SCP SC0-451 Exam Questions Instant Access

Question 1

When using IPTables, the ability to specify all possible IP addresses in a rule is included; which of the following are correct syntax for specifying all possible IP addresses?

Aip=0/0

B0/0

Cany

DIP=all

EIP=any

Answer : B, C

Question 2

Your company has created it's security policy and it's time to get the firewall in place. Your group is trying to decide whether to build a firewall or buy one. What are some of the benefits to purchasing a firewall rather than building one?

AThey usually have a good management GUI.

BThey offer good logging and alerting.

CYou do not need to configure them.

DThe OS doesn't need to be hardened before installing the vendor's firewall on it.

EThey often do real time monitoring.

Answer : A, B, E

Question 3

You are configuring a new custom IPSec policy on your Windows Server 2003 machine. On the rules tab, you find the three default options under the IP Filter List. What are these three default options?

AAll TCP Traffic

BAll UDP Traffic

CAll IP Traffic

DAll ICMP Traffic

E<Dynamic>

Answer : C, D, E

Question 4

You have been working with Snort, on your Windows Server 2003, for sometime as a packet capture tool, and now wish to connect Snort to a database on your server. You install MySQL as the database, and are ready to configure Snort. If the database is named: snortdb1, has a user name of: snort, and a password of: snortpass, what is the configuration line you need to add to Snort?

Aoutput database: log, mysql, username:snort, password:snortpass, dbname:snortdb1, host:localhost

Boutput database: log: mysql: user=snort: password=snortpass: dbname=snortdb1: host=localhost

Coutput database: log; mysql; username:snort; password:snortpass; dbname:snortdb1; host:localhost

Doutput database log mysql user=snort password=snortpass dbname=snortdb1 host=localhost

Eoutput database: log, mysql, user=snort password=snortpass dbname=snortdb1 host=localhost

Answer : E

Question 5

During a network analysis session, you capture several TCP/IP sessions. You focus your analysis on the IP Headers. In an IP Header, what is the function of the first four bits?

ATo define the type

BTo define the source port number

CTo define the destination port number

DTo define the IP Version

ETo define the upper layer protocol

Answer : D

Question 6

Which of the following is a potential weakness of a commercial firewall product that is installed on a hardened machine?

AThat you will not be able to use it in conjunction with personal firewalls on user's desktop machines.

BYou will have to give the vendor confidential network information.

CYou will be required to use the configuration that the vendor assigns you.

DThat the firewall's vendor may be compromised and your private information may publicly available.

EThat it may be vulnerable to attacks targeting the underlying Operating System.

Answer : E

Question 7

In order to perform promiscuous mode captures using the Wireshark capture tool on a Windows Server 2003 machine, what must first be installed?

AIPv4 stack

BIPv6 stack

CWinPcap

DNothing, it will capture by default

EAt least two network adapters

Answer : C

SCP Tactical Perimeter Defense SC0-451 Exam Questions