a database of known security problem to test
network
a SNMP
b, Network sccanner
c, os add on
19 how are servers ale to conduct a simple authetication check using DNS
a, reverse dns lookup
b, nslook
c, rarp
what is the best way to secure CGI scrip
a,disable anoymous http logins when using cgi
b,ensure code check all user input
any suggestion will do .
thanks | |
| hacker 2001-08-24, 2:00 am |
| Ok, I look through some of the questions and some answers are incomplete and some can't even answer the question. Looks like a braindump to me...  .
Sorry... but I have to skip this one. | |
| shanalee 2001-08-24, 8:05 am |
| Hey folks,
I passed the exam with 93% it took me 35min of the 75min alocated to do.
I now understand how they set their exam and will be posting a guide to the exam soon if anyone need help mail me at my address
secure88@hotmail.com and i can assit with any problem.
Again I would like to thank eeryone that help in anwsering my question like Sonet unclesid etc but hacker i think you are so arrogant that if you could not answer the question posted you should just shut up and hope people who do answer.
replying like to my mail like that was so insulting
but o well I passed with a good grade 93%
I'm avialable to help anytime | |
| hacker 2001-08-24, 8:47 am |
| Good for you, and I see you don't need anybody's help.... | |
| shanalee 2001-08-24, 10:38 am |
| Yeep I certainly don't need your help HACKER!!!!
what kind of a name is that anyway!! |
|
|
|
|