- Email support@dumps4free.com
Topic 1: Exam Pool A
Security Policy is a definition of what it means to be secure for a system, organization or
other entity. For Information Technologies, there are sub-policies like Computer Security
Policy, Information Protection Policy, Information Security Policy, network Security Policy,
Physical Security Policy, Remote Access Policy, and User Account Policy.
What is the main theme of the sub-policies for Information Technologies?
A.
Availability, Non-repudiation, Confidentiality
B.
Authenticity, Integrity, Non-repudiation
C.
Confidentiality, Integrity, Availability
D.
Authenticity, Confidentiality, Integrity
Confidentiality, Integrity, Availability
Bob, a system administrator at TPNQM SA, concluded one day that a DMZ is not needed if
he properly configures the firewall to allow access just to servers/ports, which can have
direct internet access, and block the access to workstations.
Bob also concluded that DMZ makes sense just when a stateful firewall is available, which
is not the case of TPNQM SA.
In this context, what can you say?
A.
Bob can be right since DMZ does not make sense when combined with stateless
firewalls
B.
Bob is partially right. He does not need to separate networks if he can create rules by
destination IPs, one by one
C.
Bob is totally wrong. DMZ is always relevant when the company has internet servers
and workstations
D.
Bob is partially right. DMZ does not make sense when a stateless firewall is available
Bob is totally wrong. DMZ is always relevant when the company has internet servers
and workstations
Darius is analysing logs from IDS. He want to understand what have triggered one alert
and verify if it's true positive or false positive. Looking at the logs he copy and paste basic
details like below:
source IP: 192.168.21.100
source port: 80
destination IP: 192.168.10.23
destination port: 63221
What is the most proper answer.
A.
This is most probably true negative.
B.
This is most probably true positive which triggered on secure communication between
client and server.
C.
This is most probably false-positive, because an alert triggered on reversed traffic.
D.
This is most probably false-positive because IDS is monitoring one direction traffic.
This is most probably true negative.
Firewalls are the software or hardware systems that are able to control and monitor the
traffic coming in and out the target network based on pre-defined set of rules.
Which of the following types of firewalls can protect against SQL injection attacks?
A.
Data-driven firewall
B.
Stateful firewall
C.
C. Packet firewall
D.
Web application firewall
Web application firewall
During the process of encryption and decryption, what keys are shared?
During the process of encryption and decryption, what keys are shared?
A.
A. Private keys
B.
User passwords
C.
Public keys
D.
Public and private keys
Public keys
| Page 3 out of 147 Pages |
| Previous |