SCP SC0-402 SCP-NDC Exam Practice Test Instant Access

Question 1

You are using ISS Internet Scanner to run a vulnerability check in your network. You have implemented some new computers,

and are creating a new custom policy using the built-in Wizard. When creating a new policy from scratch, through the wizard, which

base policy will you select?

AUser1

BCustom

CClear

DTemplate

EBlank

Answer : E

Question 2

You know that when creating your rule set in Firewall-1, if a packet matches the

criteria you set forth, an action can be applied. If

the action you want applied is to allow the packet through, what action must you chose?

AAccept

BDrop

CReject

DUser Authentication

EEncrypt

Answer : A

Question 3

You are in the process of configuring your network firewall policy. As you begin building the content of the policy you start to

organize the document into sections. Which of the following are sections found in the firewall policy?

AThe Acceptable Use Statement

BThe Firewall Administrator Statement

CThe Network Connection Statement

DThe Incident Handling Statement

EThe Escalation Procedures Statement

Answer : A, B, C

Question 4

Recently, you have seen an increase in intrusion attempts and in network traffic. You decide to use Snort to run a packet capture

and analyze the traffic that is present. Looking at the example, what type of traffic did Snort capture in this log file?

APort Scan

BTrojan Scan

CBack Orifice Scan

DNetBus Scan

EPing Sweep

Answer : B

Question 5

You have found a user in your organization who has managed to gain access to a system that this user was not granted the right to

use. This user has just provided you with a working example of which of the following?

AIntrusion

BMisuse

CIntrusion detection

DMisuse detection

EAnomaly detection

Answer : A

Question 6

After a meeting between the IT department leaders and a security consultant, they decided to implement a new IDS in your

network. You are later asked to explain to your team the type of IDS that is going to be implemented. Which of the following best

describes the process of Network-Based Intrusion Detection Systems?

ANetwork-based IDS uses what are known as agents (also called sensors). These agents are in fact small programs running on the
hosts that are programmed to detect intrusions in the OS logs upon the host. They communicate with the command console, or a
central computer controlling the IDS.

BIn Network-based IDS, the OS log data is gathered and sent from the host to a centralized location. There is no significant
performance drop on the hosts because the agents simply gather information and send them elsewhere for analysis. However, due to
the nature of the design, there is no possibility of real-time detection and response.

CIn Network-based IDS, the agents on the hosts are the ones that perform the analysis. The OS log intrusion data can be monitored
in real-time. The flip side to this is that the hosts themselves may experience a bit of a performance drop as their computer is engaged
in this work constantly.

DIn a Network-Based IDS sensors are installed in key positions throughout the network, and they all report to the command console.
The sensors in this case, are full detection engines that have the ability to sniff network packets, analyze for known signatures, and
notify the console with an alert if an intrusion is detected.

EIn a Network-Based IDS sensors (also called agents) are placed on each key host throughout the network analyzing the Operating
System Event Logs for intrusion indicators. Once an incident is identified the sensor notifies the command console.

Answer : D

Question 7

Your organization assigns an Annual Loss Expectancy to assets during a risk analysis meeting. You have a server which if down

for a day will lose the company $25,000, and has a serious root access attack against it once per month. What is the ALE for this

attack against this server?

A$25,000

B$300,000

C$120,000

D$2,083

E$2,500

Answer : B

SCP SC0-402 Network Defense and Countermeasures SCP-NDC Exam Practice Test