CIW 1D0-571 Exam Questions Instant Access

Question 1

Irina has contracted with a company to provide Web design consulting services. The company has asked her to use several large files available via an HTTP server. The IT department has provided Irina with user name and password, as well as the DNS name of the HTTP server. She then used this information to obtain the files she needs to complete her task using Mozilla Firefox. Which of the following is a primary risk factor when authenticating with a standard HTTP server?

AHTTP uses cleartext transmission during authentication, which can lead to a man-in-the-middle attack.

BIrina has used the wrong application for this protocol, thus increasing the likelihood of a man-in-the-middle attack.

CA standard HTTP connection uses public-key encryption that is not sufficiently strong, inviting the possibility of a man-in-the-middle attack.

DIrina has accessed the Web server using a non-standard Web browser.

Answer : A

Question 2

Consider the following image of a packet capture:

Which of the following best describes the protocol used, along with its primary benefit?

AIt is a passive FTP session, which is easier for firewalls to process.

BIt is an active FTP session, which is necessary in order to support IPv6.

CIt is an extended passive FTP session, which is necessary to support IPv6.

DIt is an active FTP session, which is supported by all FTP clients.

Answer : A

Question 3

A new video conferencing device has been installed on the network. You have been assigned to troubleshoot a connectivity problem between remote workers and the central company. Specifically, remote workers are having problems making any connection at all. Which technique will most likely help you solve this problem while retaining the existing level of security at the firewall?

ADeny all use of UDP above Port 1024.

BConfigure the firewall to provide VPN access.

CConfigure a second network connection directly to the video conferencing device.

DAllow all use of UDP below Port 1024.

Answer : B

Question 4

A distributed denial-of-service (DDOS) attack has occurred where both ICMP and TCP packets have crashed the company's Web server. Which of the following techniques will best help reduce the severity of this attack?

AFiltering traffic at the firewall

BChanging your ISP

CInstalling Apache Server rather than Microsoft IIS

DPlacing the database and the Web server on separate systems

Answer : A

Question 5

You have been asked to encrypt a large file using a secure encryption algorithm so you can send it via e-mail to your supervisor. Encryption speed is important. The key will not be transmitted across a network. Which form of encryption should you use?

AAsymmetric

BPGP

CHash

DSymmetric

Answer : D

Question 6

Requests for Web-based resources have become unacceptably slow. You have been assigned to implement a solution that helps solve this problem. Which of the following would you recommend?

AEnable stateful multi-layer inspection on the packet filter

BImplement caching on the network proxy server

CEnable authentication on the network proxy server

DImplement a screening router on the network DMZ

Answer : B

Question 7

Which of the following activities is the most effective at keeping the actions of nae end users from putting the company's physical and logical. Which of the following activities is the most effective at keeping the actions of na?e end users from putting the company's physical and logical resources at risk?

AConfiguring network intrusion-detection software to monitor end user activity

BConducting a training session at the time of hire

CReconfiguring the network firewall

DAssembling a team of security professionals to monitor the network

Answer : B

CIW Web Security Associate 1D0-571 Exam Questions