SCP SC0-402 SCP-NDC Exam Questions Instant Access

Question 1

Your network was configured several years ago, with every host using a public IP address. It has been decided that NAT is to be

used when the network is reconfigured. Additionally, IPSec has been mandated as well. Which IPSec modes can be used with NAT?

ATunnel mode ESP with authentication

BTunnel mode Authentication Header protocol

CTransport mode Authentication Header protocol

DTransport mode ESP with authentication

ETransport mode Security Associations with authentication

Answer : A, D

Question 2

The main reason you have been hired at a company is to bring the network security of the organization up to current standards. A

high priority is to have a full security audit of the network as soon as possible. You have chosen an Operational Audit and are

describing it to your coworkers. Which of the following best describes an Operational audit?

AThis type of audit is typically done by a contracted external team of security experts who check for policy compliance.

BThis type of audit is usually done by internal resources to examine the current daily and on-going activities within a network
system for compliance with an established security policy.

CThis type of audit is typically done by an internal team who ensures the security measures are up to international standards.

DThis type of audit is usually done by the current network administrators who ensure the security measures are up to international
standards.

EThis type of audit is usually conducted by external resources and may be a review or audit of detailed audit logs.

Answer : B

Question 3

In your network there is an ISA server running as the firewall. It is a simple design, a single machine with two network cards. You

are configuring the Access Policies on this machine. What is the function of the Site and Content Rules section of the Access Policy?

ASite and Content Rules determine which protocols can be used to communicate with the Internet.

BSite and Content Rules determine if specified users will be able to access specified content on specified destination computers.

CSite and Content Rules either allow or disallow specific packets destined for specific nodes on the network

DSite and Content Rules either allow or disallow a specific port to the entire network.

ESite and Content Rules determine if specific ports are to be accessed by specific subnets in the network.

Answer : B

Question 4

Recently, you have seen an increase in intrusion attempts and in network traffic. You decide to use Snort to run a packet capture

and analyze the traffic that is present. Looking at the example, what type of traffic did Snort capture in this log file?

ANmap XMAS Scan

BNmap NULL Scan

CNmap SYN Scan

DNmap ACK Scan

ENmap SYN/FIN Scan

Answer : A

Question 5

Recently, you have seen an increase in intrusion attempts and in network traffic. You decide to use Snort to run a packet capture

and analyze the traffic that is present. Looking at the example, what type of traffic did Snort capture in this log file?

ANmap SYN/FIN Scan

BNmap NULL Scan

CNmap ACK Scan

DNmap SYN Scan

ENmap XMAS Scan

Answer : D

Question 6

What should be your first step when installing Firewall-1 on a multi-homed Windows NT server?

ARemove the Administrator account

BRemove Internet Explorer

CHarden the Operating System

DInstall RRAS

ERemove the TCP/IP protocol

Answer : C

Question 7

You have been hired at a large company to manage network security. Prior to your arrival, there was no one dedicated to security,

so you are starting at the beginning. You hold a meeting and are discussing the main functions and features of network security. One

of your assistants asks what the function of Confidentiality in network security is. Which of the following best describes

Confidentiality?

AConfidentiality verifies users to be who they say they are. In data communications, authenticating the sender is necessary to verify
that the data came from the right source. The receiver is authenticated as well to verify that the data is going to the right destination.

BData communications as well as emails need to be protected in order to maintain appropriate levels of privacy and confidentiality.
Network security must provide a secure channel for the transmission of data and email that does not allow eavesdropping by
unauthorized users. Data confidentiality ensures the privacy of data on the network system.

CThe security must limit user privileges to minimize the risk of unauthorized access to sensitive information and areas of the
network that only authorized users should only be allowed to access.

DSecurity must be established to prevent parties in a data transaction from denying their participation after the business transaction
has occurred. This establishes Confidentiality for the transaction itself for all parties involved in the transaction.

EConfidentiality is a security principle that ensures the continuous accuracy of data and information stored within network systems.
Data must be kept from unauthorized modification, forgery, or any other form of corruption either from malicious threats or
corruption that is accidental in nature.

Answer : B

SCP Network Defense and Countermeasures SC0-402 SCP-NDC Exam Questions