|
Home > Archive > Certified Internet Webmaster - CIW > March 2002 > Security Professional Questions
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Security Professional Questions
|
|
| bilal_iqbal_99 2002-02-07, 6:50 am |
| Dear Friends,
I am posting some security professional questions. Please provide answers.
2. Which of the following choices best defines the Windows NT Security Account Manager?
A. It is the portion of the GINA DLL that controls security.
B. It is the database containing the identity of users and their credentials.
C. It is the name of the machine responsible for the management of all security of the LAN.
D. It is the interface that is responsible for logging on and user Ids.
3. Under the level C2 security classification, what does “discretionary access control” mean?
A. Discretionary access control means that the owner of a resource must be able to use that resource.
B. Discretionary access control is the ability of the system administrator to limit the time any user spends on a computer.
C. Discretionary access control is a policy that limits the use of any resource to a group or a security profile.
D. Discretionary access control is a rule set by the security auditor to prevent others from downloading unauthorized scripts or programs.
4. Steven wants to write a computer virus that will cripple UNIX systems. What is going to be the main obstacle preventing him from success?
A. UNIX computers are extremely difficult to access illicitly over the Internet, and therefore computer viruses are not an issue with UNIX systems
B. Due to the file permission structure and the number of variations in UNIX hardware architectures, a virus would have to gain root privileges as well as identify the hardware and UNIX flavor in use.
C. Due to availability of effective free anti-virus tools, computer viruses are caught early and often. Steven’s virus would have to evade detection for it to succeed.
D. Due to the extensive use of ANSI “C” in the programming of UNIX, the virus would have to mimic some of the source code used in the infected iteration of the UNIX operating system.
5. Which of the following best describes the problem with share permissions and share points in Windows NT?
A. Share points must be the same value as the directory that serves the share point.
B. Share points contains permissions; and any file under the share point must possess the same permissions
C. Share permissions are exclusive to root directories and files; they do not involve share points, which define user permissions.
D. Share points are set when connection is established, therefore the static nature of file permissions can conflict with share points if they are not set with read and write permissions for everyone.
6. What do the discretionary ACL (access control list) and the system ACL in Windows NT have in common?
A. Both share properties for storing secure object identifiers.
B. Both can grant or deny permissions to parts of the system.
C. Both are installed by default on the system in different sections of the client/server model.
D. Both are responsible for creation of the master access control list.
7. Winlogon loads the GINA DLL. What does the GINA DLL then do?
A. It provides the interface for processing logon requests.
B. It creates the link to the user database for the update of the local security authority.
C. It creates the link to the master access list on the server.
D. It checks the user database for correct date/time stamps of the last modification.
8. You must apply permissions to a file named /home/myname/myfile.txt, and you need to fulfil the following requirements:
You want full access to the file.
People in your group should be able to read the file.
People in your group should not be able to edit the file.
People outside of your group should be denied access to the file.
What are the most secure permissions you would apply to the file?
A. Chage 700/home/myname/myfile.txt
B. Chage 744/home/myname/myfile.txt
C. Chmod 640/home/myname/myfile.txt
D. Chmod 064/home/myname/myfile.txt
9. Which level(s) of security, as defined by the National Computer Security Center (NCSC), is attained by many “out of the box” implementations of commercially available operating systems?
A. Level B2
B. Level D
C. Level D through B2
D. Level B through
10. What are the security issues that arise in the use of the NFS (Network File System)?
A. Synchronization of user and group IDs is poor, so it is easy to spoof trusted hosts and user names.
B. The lack of logging in one place or on one machine, and the multiple logs this then requires, can create bottlenecks
C. The possibility arises for clear text passwords to be sniffed on the network if it does not use Secure RPC.
D. NFS uses a weak authentication scheme and transfers information in encrypted form
11. What is the major security issue with standard NIS (Network Information System)?
A. It is impossible to enforce a centralized login scheme.
B. NIS provides no authentication requirement in its native state.
C. There is no way to encrypt data being transferred.
D. NIS is a legacy service and, as such, is only used in older, less secure operating systems and networks.
12. In a Linux system, how do you stop the POP3, IMAPD, and FTP services?
A. By changing the permissions on the configuration file that controls the service (/sbin/inetd), then recompiling /etc/inetd.config.
B. By commenting out the service using the # symbol in the text file /etc/inetd.conf, then restarting the inetd daemon.
C. By recompiling the system kernel, making sure you have disabled that service.
D. By commenting out the service using the $ symbol in the text file /etc/inetd.conf, then restarting the inetd daemon.
16. Abjee is going to log on to his network. His network does not employ traffic padding mechanisms. Why will it be easy for someone to steal his password?
A. Because his password could be more than two weeks old
B. Because of the predictability of the length of the login and password prompts
C. Because the clear text user name and password are not encrypted
D. Because there is no provision for log analysis without traffic padding, thus no accountability when passwords are lost
17. In a typical corporate environment, which of the following resources demands the highest level of security on the network?
A. Purchasing
B. Engineering
C. Sales
D. Accounting
20. Which command, tool or service on a UNIX network converts names to IP addresses and IP addresses to names, and can also specify which servers are mail servers?
A. Port scanner
B. Traceroute
C. Host
D. Nslookup
21. Kerstin connected to an e-commerce site and bought a new mouse pad with her credit card for $5.00 plus shipping and handling. She never received her mouse pad so she called her credit card company to cancel the transaction. She was not charged for the mouse pad, but she received multiple charges she knew nothing about. She tried to connect to the site again but could not find it. Which type of hacking attack occurred?
A. Denial-of-service attack
B. Hijacking attack
C. Illicit server attack
D. Spoofing attack
24. Which type of attack uses a simple or complex program that self-replicates and/or deposits a payload on a remote or local computer?
A. Dictionary attack
B. Hijacking attack
C. Illicit server attack
D. Virus attack
25. Which type of attack can use a worm or packet sniffer to crash systems, causing low resources and/or consuming bandwidth?
A. Denial-of-service attack
B. Illicit server attack
C. Man-in-the-middle attack
D. Virus attack
26. Which service, command or tool discovers the IP addresses of all computers or routers between two computers on an Internet/intranet network?
A. Whois
B. Port scanner
C. Traceroute
D. Nslookup
27. Which tool, service or command will enable you to learn the entire address range used by an organization or company?
A. Traceroute
B. Nslookup
C. Port scanner
D. Ping scanner
29. A file is replaced by another file that provides the same service but also has a secret operation that is meant to subvert security. What is this type of attack called?
A. A buffer overflow attack
B. A Trojan attack
C. A denial-of-service attack
D. An illicit server attack
30. Most hackers run two services to first learn information about a computer or Windows attached to the Internet or intranet. These services enable hackers to find weaknesses in order to infiltrate the computer or network. Which one of the following choices lists the two services?
A. Ping and traceroute
B. Nslookup and whois
C. Whois and ping
D. Nslookup and traceroute
31. What common target can be reconfigured to disable interfaces and provide inaccurate IP addresses over the Internet?
A. Routers
B. E-mail servers
C. DNS servers
D. Databases
32. Abjee obtains the latest stable versions of server, services or applications. Which type of attack does this action help to prevent?
A. Dictionary attack
B. Buffer overflow attack
C. Trojan attack
D. Illicit server attack
33. What host-level information would you want to obtain so you can exploit defaults and patches?
A. Servers
B. Routers and switches
C. Databases
D. Firewall types
34. Which of the following is a way to get around a firewall to intrude into a secure network from a remote location?
A. IP services
B. Active ports
C. Identified network topology
D. Modem banks
35. You notice that your FTP service reveals unnecessary information about your server. Which of the following is the most efficient solution to this problem?
A. Filter out the login banner using a packet filter.
B. Disable the service in question.
C. Place the service behind the firewall.
D. Disable the login banner for the service.
36. What is the most common security problem on a client/server network?
A. Outdated software
B. Old login accounts
C. Non-secured ports
D. Browser flaws
37. While assessing the risk of a network, which step are you conducting when you determine whether the network can differentiate itself from other networks?
A. Considering the business concerns.
B. Analyzing, categorizing and prioritizing resources.
C. Evaluating the existing perimeter and internal security.
D. Using the existing management and control architecture.
38. Which type of attack occurs when a hacker obtains passwords and other information from legitimate transactions?
A. Man-in-the-middle attack
B. Denial-of-service attack
C. Dictionary attack
D. Illicit serve attack
40. Kay wants to improve the security on her FTP server. She is worried about password-sniffing attacks. Which of the following is the best action for her to take?
A. Disable anonymous logins.
B. Allow only anonymous logins.
C. Configure the firewall to block port 21.
D. Place the FTP server outside of the firewall.
41. What is the primary security problem with FTP?
A. Anonymous logins do not require a password.
B. Damaging programs can be executed on the client.
C. Damaging programs can be executed on the server.
D. The login name and password are sent to the server in clear text.
42. Which type of port is used by a client when it establishes a TCP connection?
A. Ephemeral
B. Well-known
C. Reserved
D. Static
43. Which system provides relay services between two devices?
A. Proxy server
B. Gateway
C. VPN
D. Screening router
46. What is the primary security risk of SNMP?
A. Login names and passwords are not encrypted.
B. Damaging programs can be executed on the client.
C. Damaging programs can be executed on the server.
D. Data is transferred in clear text.
47. Ulf wants to ensure that a hacker cannot access his DNS zone files. What is the best action for him to take?
A. Filter TCP port 23.
B. Configure the firewall to block zone transfers and accept zone transfer requests only from specific hosts.
C. Configure all routers to block zone transfers and encrypt zone transfer messages.
D. Disable Nslookup.
48. What is a Windows NT equivalent to a UNIX daemon?
A. A thread
B. A process
C. A protocol
D. A service
50. Which protocol is normally used to communicate errors or other conditions at the IP layer, but has also been used to conduct denial-of-service attacks?
A. TCP
B. ICMP
C. SNMP
D. UDP
51. Which of the following will help control unauthorized access to an e-mail server?
A. Disable CGI scripts
B. Prohibit relaying
C. Limit the number of e-mail messages a given account can receive in a day
D. Scan all e-mail messages at the firewall or SMTP server
53. You are using a packet sniffer to capture transmissions between two remote systems. However, you find that you can only capture packets between your own system and another. What is the problem?
A. You have configured your filter incorrectly.
B. You are sniffing packets in a switch network.
C. Tcpdump captures packets only between your host and another host.
D. Your system does not have its default gateway configured.
54. How might a hacker cause a denial-of-service attack on an FTP server?
A. By executing a damaging program on the server
B. By initiating an ICMP flood
C. By initiating a broadcast storm
D. By filling the server’s hard drive to capacity
56. Which security feature does NNTP possess that SMTP does not?
A. Dynamic port assignment
B. Separate control and data ports
C. Usablility in conjunction with SSL
D. Strict bounds checking on arrays
57. Laura is a system administrator who wants to block all NNTP traffic between her network and the Internet. How should she configure her firewall?
A. Disable anonymous logins in the NNTP configuration manager.
B. Configure all routers to block broadcast packets.
C. Configure the firewall to block port 119.
D. Configure the firewall to block port 25.
59. What is the term for the process of replacing source IP addresses with false IP addresses?
A. Hijacking
B. Spoofing
C. Spamming
D. Brute force
62. What is the different between digital signature mechanisms and simple encryption?
A. Digital signatures are generally 128-bit encryption, whereas simple encryption is generally 56 bits.
B. Digital signatures are verified by third parties that vouch for the veracity of the sender and the contents.
C. Digital signatures carry timestamps, whereas standard encryption does not.
D. Standard encryption mechanisms have no provision for traffic padding to thwart password sniffers.
64. Why is the rlogin command dangerous to network security?
A. Remote logins are a security threat regardless of the protocol and should be avoided.
B. There is no way to prevent the user who successfully uses rlogin from becoming root.
C. The rlogin command has a long history of buffer overflows that has not been corrected.
D. If one system that has extensive rlogin privileges to other systems is compromised, then a hacker can spread throughout the entire network.
65. Which of the following choices lists the components that make up security descriptions for Windows NT objects?
A. The user name, the password and the object-owner security identifier.
B. The UNAME, the access profile of the object-owner SID, and confirmation by the system access control list.
C. The object-owner SID, the discretionary access control, the SACL, and the group SID.
D. The user name, the object identifies, the set user identifier, and the time/date stamp.
66. What is the major security problem with the SUID/SGID programs or utilities?
A. The root account must be in order to utilize programs set this way.
B. These in these programs can temporarily grant root privileges to anyone.
C. SUID programs are not removed immediately from the swap/paging area, which results in a clear security risk.
D. The SGID is a clear violation of good security practice and is only used as a result of the SUID.
69. Which command, service or tool allows you to imitate a secondary DNS server in order to obtain its records via a zone transfer?
A. Traceroute
B. Ping scanner
C. Nslookup
D. Host
70. Which type of attack uses a database or databases to guess a password in order to gain access to a computer system?
A. Hijacking attack
B. Virus attack
C. Dictionary attack
D. Man-in-the-middle attack
72. Which tool, command or service allows a remote or local user to find any open connection paths to the system on the Internet or an intranet?
A. Traceroute
B. Whois
C. Nslookup
D. Port scanner
73. A hacker has just changed the information for a zone during a zone transfer. This attack caused false information to be passed on to network hosts as if it were legitimate. Which type of server is the target in such an attack?
A. An e-mail server
B. A DNS server
C. A router
D. An FTP server
74. Which of the following do hackers target because it usually communicates in Cleartext?
A. Router
B. DNS server
C. FTP server
D. E-mail server
79. You have installed a proxy server that authenticates users. However, you find that one user has bypassed the proxy server by entering the default gateway IP address. How can you solve this problem?
A. Configure the default gateway to deny access to all systems.
B. Confront the user.
C. Reconfigure the user’s machine.
D. Configure the default gateway to reject all requests to all systems except for the proxy server.
80. What is the standard method for securing individual e-mail messages sent between a company and other users that do not use the e-mail server?
A. Invoke encryption at the e-mail server.
B. Invoke encryption on each client.
C. Filter firewall port 42 on the company firewall.
D. Store all e-mail messages on a separate partition.
81. Which one of the following choices lists the two greatest security problems associated with HTTP?
A. Community names and encrypted passwords
B. IP and ICMP spoofing
C. Viewer applications and external programs used by the HTTP server
D. No bound checking on arrays and anonymous access
82. Which tool utilizes a database of known security problems to test a network?
A. Operating system add-on
B. Network scanner
C. Logging and log analysis tool
D. SNMP
83. How are servers able to conduct a simple authentication check using DNS?
A. Forward DNS lookup
B. Reverse DNS lookup
C. RARP
D. Nslookup
85. When using IIS, what has primary control over security?
A. The operating system
B. IIS
C. The GINA
D. The SSL Service
86. Which of the following is the best way to secure CGI scripts?
A. Configure the firewall to filter CGI at ports 80 and 443.
B. Disable anonymous HTTP logins when using CGI.
C. Ensure that the code checks all user input.
D. Active Java on the primary web server.
87. Which type of gateway functions in all layers of the OSI/RM?
A. A circuit-level gateway
B. An application-level gateway
C. A proxy gateway
D. A universal gateway
89. Which of the following attacks specifically utilizes packet spoofing?
A. Crack
B. Smurf
C. Flood
D. Worm
90. Which layer does proxy server address?
A. Application
B. Transport
C. Network
D. ----
91. What is TCP Priming and SYN Detection?
Thanks and Bye!
PS: Please reply as soon as possible! | |
| wbafrank 2002-02-07, 6:54 am |
| buy a book you will find all the answers in it!! | |
| dmor13 2002-02-18, 10:48 pm |
| WbaFrank,
Play nice now. | |
| Drummer 2002-02-19, 1:07 am |
| Frank's right. It's one thing if someone has been studying and just needs some help with a handful of questions. But most of those questions are really basic and anyone with a little bit of knowledge on the subject should be able to answer them.
Security is a hard test but at least make an effort to study. | |
|
| Thanks for the questions. To facilate my learning I have dusted off my trusty security
book to find the answers.
Incidently these are offical test questions.
http://pilotit.org | |
|
| I received my CIW Secutiry Professional Certification Bible.
It has a CD with Q&A plus some great security utilties.
Read the book, practice and pass the test.
Then U will know what U are talking about
when U interview!
http://www.pilotit.org | |
| bilal_iqbal_99 2002-03-06, 4:59 pm |
| My Dear Friends,
Sorry if I bothered you all. For your kind information, I have already prepared for that very exam and just wanted some help from you side. I had answers to all of those questions but I wanted to be sure about them. That's why, I didn't post the answers with them. Actually, I got those questions from various sources and had many wrong answers with them. I had my own logic so I corrected them according to my knowledge but still I wanted to be sure. Here are the answers, I had.
Now if possible, please try to help! Kindy review all the answers and verify their accuracy.
2. B. It is the database containing the identity of users and their credentials.
3. A. Discretionary access control means that the owner of a resource must be able to use that resource.
4. B. Due to the file permission structure and the number of variations in UNIX hardware architectures, a virus would have to gain root privileges as well as identify the hardware and UNIX flavor in use.
5. C. Share permissions are exclusive to root directories and files; they do not involve share points, which define user permissions.
NOTE: I don't feel comfortable with Share Permissions and Share Points. Please can anyone explain it to me?
6. A. Both share properties for storing secure object identifiers.
7. A. It provides the interface for processing logon requests.
8. C. Chmod 640/home/myname/myfile.txt
9. (NOT AT ALL SURE ABOUT THIS ONE)
10. (NOT AT ALL SURE ABOUT THIS ONE)
11. (NOT AT ALL SURE ABOUT THIS ONE)
12. B. By commenting out the service using the # symbol in the text file /etc/inetd.conf, then restarting the inetd daemon.
16. B. Because of the predictability of the length of the login and password prompts
17. D. Accounting
20. C. Host
21. D. Spoofing attack
24. D. Virus attack
25. A. Denial-of-service attack (It may be right because it is talking about low resources and bandwidth consumption)
26. C. Traceroute
27. D. Ping scanner (NOT SURE)
29. D. An illicit server attack
30. B. Nslookup and whois
31. A. Routers
32. B. Buffer overflow attack
33. (NOT AT ALL SURE ABOUT THIS ONE)
34. D. Modem banks
35. D. Disable the login banner for the service.
36. B. Old login accounts
37. C. Evaluating the existing perimeter and internal security.
38. A. Man-in-the-middle attack
40. B. Allow only anonymous logins.
41. D. The login name and password are sent to the server in clear text.
42. B. Well-known
43. B. Gateway (NOT SURE)
46. D. Data is transferred in clear text.
47. B. Configure the firewall to block zone transfers and accept zone transfer requests only from specific hosts.
48. D. A service
50. B. ICMP
51. B. Prohibit relaying
53. D. Your system does not have its default gateway configured. (NOT SURE)
54. D. By filling the server’s hard drive to capacity
56. C. Usablility in conjunction with SSL
NOTE: Please can anybody explain me about the term "Bound Checking on Arrays"?
57. C. Configure the firewall to block port 119.
59. B. Spoofing
62. B. Digital signatures are verified by third parties that vouch for the veracity of the sender and the contents.
64. D. If one system that has extensive rlogin privileges to other systems is compromised, then a hacker can spread throughout the entire network. (NOT SURE)
65. C. The object-owner SID, the discretionary access control, the SACL, and the group SID.
66. B. These in these programs can temporarily grant root privileges to anyone. (NOT SURE)
69. C. Nslookup
70. C. Dictionary attack
72. D. Port scanner
73. B. A DNS server
74. C. FTP server
79. D. Configure the default gateway to reject all requests to all systems except for the proxy server.
80. B. Invoke encryption on each client. (NOT SURE)
81. C. Viewer applications and external programs used by the HTTP server
82. D. SNMP
83. B. Reverse DNS lookup
85. A. The operating system
86. B. Disable anonymous HTTP logins when using CGI. (NOT SURE)
87. B. An application-level gateway
89. A. Crack (NOT SURE)
90. A. Application (NOT SURE. VERY CONFUSING FOR ME)
91. What is TCP Priming and SYN Detection? (I WANT SOME HELP ON THESE TOPICS AS I HAVE BEEN UNABLE TO FIND HELP ON THOSE)
Any help shall be highly appreciated.
Thanks and Bye! | |
| TERRAN 2002-03-08, 3:31 pm |
| Hang in there bilal_iqbal_99. I am sure you will do fine! | |
| bilal_iqbal_99 2002-03-08, 3:36 pm |
| Hi Terran!
Thank you very much for your encouraging comment but I am looking for someone to help me in the topics I mentioned in my earlier email.
Thanks and Bye!
Bilal | |
|
| Pal, this reeks of a braindump, and that is why you got the answers you did. If I were a moderator in this forum, I would delete the thread. It comes across as I found this dump online, but I am too lazy to research the answers myself, so I let someone else do it for me. Sorry, you found the wrong crowd for that and I doubt that anybody here will be inclined to help you according to those terms... |
|
|
|
|