CIW 1D0-671 CIW Web Security Associate Online Training
CIW 1D0-671 Online Training
The questions for 1D0-671 were last updated at Dec 26,2024.
- Exam Code: 1D0-671
- Exam Name: CIW Web Security Associate
- Certification Provider: CIW
- Latest update: Dec 26,2024
Why can instant messaging (IM) and peer-to-peer (P2P) applications be considered a threat to network security?
- A . Because they use ports above 1023 and many firewalls are not configured to block this traffic
- B . Because they are susceptible to VLAN hopping
- C . Because they usually lie outside the broadcast domain
- D . Because they use ports below 1023 and many firewalls are not configured to block this traffic
You have discovered that the ls, su and ps commands no longer function as expected. They do not return information in a manner similar to any other Linux system. Also, the implementation of Tripwire you have installed on this server is returning new hash values.
Which of the following has most likely occurred?
- A . A trojan has attacked the system.
- B . A SQL injection attack has occurred.
- C . A spyware application has been installed.
- D . A root kit has been installed on the system.
At what layer of the OSI/RM does a packet filter operate?
- A . Layer 1
- B . Layer 3
- C . Layer 5
- D . Layer 7
What would be the result if you were the recipient of a SYN flood or malformed packet?
- A . You would be unable to access a legitimate service, such as establishing a network connection.
- B . The files on your boot sector would be replaced with infected code.
- C . A virus would be unleashed on your system at the time the SYN flood or malformed packet was received.
- D . You would be misdirected to a fraudulent Web site without your knowledge or consent.
You want to create a quick solution that allows you to obtain real-time login information for the administrative account on an LDAP server that you feel may become a target.
Which of the following will accomplish this goal?
- A . Reinstall the LDAP service on the server so that it is updated and more secure.
- B . Install an application that creates checksums of the contents on the hard disk.
- C . Create a login script for the administrative account that records logins to a separate server.
- D . Create a dummy administrator account on the system so that a potential hacker is distracted from the real login account.
Which of the following details should be included in documentation of an attack?
- A . An overview of the security policy and suggestions for the next response plan
- B . Estimates of how much the attack cost the company, and a list of the applications used by the attacker
- C . The time and date of the attack, and the names of employees who were contacted during the response
- D . The network resources involved in the attack, and recommendations for thwarting future attacks
What is the most common attack method against TCP?
- A . Illicit server
- B . Trojan
- C . IP address spoofing
- D . SYN flood attack
What is the first tool needed to create a secure networking environment?
- A . User authentication
- B . Confidentiality
- C . Security policy
- D . Auditing
Jason is attempting to gain unauthorized access to a corporate server by running a program that enters passwords from a long list of possible passwords.
Which type of attack is this?
- A . Brute force
- B . Denial of service
- C . Botnet
- D . Buffer overflow
What distinguishes hash encryption from other forms of encryption?
- A . Hash encryption creates a mathematically matched key pair in which one half of the pair encrypts, and the other half decrypts.
- B . Hash encryption creates a single key that is used to encrypt and decrypt information.
- C . Hash encryption is the encryption method of choice when conducting e-commerce transactions.
- D . Hash encryption is used for information that you want never to be decrypted or read.