SCP SC0-402 SCP-NDC Exam Questions Instant Access

Question 1

You are the firewall administrator at your company and the network administrators have decided to implement an IPSec VPN

solution. Which port would you need to allow through the firewall to allow the Internet Key Exchange traffic to reach the VPN server

inside your network?

AUDP 447

BUDP 47

CTCP 500

DTCP 447

EUDP 500

Answer : E

Question 2

You have run a complete check of your file server using ISS System Scanner. Once the scan has finished, and you wish to learn

more about a vulnerability presented, which of the following is the quickest method to learn more?

AHighlight the vulnerability, and press Details from the Report drop-down menu

BClick the Hyperlink built into the vulnerability listing

CClick the Question mark in the upper right hand corner and select the vulnerability

DUse the built-in Help option to list the vulnerability

ERight-Click the vulnerability for more information

Answer : E

Question 3

In the past it was, at times, difficult to locate current information on security vulnerabilities. What is the name of the security

community's effort to create a comprehensive database of multiple vulnerabilities and security tools?

ACommon Vulnerabilities and Exploits

BCataloged Venerations and Exposures

CCommon Vulnerabilities and Exposures

DCataloged Vulnerabilities and Exposures

ECataloged Vulnerabilities and Exploits

Answer : C

Question 4

When installing a firewall, what is the process by which you remove un-needed services and features from a machine to reduce

the risk of vulnerabilities to the underlying OS called?

ATightening

BCascading

CStreamlining

DCleansing

EHardening

Answer : E

Question 5

As per the guidelines in the ISO Security Policy standard, what is the purpose of the section on Business Continuity Planning?

AThe objectives of this section are to maintain appropriate protection of corporate assets and to ensure that information assets
receive an appropriate level of protection.

BThe objectives of this section are to provide management direction and support for information security.

CThe objectives of this section are to counteract interruptions to business activities and to critical business processes from the effects
of major failures or disasters.

DThe objectives of this section are to avoid breaches of any criminal or civil law, statutory, regulatory or contractual obligations and
of any security requirements, and to ensure compliance of systems with organizational security policies and standards.

EThe objectives of this section are to control access to information, to prevent unauthorized access to information systems, to ensure
the protection of networked services, and to prevent unauthorized computer access.

Answer : C

Question 6

You are considering adding layers to your authentication system currently in place. Reading through some of the vendor

literature on logon solutions, it frequently mentions two and three factor authentication. Your assistant asks you what the difference

between the two is. Select the options that correctly describe two-factor and three-factor authentication:

ATwo-factor authentication is the process providing something you have along with something you know.

BTwo-factor authentication is the process of providing two forms of authentication, such as a username and a password.

CTwo-factor authentication is the process of authenticating twice during the login sequence to verify user identity.

DThree-factor authentication is the process of providing something you have along with something you know and something you are.

EThree-factor authentication is the process of providing three forms of authentication, such as username, password, and sitting at the
physical machine to login.

FThree-factor authentication is the process of authenticating three times during the login sequence to verify user identity.

Answer : A, D

Question 7

You have been hired at a large company to manage network security issues. Prior to your arrival, there was no one dedicated to

security, so you are starting at the beginning. You hold a meeting and are discussing the main functions and features of network

security. One of your assistants asks what the function of Confidentiality in network security is. Which of the following best describes

Confidentiality?

AConfidentiality verifies users to be who they say they are. The receiver is authenticated as well to verify that the data is going to the
right destination.

BData communications as well as emails need to be protected in order to maintain appropriate levels of privacy and confidentiality.
Data confidentiality ensures the privacy of data on the network system.

CThe security must limit user privileges to minimize the risk of unauthorized access to sensitive information and areas of the
network that only authorized users should only be allowed to access.

DSecurity must be established to prevent parties in a data transaction from denying their participation after the business transaction
has occurred. This establishes Confidentiality for the transaction itself for all parties involved in the transaction.

EConfidentiality is a security principle that ensures the continuous accuracy of data and information stored within network systems.

Answer : B

SCP Network Defense and Countermeasures SC0-402 SCP-NDC Exam Questions