SCP SC0-402 SCP-NDC Exam Practice Test Instant Access

Question 1

During your setup of ISA you know that there is an interface which you don't want ISA to filter, how do you make sure ISA will

ignore traffic for the interface?

AMake sure the interface is not listed in the Network Configuration Options

BMake sure the interface is not listed in the LDT during install

CMake sure the interface does not have Protocol Rule blocking it

DMake sure the interface is not selected in the LAT during the install

EMake sure the interface does not have a Site and Content Rule blocking it

Answer : D

Question 2

Which two of the following are factors that must be considered in determining the likelihood of occurrence during a risk analysis

review?

AWhat are the methods available to attack this asset?

BWhat are the costs associated with protecting this asset?

CDoes the threat have sufficient capability to exercise the attack?

DDoes the threat have the motivation or incentive to exercise the attack?

EAre any of the assets worthy of an attack?

Answer : C, D

Question 3

While configuring your ISS Internet Scanner to run in your network, you have decided to check for a specific Denial of Service

vulnerability that may be present. You have decided to let the users of the network know about the upcoming scan. What is the reason

you would inform all the users of such a scan?

ARunning the scan will tie up local HD space on each user computer, and you need the users to be aware of this.

BRunning the scan will use bandwidth, and you want the users to be prepared.

CRunning the scan will use the CPU cycles on the Main File Servers, and you need the users to be aware of this.

DRunning the scan will use the CPU cycles on each user computer, and you need the users to be aware of this.

ERunning the scan will trigger an alert at the ISP, and they may shutoff your Internet access temporarily.

Answer : B

Question 4

The network you are managing has just had a new ISA server installed as the Firewall. You have been given the responsibility of

managing this new piece of equipment. During the configuration of this machine, you wish to create a new Protocol Rule. Which of

the following are the two different types of rules you may create?

ALogical Protocol Rule

BStandard Protocol Rule

CExtensible Protocol Rule

DProtocol Rule for Intranet Access

EProtocol Rule for Internet Access

Answer : B, E

Question 5

Recently, you have seen an increase in intrusion attempts and in network traffic. You decide to use Snort to run a packet capture

and analyze the traffic that is present. Looking at the example, what type of traffic did Snort capture in this log file?

ANmap XMAS Scan

BNmap NULL Scan

CNmap SYN Scan

DNmap ACK Scan

ENmap SYN/FIN Scan

Answer : A

Question 6

Which of the following best describes the Total Replacement Model?

AThe total replacement model makes use of the acknowledged skills and abilities of the existing personnel. Knowing that assets have
very specific dollar values assigned to them, the choice on how to manage the asset is based on the experience of the personnel.

BBefore incurring the cost for replacing of an inoperative asset, check for maintenance agreements that may include the cost of
repair or the actual repair itself. Nevertheless, the total replacement model should focus on the repairing of the downed asset to its
working status within the network infrastructure. Keep in mind that after hardware costs, costs for the reloading or replacement of
software can be a large cost factor as well.

CAssets will typically cost much more than the original capital outlay that it took to purchase it long ago. Replacement costs can be
very high and a decision to exercise this model should not be made in haste. There are also depreciation issues to deal with as well. In
any case, this model should be the last resort because of cost and may be the most time consuming.

DThe total replacement model is the transference of risk to an insurance company that covers the costs of replacing the critical assets
within your network. The drawbacks are increase in premiums after making a claim, high premiums anyway, down time while the
insurance company is processing the claim, and claim may not pay what replacement costs are today.

EThe total replacement model makes use of preventive measures and regular service as well as updates such as Service Packs,
maintenance updates, and patches, before deciding to replace the asset. Preventive measures can also improve the chances of the
replacement model working better than if the system had no preventive measures ever taken.

Answer : C

Question 7

You are the firewall administrator at your company and the network administrators have decided to implement a VPN solution

that will use L2TP. Which port or ports would you need to allow through the firewall to allow the L2TP traffic to reach the VPN

server inside your network from a remote client?

ATCP 1723

BUDP 47

CUDP 1701

DTCP 443

EUDP 500

Answer : C

SCP Network Defense and Countermeasures SC0-402 SCP-NDC Exam Practice Test