SCNP Strategic Infrastructure Security v6.0 (SCNP)

Page:    1 / 16   
Total 239 questions

If an attacker uses a program that sends thousands of email messages to every user of the network, some of them with over 50MB attachments. What are the possible consequences to the email server in the network?

  • A. Server hard disk can fill to capacity
  • B. Client hard disks can fill to capacity
  • C. Server can completely crash
  • D. Network bandwidth can be used up
  • E. Clients cannot receive new email messages


Answer : A,C

Your network has been hit by a virus that is infecting the MBR on many of the systems in the network.
You are working to repair the damage this virus has done. After two days of non-stop work on the problem, you get things under control. What type of virus was in your network?

  • A. Macro Virus
  • B. Scripting Virus
  • C. Boot Sector Virus
  • D. Multi-part Virus
  • E. File Infection Virus


Answer : C

Your network has been hit by a very bad virus recently. As you tracked the virus through the network, it was changing from system, to system. Each time it went to infect a system; it had evolved slightly to have a different file size, or different file structure. After extensive work, you and your team were able to isolate and remove the virus from the network.
Which of the following best identifies the type of virus that was in your network?

  • A. Boot Sector Virus
  • B. Macro Virus
  • C. Stealth Virus
  • D. Multi-part Virus
  • E. Polymorphic Virus


Answer : E

You are running some tests in your network, to see if you can remotely identify the operating system of nodes in the network. Using the nmap tool, which of the following commands will identify the operating system of the computer using IP address
192.168.10.1?

  • A. nmap -ident 192.168.10.1 -sS
  • B. nmap -sS 192.168.10.1 -O
  • C. nmap -Id 192.168.10.1 -sS
  • D. nmap -a -u -x -Id 192.168.10.1
  • E. nmap -Id 192.168.10.1 -aux -sS


Answer : B

You are running Nessus in your organization to perform vulnerability assessments. If you wish to write your own plugin, to scan for a custom vulnerability, what will you use to write the plugin?

  • A. Nessus Plugin Scripting (NPS)
  • B. Nessus Custom Scripting (NCS)
  • C. Nessus C++ Scripting (NC+S)
  • D. Nessus Attack Scripting Language (NASL)
  • E. Nessus Java Scripting Language (NJSL)


Answer : D

You have recently started using Nessus to perform vulnerability scans on the systems in your network.
You now wish to perform further testing, to ensure that passwords are the proper length in the network.
What feature of Nessus allows you to perform this type of custom scanning?

  • A. Nessus Plugins
  • B. Nessus cannot perform this type of scan, it is restricted to vulnerability scanning
  • C. Nessus Advanced Scripting
  • D. Nessus Password Scanning Module
  • E. Nessus Policies


Answer : E

To maintain the security of your network you routinely run several checks of the network and computers.
Often you use the built-in tools, such as netstat. If you run the following command, netstat s which of the following will be the result?

  • A. Displays all connections and listening ports
  • B. Displays Ethernet statistics.
  • C. Displays addresses and port numbers in numerical form
  • D. Shows connections for the protocol specified
  • E. Displays per-protocol statistics


Answer : E

You have just finished running vulnerability test, using Nessus, on a remote host in your network. You are reading the report Nessus generated, and are looking for those items you must address right away. In a
Nessus report, how are items marked that require your immediate attention?

  • A. With a Yellow Exclamation Point
  • B. With a Red X
  • C. With a Black check
  • D. With a Yellow check
  • E. With a bulls-eye target


Answer : B

In order to run some tests on your system, you have decided to use the netcat utility. You want to be able to access the command prompt on a Windows system from your Linux system. What is the proper command on the Windows system to allow for you to gain remote access?

  • A. netcat -p 2020 -l cmd.exe
  • B. netcat -p 2020 -cmd.exe
  • C. nc -l -p 2020 -e cmd.exe
  • D. nc -p 2020 -l run/cmd.exe
  • E. netcat -p 2020 -l -run cmd.exe


Answer : C

In order to check on the passwords in your organization, you have been given the authority to run a password checking tool. You are going to use the tool LCP to check the passwords. What are the three main options available to you to configure LCP to attack and check passwords?

  • A. Reverse Attack
  • B. Dictionary Attack
  • C. Hybrid Attack
  • D. Brute Force Attack
  • E. Cryptographic Attack


Answer : B,C,D

To increase the security of your corporate website, you are running some basic checks on leaked information. You view the source code for a web page and see the following:
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<meta name="GENERATOR" content="FrontPage 4.0">
<meta name="ProgId" content="Editor.Document">
<title>Security Certifications for the IT Pro</title>
<style type="text/css">
<!--
P, TD, LI, TH { font-size: 10pt; font-family: Arial, Verdana, Helvetica }
.eight { font-size: 8pt }
-->
</style>
</head>
From this code, which of the following would an attacker most likely assume is the operating system that was used to create this web site?

  • A. OpenBSD
  • B. FreeBSD
  • C. Linux 5.0
  • D. Linux 6.0
  • E. Windows NT


Answer : E

You read on a security website that hackers are reading Newsgroup messages to try to identify potential targets and target details. You had previously not closed the port for the
Newsgroup service on your firewall.
After you close that port, you do an Internet newsgroup search for your domain name. You do find several messages from users in your organization. What type of information may be found by examining these messages?

  • A. Email Address
  • B. Internal Server Names
  • C. Corporate Public IP Address
  • D. Client Newsreader Program
  • E. Client Email Program


Answer : A,C,D

In your network, you have built a single domain of only Windows computers. There are 55
XP machines and 10 Windows Server 2003 machines. You are concerned about the security of your SAM files on the Servers. Windows Server 2003 is the only Operating
System on the computers, and the hard drives are all formatted with NTFS. Which of the following are issues you must be sure to address when securing the
SAM file?

  • A. You must be sure that no user while locally logged in to the Server can delete the SAM file.
  • B. You must be sure that no user while logged in to the Server remotely can delete the SAM file.
  • C. You must be sure that no user can boot to DOS and delete the SAM file from there.
  • D. You must be sure that no user can install a parallel Operating System and delete the SAM file from there.
  • E. You must be sure to encrypt the Operating System files using the built-in EFS, so that no user may delete the SAM file from anywhere.


Answer : C,D

To maintain the security of your network you routinely run several checks of the network and computers.
Often you use the built-in tools, such as netstat. If you run the following command: netstat e which of the following will be the result?

  • A. Displays all connections and listening ports
  • B. Displays Ethernet statistics
  • C. Displays addresses and port numbers in numerical form
  • D. Shows connections for the protocol specified
  • E. Displays per-protocol statistics


Answer : B

One of your users calls to state that their computer is acting unusual. You go to investigate and find there is an unauthorized program installed on this computer. You examine the network and find that this program is now on other machines in the network. It seems to be unable to move through the network on its own, and is getting sent as an email attachment.
What type of program is in the network?

  • A. The program is a Worm.
  • B. The program is a Virus.
  • C. The program is a Port scanner.
  • D. The program is a Trojan Horse.
  • E. The program is a Macro.


Answer : B

Page:    1 / 16   
Total 239 questions