1D0-571 Exam Dumps - CIW v5 Security Essentials

Go to page:

Question # 4

Which of the following is a common problem, yet commonly overlooked, in regards to physical security in server rooms?

Firewalls that do not have a dedicated backup

False ceilings

Logic bombs

Biometric malfunctions

Full Access

Question # 5

Consider the following series of commands from a Linux system: iptables -A input -p icmp -s 0/0 -d 0/0 -j REJECT Which explanation best describes the impact of the resulting firewall ruleset?

Individuals on remote networks will no longer be able to use SSH to control internal network resources.

Internal hosts will not be able to ping each other using ICMP.

Stateful multi-layer inspection has been enabled.

Individuals on remote networks will not be able to use ping to troubleshoot connections.

Full Access

Question # 6

Which tool is best suited for identifying applications and code on a Web server that can lead to a SQL injection attack?

A vulnerability scanner

A packet sniffer

An intrusion-detection system

A network switch

Full Access

Question # 7

A CGI application on the company's Web server has a bug written into it. This particular bug allows the application to write data into an area of memory that has not been properly allocated to the application. An attacker has created an application that takes advantage of this bug to obtain credit card information. Which of the following security threats is the attacker exploiting, and what can be done to solve the problem?

- Buffer overflow

- Work with the Web developer to solve the problem

- SQL injection

- Work with a database administrator to solve the problem

- Denial of service

- Contact the organization that wrote the code for the Web server

- Man-in-the-middle attack

- Contact the company auditor

Full Access

Question # 8

Consider the following diagram involving two firewall-protected networks: