CIW 1D0-671 CIW Web Security Associate Online Training
CIW 1D0-671 Online Training
The questions for 1D0-671 were last updated at Dec 24,2024.
- Exam Code: 1D0-671
- Exam Name: CIW Web Security Associate
- Certification Provider: CIW
- Latest update: Dec 24,2024
Which of the following causes problems with firewalls
- A . Control FTP
- B . Data FTP
- C . Active FTP
- D . Passive FTP
In relation to security, which of the following is the primary benefit of classifying systems?
- A . Ability to identify common attacks
- B . Identification of highest-priority systems to protect
- C . Ability to recover quickly from a natural or man-made disaster
- D . Collection of information for properly configuring the firewall
Irina has contracted with a company to provide Web design consulting services. The company has asked her to use several large files available via an HTTP server.
The IT department has provided Irina with user name and password, as well as the DNS name of the HTTP server. She then used this information to obtain the files she needs to complete her task using Mozilla Firefox.
Which of the following is a primary risk factor when authenticating with a standard HTTP server?
- A . HTTP uses cleartext transmission during authentication, which can lead to a man-in-the- middle attack.
- B . Irina has used the wrong application for this protocol, thus increasing the likelihood of a man-in- the-middle attack.
- C . A standard HTTP connection uses public-key encryption that is not sufficiently strong, inviting the possibility of a man-in-the-middle attack.
- D . Irina has accessed the Web server using a non-standard Web browser.
You have been assigned to provide security measures for your office’s reception area. Although the company needs to provide security measures, costs must be kept to a minimum.
Which of the following tools is the most appropriate choice?
- A . Firewall
- B . Intrusion-detection system
- C . Camera
- D . Security guard
Which symmetric algorithm created by the RSA Security Corporation is a stream cipher that encrypts messages as a whole, in real time?
- A . RC4
- B . RC6
- C . RC5
- D . RC2
Your firewall is configured to forbid all internal traffic from going out to the Internet. You want to allow internal clients to access all Web traffic.
At a minimum, what ports must you open in regards to the internal systems?
- A . TCP Port 80 and all ports above 1023
- B . TCP Ports 80 and 443, and all ports above 1023
- C . All TCP ports above 80 and below 1023
- D . TCP Ports 80 and 443
The vast majority of hackers are which type of attacker?
- A . Casual attacker
- B . Spy
- C . Disgruntled employee
- D . Determined attacker
The best way to thwart a dictionary attack is by enforcing a:
- A . strong password policy.
- B . restricted access policy.
- C . firewall configuration policy.
- D . proxy server policy.
Which of the following will best help you ensure a database server can withstand a recently discovered vulnerability?
- A . Updating the company vulnerability scanner and conducting a new scan
- B . Adding a buffer overflow rule to the intrusion detection system
- C . Reconfiguring the firewall
- D . Installing a system update
A new video conferencing device has been installed on the network. You have been assigned to troubleshoot a connectivity problem between remote workers and the central company. Specifically, remote workers are having problems making any connection at all.
Which technique will most likely help you solve this problem while retaining the existing level of security at the firewall?
- A . Deny all use of UDP above Port 1024.
- B . Configure the firewall to provide VPN access.
- C . Configure a second network connection directly to the video conferencing device.
- D . Allow all use of UDP below Port 1024.