861 お客様のコメント
質問 1:
Irina has contracted with a company to provide Web design consulting services. The company has asked her to use several large files available via an HTTP server. The IT department has provided Irina with user name and password, as well as the DNS name of the HTTP server. She then used this information to obtain the files she needs to complete her task using Mozilla Firefox. Which of the following is a primary risk factor when authenticating with a standard HTTP server?
A. A standard HTTP connection uses public-key encryption that is not sufficiently strong, inviting the possibility of a man-in-the-middle attack.
B. Irina has used the wrong application for this protocol, thus increasing the likelihood of a man-in-the-middle attack.
C. Irina has accessed the Web server using a non-standard Web browser.
D. HTTP uses cleartext transmission during authentication, which can lead to a man-in-the- middle attack.
正解:D
質問 2:
Which of the following is a typical target of a trojan on a Linux system?
A. Kernel modules
B. Boot sector files
C. Shared libraries
D. System32 DLL files
正解:A
質問 3:
You want to create a quick solution that allows you to obtain real-time login information for the administrative account on an LDAP server that you feel may become a target. Which of the following will accomplish this goal?
A. Reinstall the LDAP service on the server so that it is updated and more secure.
B. Create a login script for the administrative account that records logins to a separate server.
C. Create a dummy administrator account on the system so that a potential hacker is distracted from the real login account.
D. Install an application that creates checksums of the contents on the hard disk.
正解:B
質問 4:
You have discovered that the ls, su and ps commands no longer function as expected.
They do not return information in a manner similar to any other Linux system. Also, the implementation of Tripwire you have installed on this server is returning new hash values.
Which of the following has most likely occurred?
A. A spyware application has been installed.
B. A SQL injection attack has occurred.
C. A root kit has been installed on the system.
D. A trojan has attacked the system.
正解:C
質問 5:
What is the first tool needed to create a secure networking environment?
A. User authentication
B. Auditing
C. Confidentiality
D. Security policy
正解:D
質問 6:
You want to create a certificate for use in a Secure Sockets Layer (SSL) session. Which of the following is responsible for verifying the identity of an individual and also issuing the certificate?
A. Certificate authority
B. Certificate repository
C. Kerberos server
D. Certificate revocation entity
正解:A
Irina has contracted with a company to provide Web design consulting services. The company has asked her to use several large files available via an HTTP server. The IT department has provided Irina with user name and password, as well as the DNS name of the HTTP server. She then used this information to obtain the files she needs to complete her task using Mozilla Firefox. Which of the following is a primary risk factor when authenticating with a standard HTTP server?
A. A standard HTTP connection uses public-key encryption that is not sufficiently strong, inviting the possibility of a man-in-the-middle attack.
B. Irina has used the wrong application for this protocol, thus increasing the likelihood of a man-in-the-middle attack.
C. Irina has accessed the Web server using a non-standard Web browser.
D. HTTP uses cleartext transmission during authentication, which can lead to a man-in-the- middle attack.
正解:D
質問 2:
Which of the following is a typical target of a trojan on a Linux system?
A. Kernel modules
B. Boot sector files
C. Shared libraries
D. System32 DLL files
正解:A
質問 3:
You want to create a quick solution that allows you to obtain real-time login information for the administrative account on an LDAP server that you feel may become a target. Which of the following will accomplish this goal?
A. Reinstall the LDAP service on the server so that it is updated and more secure.
B. Create a login script for the administrative account that records logins to a separate server.
C. Create a dummy administrator account on the system so that a potential hacker is distracted from the real login account.
D. Install an application that creates checksums of the contents on the hard disk.
正解:B
質問 4:
You have discovered that the ls, su and ps commands no longer function as expected.
They do not return information in a manner similar to any other Linux system. Also, the implementation of Tripwire you have installed on this server is returning new hash values.
Which of the following has most likely occurred?
A. A spyware application has been installed.
B. A SQL injection attack has occurred.
C. A root kit has been installed on the system.
D. A trojan has attacked the system.
正解:C
質問 5:
What is the first tool needed to create a secure networking environment?
A. User authentication
B. Auditing
C. Confidentiality
D. Security policy
正解:D
質問 6:
You want to create a certificate for use in a Secure Sockets Layer (SSL) session. Which of the following is responsible for verifying the identity of an individual and also issuing the certificate?
A. Certificate authority
B. Certificate repository
C. Kerberos server
D. Certificate revocation entity
正解:A
Miyanishi -
もちろん合格することが目標ではあるが、1D0-571知識としてこれだけの情報を持っていれば、仕事にも必ず役に立つ。勉強することができます。