Winter Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: v4s65

  1. Home
  2. Exin
  3. Exin certification
  4. SCNP - SCNP Strategic Infrastructure Security
Note! Following SCNP Exam is Retired now. Please select the alternative replacement for your Exam Certification.

SCNP Exam Dumps - SCNP Strategic Infrastructure Security

Go to page:
Question # 9

You are creating the Remote Access section of your organizational security policy. From the following options, select the questions to use for the formation of this section?

A.

What methods of remote access are allowed (cable modem, DSL, and so on)?

B.

How are partner VPNs to be configured (to firewall or host)?

C.

Which users are authorized to install networking devices into computers?

D.

What is the process for becoming authorized for remote access?

E.

Is the entire network accessible remotely?

Full Access
Question # 10

You are forming the security policy for your organization. You have identified those in the organization who will participate in the creation of the policy. Several of the people you have contacted wish to know what will be on the agenda during the first meeting. During the very first policy design meeting, which of the following issues will you tell those in the policy committee to discuss?

A.

Identification of the critical business resources

B.

Identification of the infrastructure architecture

C.

Determination of the type of policy to create

D.

Identification of the critical business policies

E.

Determination of the critical policies of key connected business partners

Full Access
Question # 11

Recently at your organization you have been requested to lead the team in performing a new Risk Analysis of the organization. During the first team meeting you identify to your team the three areas of Risk Analysis. What are those three areas?

A.

Verifying Risk, Minimizing Risk, Removing Risk

B.

Qualifying Risk, Mitigating Risk, Removing Risk

C.

Predicating Risk, Qualifying Risk, Minimizing Risk

D.

Predicting Risk, Quantifying Risk, Mitigating Risk

E.

Quantifying Risk, Mitigating Risk, Removing Risk

Full Access
Question # 12

You have just downloaded a new file, called scnpfile.tar.gz. You are going to verify the file prior to un-archiving the file. Which command do you need to type to un-compress the file, prior to un-archiving?

A.

tar xvf scnpfile.tar.gz

B.

tar -zxvf scnpfile.tar.gz

C.

gunzip scnpfile.tar.gz

D.

gunzip -xvf scnpfile.tar.gz

E.

gunzip -zxvf scnpfile.tar.gz

Full Access
Question # 13

Recently, you have seen an increase in intrusion attempts and in network traffic. You decide to use Snort to run a packet capture and analyze the traffic that is present. Looking at the example, what type of traffic did Snort capture in this log file?

A.

Linux Ping Response

B.

Linux Ping Request

C.

Windows 2000 Ping Request

D.

Windows 2000 Ping Response

E.

Windows NT 4.0 Ping Request

Full Access
Question # 14

In order for your newly written security policy to have any weight, it must be implemented. Which of the following are the three components of a successful Security Policy Implementation in an organization?

A.

Policy Monitoring

B.

Policy Design

C.

Policy Committee

D.

Policy Enforcement

E.

Policy Documentation

Full Access
Question # 15

After a security meeting, IT leaders decided that the organization will perform a completely new risk analysis, as the previous one was done over five years ago. The methods that will be used is FRAP. Which of the following best describes the FRAP method of risk analysis?

A.

FRAP involves assigning team members to identify specific vulnerabilities. Once the vulnerabilities have been identified, a level of risk is assigned, as a factor of times per year this vulnerability may be exploited.

Finally, a dollar value in lost revenue is assigned to each asset that can be compromised by this vulnerability.

B.

FRAP is a team method. Individuals from different aspects of an organization form a committee. Once together, they discuss the areas of risk, the likelihood of a threat, the impact of the threat, and the methods that should be used to minimize the threat.

C.

FRAP involves assigning dollar values to assets, and calculating how often a threat to the asset will occur. Once determined an approximate dollar value to each asset and threat combination is calculated.

D.

FRAP is the process of determining the likelihood of a threat as medium, high, or low. Once the likelihood is determined the cost is identified, again as medium, high, or low. Finally, based on cost, a response to the threat is determined.

E.

FRAP is the process of determining the likelihood of a threat as medium, high, or low. Once the likelihood is determined, the level of damage is identified, again as high, medium, or low. Finally, the response to the threat is determined.

Full Access
Question # 16

You work for a medium sized ISP and there have been several attacks of the DNS configuration recently.

You are particularly concerned with DNS Spoofing and other DNS attacks. If an attacker is able to take advantage of a BIND vulnerability to gain root access, this is which type of DNS Attack?

A.

DNS Server Compromise

B.

DNS Cache Poisoning

C.

Spoofing the DNS Response

D.

DNS Source-Router Spoof

E.

IXFR Source-Spoof

Full Access
Go to page:

Hot Exams

ADM-201 Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
350-701 Dumps
SY0-601 Dumps
NCSE-Core Dumps
PDP9 Dumps
DP-203 Dumps
AZ-700 Dumps
NSE7_EFW-7.0 Dumps
Integration-Architect Dumps
CS0-003 Dumps