SCP SC0-402 SCP-NDC Exam Questions Instant Access

Question 1

To increase the security of the network, you have decided to implement a solution using authentication tokens. You are

explaining this to a coworker who is not familiar with tokens. What are Authentication Tokens?

AAn authentication token is a software program that is installed on each user computer. Upon execution of the program, each user
will be authenticated into the network.

BAn authentication token is a hardware device that is to be installed, either via a parallel or serial port. Once the user has installed the
token, he or she will be able to access the resources on the network that they have been granted access.

CAn authentication token is a portable device, such as a handheld computer, that stores an authenticating sequence, that the user will
enter after logging into the system to gain access to network resources.

DAn authentication token is a software program that is installed on the main server of the network. As the user is logging in, the
server will instruct the user for username and password.

EAn authentication token is a portable device used for authenticating a user, thereby allowing authorized access into a network
system.

Answer : E

Question 2

You are going to add another computer to the pool that you use for detecting intrusions. This time you are making a customized

Snort machine running on Windows 2000 Professional. Prior to running Snort you must install which of the following programs?

ANetwork Monitor

BNetwork Monitor Tools and Agent

CLibpcap

DWinPcap

ETCP/IP

Answer : D

Question 3

You have finished configuration of your ISA server and are in the section where you secure the actual server itself. Of the three

options presented to you, which of the following answer best describes the Limited Services option?

AA Firewall that is a domain controller or an infrastructure server

BA Firewall that is a stand-alone firewall

CA Firewall that is a database server or an application server

DA Firewall that is a stand-alone web server

EA Firewall that is a domain controller and a web server

Answer : A

Question 4

You have been hired at a large company to manage network security issues. Prior to your arrival, there was no one dedicated to

security, so you are starting at the beginning. You hold a meeting and are discussing the main functions and features of network

security. One of your assistants asks what the function of Authentication in network security is. Which of the following best describes

Authentication?

AData communications as well as emails need to be protected for privacy and Authentication. Authentication ensures the privacy of
data on the network system.

BAuthentication is a security principle that ensures the continuous accuracy of data and information stored within network systems.
Upon receiving the email or data communication, authentication must be verified to ensure that the message has not been altered,
modified, or added to or subtracted from in transit by unauthorized users.

CThe security must limit user privileges to minimize the risk of unauthorized access to sensitive information and areas of the
network that only authorized users should only be allowed to access.

DSecurity must be established to prevent parties in a data transaction from denying their participation after the business transaction
has occurred. This establishes authentication for the transaction itself for all parties involved in the transaction.

EAuthentication verifies users to be who they say they are. In data communications, authenticating the sender is necessary to verify
that the data came from the right source. The receiver is authenticated as well to verify that the data is going to the right destination.

Answer : E

Question 5

You are configuring your new IDS machine, where you have recently installed Snort. While you are working with this machine,

you wish to create some basic rules to test the ability to log traffic as you desire. Which of the following Snort rules will log any tcp

traffic from any host other than 172164050 using any port, to any host in the 100100/24 network using any port?

Alog udp ! 172164050/32 any -> 100100/24 any

Blog tcp ! 172164050/32 any -> 100100/24 any

Clog udp ! 172164050/32 any <> 100100/24 any

Dlog tcp ! 172164050/32 any <> 100100/24 any

Elog tcp ! 172164050/32 any <- 100100/24 any

Answer : B

Question 6

You are using ISS Internet Scanner to run a vulnerability check in your network. You have implemented some new computers, and

are creating a new custom policy using the built-in Wizard. When creating a new policy from scratch, through the wizard, which base

policy will you select?

AUser1

BCustom

CClear

DTemplate

EBlank

Answer : E

Question 7

You are using ISS to scan your network as part of your Intrusion Detection System. How often does ISS recommend running a

scan for backdoors?

ATwice a day.

BOnce a day.

COnce a week.

DTwice a month.

EOnce a month.

Answer : B

SCP Network Defense and Countermeasures SC0-402 SCP-NDC Exam Questions