SCP SC0-402 SCP-NDC Exam Practice Test Instant Access

Question 1

Your company has created it's security policy and it's time to get he firewall in place. Your group is trying to decide whether to

build a firewall or buy one. What are some of the benefits to purchasing a firewall rather than building one?

AThey usually have a good management GUI.

BThey often do good logging and alerting.

CYou do not need to configure them.

DThe OS doesn't need to be hardened before installing the vendor's firewall on it.

EThey often do real time monitoring.

Answer : A, B, E

Question 2

What CheckPoint module can be used to prevent the "hijacking" of authorized sessions??

AVPN-1 ClientKeeper

BSecureVPN

CClient-1

DVPN-1 SecureClient

EVPN-1 SessionSaver

Answer : D

Question 3

Which of the following is a potential weakness of a commercial firewall product that is installed on a hardened machine?

AThat you will not be able to use it in conjunction with personal firewalls on user's desktop machines.

BYou will have to give the vendor confidential network information.

CYou will be stuck with the configuration that the vendor assigns you.

DThat the firewall's vendor may be compromised and your private information may publicly available.

EThat it may be vulnerable to attacks targeting the underlying Operating System.

Answer : E

Question 4

Your company has created it's security policy and it's time to get he firewall in place. Your group is trying to decide whether to

build a firewall or buy one. What are some of the downsides to deciding to build a firewall rather than purchase one?

AWeak (or no) management GUI

BWeak (or no) logging and alerting

CWeak rule configuration

DThe OS cannot be hardened before implementing the firewall on it

EWeak (or no) real time monitoring

Answer : A, B, E

Question 5

Your company has recently become security conscious and wishes to protect it's electronic assets. What is the first thing you

should have in place before configuring rules for your company's firewall?

AA Security Policy

BAN IDS

CA DNS server

DAn Email server

EA WINS server

Answer : A

Question 6

Once you have configured the new Intrusion Detection System in your network, you are discussing what it can and cannot do

with the other members of the IT department. You are specifically asked what it cannot do. Which of the following answers are

options that an IDS cannot provide?

AHardware Management

BAttack Investigation

CComplete Incident Reporting

DComplete Automated Response

E100% Analysis

Answer : A, B, D, E

Question 7

You have successfully implemented a new Intrusion Detection System in your network. You have verified that the system is

active and did detect the tests you have run against it thus far. You are now in the stage of identifying the type of analysis you wish to

use with the system. You meet with the rest of the IT staff and are asked to describe the different options for analysis. Which of the

following best describes Real-time Analysis?

AThis method of analysis uses the internal operating system (or other host-based) audit logs to capture the events, and the IDS at
given intervals analyzes the data in the logs for signatures of intrusion.

BReal-time analysis is the process of matching the known attacks against the data collected in the network. If there is a match, then
that is a trigger for an intrusion, and an alarm may be the result.

CReal-time analysis runs continuously, collecting, analyzing, reporting, and responding (if programmed to do so). Do not
misunderstand the term real-time to mean same-time. An event cannot be countered the exact moment it happens. However, the
concept behind real-time is such that an attack should be dealt with as it is happening, and if the system knows the signature, stop the
attack before it can complete and compromise a host.

DReal-time analysis is a method in which the IDS frequently gathers data from both the internal IDS logs and host-based logs, such
as Event Viewer files. Using the collected data, the IDS reports on found anomalies and/or intrusions.

EThe basic concept of Real-time analysis is to find a deviation from a known pattern of behavior. Using this method, an IDS would
create profiles of user behavior.

Answer : C

SCP SC0-402 Network Defense and Countermeasures SCP-NDC Exam Practice Test