Independence Day Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: netdisc

Exin SCNS SCNS Tactical Perimeter Defense Exam Practice Test

Demo: 34 questions
Total 232 questions

SCNS Tactical Perimeter Defense Questions and Answers

Question 1

As you analyze the settings of the Secure Server (Require Security) IPSec policy in Windows Server

2003, you are looking at the options available for encryption and integrity. Which of the following answers presents a legitimate combination for encryption and integrity in the IPSec policy?

Options:

A.

Encryption: SHA1, Integrity: 3DES

B.

Encryption: 3DES, Integrity: SHA1

C.

Encryption: RSA, Integrity: MD5

D.

Encryption: MD5, Integrity: RSA

E.

Encryption: SHA1, Integrity: MD5

Question 2

During a network analysis session, you capture several TCP/IP sessions. You focus your analysis on the

IP Headers. In an IP Header, what is the function of the first four bits?

Options:

A.

To define the type

B.

To define the source port number

C.

To define the destination port number

D.

To define the IP Version

E.

To define the upper layer protocol

Question 3

You are configuring the Access Lists for your new Cisco Router. The following are the commands that are entered into the router for the list configuration.

Router(config)#access-list 171 permit tcp 10.10.0.0 0.0.255.255 any eq 80

Router(config)#access-list 171 deny tcp 0.0.0.0 255.255.255.255 10.10.0.0 0.0.255.255 eq 80

Router(config)#access-list 171 deny tcp any any eq 23

Router(config)#access-list 171 permit tcp 10.10.0.0 0.0.255.255 any eq 20

Router(config)# access-list 171 permit tcp 10.10.0.0 0.0.255.255 any eq 21

Based on this configuration, and using the exhibit, select the answers that identify how the router will deal with network traffic.

Options:

A.

Permit WWW traffic to the Internet

B.

Deny WWW traffic to the internal networks

C.

Deny all Telnet traffic

D.

Permit FTP traffic to the Internet

E.

Permit FTP traffic to the internal networks

Question 4

You need to install a new antenna for the wireless network available on your companys property. Which antenna type is best for extending the local range of an Access Point?

Options:

A.

Yagi

B.

Omni-directional

C.

Di-polar

D.

Parabolic

E.

Mono-polar

Question 5

In your current organization, you have been given the task of implementing the IPSec solution. All your servers are running Windows Server 2003, so you wish to use the built in policies. What are the three default IPSec policies in Windows Server 2003?

Options:

A.

Server (Require Security)

B.

Server (Request Security)

C.

Client (Respond Only)

D.

Client (Request Security)

E.

Server (Respond Only)

Question 6

You have just installed a new Intrusion Detection System in your network. You are concerned that there are functions this system will not be able to perform. What is a reason an IDS cannot manage hardware failures?

Options:

A.

The IDS can only manage RAID 5 failures.

B.

The IDS cannot be programmed to receive SNMP alert messages.

C.

The IDS cannot be programmed to receive SNMP trap messages.

D.

The IDS cannot be programmed to respond to hardware failures.

E.

The IDS can only inform you that an event happened.

Question 7

During a training presentation, that you are delivering, you are asked how wireless networks function, compared to the OSI Model. What two layers of the OSI Model are addressed by the 802.11 standards?

Options:

A.

Physical

B.

Data Link

C.

Network

D.

Transport

E.

Session

Question 8

A significant function of TCP is the ability to guarantee session information. The method used by TCP to guarantee the uniqueness of a session between two hosts is which of the following?

Options:

A.

By setting the control bits SYN and FIN within the same packet

B.

By implementing two two-way handshakes to tear down the connection

C.

By setting the control bits URG and ACK within the same packet

D.

By implementing sequence numbering

E.

By implementing a combination of control bits PSH, URG & RST

Question 9

You are configuring a L2TP solution between your office and your primary branch office. The CEO has requested a report on the benefits of using this technology. Which of the following benefits does L2TP (with IPSec) provide?

Options:

A.

Bandwidth Management

B.

Encryption

C.

User Authentication

D.

Packet Authentication

E.

Key Management

Question 10

The main reason you have been hired at a company is to bring the network security of the organization up to current standards. A high priority is to have a full security audit of the network as soon as possible. You have chosen an Operational Audit and are describing it to your coworkers. Which of the following best describes an Operational audit?

Options:

A.

This type of audit is typically done by a contracted external team of security experts who check for policy compliance.

B.

This type of audit is usually done by internal resources to examine the current daily and on-going activities within a network system for compliance with an established security policy.

C.

This type of audit is typically done by an internal team who ensures the security measures are up to international standards.

D.

This type of audit is usually done by the current network administrators who ensure the security measures are up to international standards.

E.

This type of audit is usually conducted by external resources and may be a review or audit of detailed audit logs.

Question 11

You are configuring the rules on your firewall, and need to take into consideration that some clients in the

network are using automatic addressing. What is the IP address range reserved for internal use for APIPA in Microsoft networks?

Options:

A.

169.254.0.0 /4

B.

169.254.0.0 /16

C.

169.254.0.0 /8

D.

169.254.0.0 /0

E.

168.255.0.0 /16

Question 12

You are planning on implementing a token-based authentication system in your network. The network currently is spread out over four floors of your building. There are plans to add three branch offices. During your research you are analyzing the different types of systems. Which of the following are the two common systems token-based authentication uses?

Options:

A.

Challenge/Response

B.

Random-code

C.

Time-based

D.

Challenge/Handshake

E.

Password-Synch

Question 13

As you increase the layers of security in your organization, you must watch the network behavior closely.

How can a firewall have a negative impact on the performance of your network?

Options:

A.

It can authorize sensitive information from the wrong host

B.

It can block needed traffic

C.

It can decrypt secure communications that were supposed to get past the firewall encrypted

D.

It can restrict bandwidth based on QoS

E.

It can filter packets that contain virus signatures

Question 14

What is the function of the following configuration fragment?

Router#configure terminal

Router(config)#line vty 0 4

Router(config-line)#transport input ssh telnet

Router(config-line)#^Z

Router#

Options:

A.

The router will attempt to use SSH first, then use Telnet

B.

The router will attempt to use Telnet first, then use SSH

C.

The router will accept only SSH on VTY 0 4

D.

The router will accept both Telnet and SSH connections

E.

The router will accept only Telnet on VTY 0 4

Question 15

In the image, there are two nodes communicating directly, without an access point. In the packet on the right side of the image, the Address 1 field is blank. If this packet is going to the other computer, what is the value that must be filled in this blank address field?

Options:

A.

2345

B.

1234

C.

ABCD

D.

E.

ABCD-1234

Question 16

There are several options available to you for your new wireless networking technologies, and you are examining how different systems function. What transmission system uses short bursts combined together as a channel?

Options:

A.

Frequency Hopping Spread Spectrum (FHSS)

B.

Direct Sequence Spread Spectrum (DSSS)

C.

Lamar Anthell Transmission (LAT)

D.

Digital Band Hopping (DBH)

E.

Digital Channel Hopping (DCH)

Question 17

You are concerned that your Access Point security could be improved. What does an Access Point use to announce its SSID to the network?

Options:

A.

Burst Packets

B.

802.11g Frames

C.

Broadcast Packets

D.

Beacon Frames

E.

MACv4 Broadcast Frames

Question 18

You have been given the task of installing a new firewall system for your network. You are analyzing the different implementation options. Which of the following best describes a Single Packet Filtering Device?

Options:

A.

This is when one device is configured to run as a packet filter, granting or denying access based on the content of the headers.

B.

This is when a packet is received on one interface and sent out another interface.

C.

This is when a device has been configured with more than one network interface, and is running proxy software to forward packets back and forth between the interfaces.

D.

This is when the device reads only the session layer and higher headers to grant or deny access to the packet.

E.

This is when the network is protected by multiple functions.

Question 19

You have just installed a new network-based IDS for your organization. You are in the middle of your initial configuration of the system, and are now configuring the response. What is the most common response of an IDS when an event happens?

Options:

A.

To trace the origin of the event

B.

To close the communication path to the hostile host

C.

To page the security officer on call

D.

To place an entry of the event in the log file

E.

To reconfigure the service that is being exploited

Question 20

After installing Snort on your Windows machine that is destined to be your IDS, you need to edit the configuration file to customize it to your needs. What is the name of that configuration file?

Options:

A.

Snort.cfg

B.

Config.snt

C.

Snort.config

D.

Snort.conf

E.

Config.snort

Question 21

You are going to add another computer to the pool that you use for detecting intrusions. This time you are making a customized Snort machine running on Windows 2000 Professional. Prior to running Snort you must install which of the following programs?

Options:

A.

Network Monitor

B.

Network Monitor Tools and Agent

C.

Libpcap

D.

WinPcap

E.

TCP/IP

Question 22

You have made some changes to the configuration of your ISA Server 2006 firewall. While analyzing the network traffic, you see that these changes have not yet taken affect. What must you do to get these new rules to take function?

Options:

A.

From the rules drop down menu, select enable state table.

B.

From the rules drop down menu, select enable rule set.

C.

From the state table drop down menu, select enable rule set.

D.

Disable and Enable the network interface that the rule is associated with.

E.

From the command prompt, type firewallpolicy /reload and press Enter.

Question 23

It has been decided that you must implement new security on your wireless networks. What wireless protection system is defined as: MIC + TKIP + EAP + 802.1x?

Options:

A.

WTLS

B.

WEP

C.

WPA

D.

W3DES

E.

WPKI

Question 24

What tool used in wireless network analysis has the ability to output its findings to MapPoint?

Options:

A.

Netstumbler

B.

AirSnort

C.

Wireshark

D.

Network Monitor

E.

AirSniffer

Question 25

One of the firewall choices you are thinking of implementing, in your network, is a proxy server. A proxy server can accomplish which of the following statements?

Options:

A.

Cache web pages for increased performance

B.

Operate at the Application layer of the OSI model

C.

Allow direct communication between an internal and external host

D.

Permit or deny traffic based upon type of service

E.

Filter executables that are attached to an e-mail

Question 26

There are several options for you to choose from when building your wireless security solution. Wireless

Transport Layer Security is based on which fundamental security technology?

Options:

A.

DES

B.

Triple-DES

C.

SSL

D.

WEP

E.

WAP

Question 27

You have been hired at a large company to manage network security issues. Prior to your arrival, there was no one dedicated to security, so you are starting at the beginning. You hold a meeting and are discussing the main functions and features of network security. One of your assistants asks what the function of Authentication in network security is. Which of the following best describes Authentication?

Options:

A.

Data communications as well as emails need to be protected for privacy and Authentication.

Authentication ensures the privacy of data on the network system.

B.

Authentication is a security principle that ensures the continuous accuracy of data and information stored within network systems. Upon receiving the email or data communication, authentication must be verified to ensure that the message has not been altered, modified, or added to or subtracted from in transit by unauthorized users.

C.

The security must limit user privileges to minimize the risk of unauthorized access to sensitive information and areas of the network that only authorized users should only be allowed to access.

D.

Security must be established to prevent parties in a data transaction from denying their participation after the business transaction has occurred. This establishes authentication for the transaction itself for all parties involved in the transaction.

E.

Authentication verifies users to be who they say they are. In data communications, authenticating the sender is necessary to verify that the data came from the right source. The receiver is authenticated as well to verify that the data is going to the right destination.

Question 28

You have recently taken over the security of a mid-sized network. You are reviewing the current configuration of the IPTables firewall, and notice the following rule:

ipchains -A output -p TCP -d 172.168.35.40 ! www

What is the function of this rule?

Options:

A.

This rule for the output chain states that all www traffic on 172.168.35.40 from any IP address is allowed.

B.

This rule for the input chain states that all TCP packets are allowed to the 172.168.35.40 IP address to any port other than 80.

C.

This rule for the input chain states that all TCP packets are able to get to the www service on any IP address except for 172.168.35.40.

D.

This rule for the output chain states that all TCP packets are able to get to the www service on any IP address except for 172.168.35.40.

E.

This rule for the output chain states that all TCP packets are allowed to the 172.168.35.40 IP address to any port other than 80.

Question 29

As Intrusion Detection Systems become more sophisticated, the software manufacturers develop different methods of detection. If an IDS uses the process of finding a deviation from a well know pattern of user behavior, what is this known as?

Options:

A.

Signature analysis

B.

Packet filter matching

C.

Statistical analysis

D.

Analysis engine engagement

E.

Packet match and alarming

Question 30

After installing Snort on your windows machine that is destined to be your IDS, you need to edit the configuration files entry of "HOME_NET" to define which of the following?

Options:

A.

The name of the Domain (or domains) you are parts of

B.

The host name of the machine you are installing Snort on

C.

The name of the network segment you are using Snort to monitor

D.

The IP address of the machine you are installing Snort on

E.

The IP subnet address of the network segment you are using Snort to monitor

Question 31

During your packet capture of traffic to check if your network is getting hit by a Denial of Service attack, you analyze TCP headers. You notice there are many headers that seem to have the same SEQ number, with the responding computer using different SEQ and ACK numbers in response. If you are analyzing a normal three-way handshake between two Windows 2000 nodes, and the first packet has a SEQ of

0xD36077AF, what will the responding computer use as an ACK?

Options:

A.

1xD36077B0

B.

0xD36077B0

C.

1xD36077AE

D.

0xD36077AE

E.

1xD36077CF

Question 32

You are reconfiguring your networks firewall to create a DMZ using three network interfaces. After configuring the addresses on the interfaces, you are making the required changes in ISA Server 2006. You are going to use Network Template during this configuration change. What Network Template is designed for this firewall topology?

Options:

A.

DMZ-Mode

B.

Multi-NIC

C.

3-Node Firewall

D.

3-Leg Perimeter

E.

DMZ-Mode, then select three as the number of NICs to configure

Question 33

You are considering adding layers to your authentication system currently in place. Reading through some of the vendor literature on logon solutions, it frequently mentions two and three factor authentication. Your assistant asks you what the difference between the two is. Select the options that correctly describe two-factor and three-factor authentication:

Options:

A.

Two-factor authentication is the process of providing something you have along with something you know.

B.

Two-factor authentication is the process of providing two forms of authentication, such as a username and a password.

C.

Two-factor authentication is the process of authenticating twice during the login sequence to verify user identity.

D.

Three-factor authentication is the process of providing something you have along with something you know and something you are.

E.

Three-factor authentication is the process of providing three forms of authentication, such as username, password, and sitting at the physical machine to login.

Question 34

You are configuring a new custom IPSec policy on your Windows Server 2003 machine. On the rules tab, you find the three default options under the IP Filter List. What are these three default options?

Options:

A.

All TCP Traffic

B.

All UDP Traffic

C.

All IP Traffic

D.

All ICMP Traffic

E.

Demo: 34 questions
Total 232 questions