SCP SC0-402 SCP-NDC Exam Questions Instant Access

Question 1

Recently, you have seen an increase in intrusion attempts and in network traffic. You decide to use Snort to run a packet capture

and analyze the traffic that is present. Looking at the example, what type of traffic did Snort capture in this log file?

ANmap SYN/FIN Scan

BNmap NULL Scan

CNmap ACK Scan

DNmap SYN Scan

ENmap XMAS Scan

Answer : D

Question 2

In your network there is an ISA server running as the firewall. It is a simple design, a single machine with two network cards.

You are configuring the Access Policies on this machine. What is the function of the IP Packet Filters section of the Access Policy?

AIP Packet Filters determine which users are allowed to communicate with the Internet.

BIP Packet Filters determine if specified users will be able to access specified content on specified destination computers.

CIP Packet Filters determine which protocols can be used to communicate with the Internet.

DIP Packet Filters either allow or disallow a specific node access to the entire network.

EIP Packet Filters either allow or disallow specific packets destined for specific nodes on the network.

Answer : E

Question 3

Your network was configured several years ago, with every host using a public IP address. It has been decided that NAT is to be

used when the network is reconfigured. Additionally, IPSec has been mandated as well. Which IPSec modes can be used with NAT?

ATunnel mode ESP with authentication

BTunnel mode Authentication Header protocol

CTransport mode Authentication Header protocol

DTransport mode ESP with authentication

ETransport mode Security Associations with authentication

Answer : A, D

Question 4

The main reason you have been hired at a company is to bring the network security of the organization up to current standards. A

high priority is to have a full security audit of the network as soon as possible. You have chosen an Independent Audit and are

describing it to your coworkers. Which of the following best describes an Independent audit?

AAn independent audit is usually conducted by external or outside resources and may be a review or audit of detailed audit logs.

BThe independent audit is usually done by the current network administrators who ensure the security measures are up to
international standards.

CThe independent audit is typically done by an internal team who ensures the security measures are up to international standards.

DThe independent audit is usually done by internal resources to examine the current daily and on-going activities within a network
system for compliance with an established security policy.

EThe independent audit is typically done by a contracted outside team of security experts who check for policy compliance.

Answer : A

Question 5

You have been hired at a large company to manage network security issues. Prior to your arrival, there was no one dedicated to

security, so you are starting at the beginning. You hold a meeting and are discussing the main functions and features of network

security. One of your assistants asks what the function of Integrity in network security is. Which of the following best describes

Integrity?

AThe security must limit user privileges to minimize the risk of unauthorized access to sensitive information and areas of the
network that only authorized users should only be allowed to access.

BIntegrity verifies users to be who they say they are. In data communications, the integrity of the sender is necessary to verify that
the data came from the right source. The receiver is authenticated as well to verify that the data is going to the right destination.

CData communications as well as emails need to be protected for privacy and Integrity. Network security must provide a secure
channel for the transmission of data and email that does not allow eavesdropping by unauthorized users. Integrity ensures the privacy
of data on the network system.

DIntegrity is a security principle that ensures the continuous accuracy of data and information stored within network systems. Data
must be kept from unauthorized modification, forgery, or any other form of corruption either from malicious threats or corruption that
is accidental in nature. Upon receiving the email or data communication, integrity must be verified to ensure that the message has not
been altered, modified, or added to or subtracted from in transit by unauthorized users.

ESecurity must be established to prevent parties in a data transaction from denying their participation after the business transaction
has occurred. This establishes integrity for the transaction itself for all parties involved in the transaction.

Answer : D

Question 6

You are in the process of configuring your network firewall policy. As you begin building the content of the policy you start to

organize the document into sections. Which of the following are sections found in the firewall policy?

AThe Acceptable Use Statement

BThe Firewall Administrator Statement

CThe Network Connection Statement

DThe Incident Handling Statement

EThe Escalation Procedures Statement

Answer : A, B, C

Question 7

You have been contracted to implement a secure VPN solution in a multi-protocol (not strictly IP) network for mobile users of

your company who access your supplier's network resources. What technologies could you use in the execution of your task?

ASLIP

BSecure SLIP

CPPTP

DIPSec

EL2TP

Answer : C, E

SCP Network Defense and Countermeasures SC0-402 SCP-NDC Exam Questions