♥♥ 2018 NEW RECOMMEND ♥♥

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW 1D0-571 Exam Dumps (PDF & VCE):
Available on: https://www.exambible.com/1D0-571-exam/

It is more faster and easier to pass the CIW 1D0-571 exam by using Best Quality CIW CIW v5 Security Essentials questuins and answers. Immediate access to the Latest 1D0-571 Exam and find the same core area 1D0-571 questions with professionally verified answers, then PASS your exam with a high score now.

Q9. Which of the following is most likely to address a problem with an operating system's ability to withstand an attack that attempts to exploit a buffer overflow?

A. Firewall

B. Software update

C. Intrusion detection system

D. Network scanner

Answer: B


Q10. You have been assigned to configure a DMZ that uses multiple firewall components. Specifically, you must configure a router that will authoritatively monitor and, if necessary, block traffic. This device will be the last one that inspects traffic before it passes to the internal network. Which term best describes this device?

A. Screening router

B. Bastion host

C. Proxy server

D. Choke router

Answer: D


Q11. Consider the following image of a packet capture:

Which of the following best describes the protocol used, along with its primary benefit?

A. It is a passive FTP session, which is easier for firewalls to process.

B. It is an active FTP session, which is necessary in order to support IPv6.

C. It is an extended passive FTP session, which is necessary to support IPv6.

D. It is an active FTP session, which is supported by all FTP clients.

Answer: A


Q12. Consider the following diagram:

Which of the following best describes the protocol activity shown in the diagram, along with the most likely potential threat that accompanies this protocol?

A. The ICMP Time Exceeded message, with the threat of a denial-of-service attack

B. The SIP three-way handshake, with the threat of a buffer overflow

C. The TCP three-way handshake, with the threat of a man-in-the-middle attack

D. The DNS name query, with the threat of cache poisoning

Answer: C


Q13. Which tool is best suited for identifying applications and code on a Web server that can lead to a SQL injection attack?

A. A vulnerability scanner

B. A packet sniffer

C. An intrusion-detection system

D. A network switch

Answer: A


Q14. You want to create a quick solution that allows you to obtain real-time login information for the administrative account on an LDAP server that you feel may become a target. Which of the following will accomplish this goal?

A. Reinstall the LDAP service on the server so that it is updated and more secure.

B. Install an application that creates checksums of the contents on the hard disk.

C. Create a login script for the administrative account that records logins to a separate server.

D. Create a dummy administrator account on the system so that a potential hacker is distracted from the real login account.

Answer: C


Q15. Which of the following can help you authoritatively trace a network flooding attack?

A. Your ISP

B. Firewall logs

C. Router logs

D. Ping

Answer: A


Q16. You purchased a network scanner six months ago. In spite of regularly conducting scans using this software, you have noticed that attackers have been able to compromise your servers over the last month.

Which of the following is the most likely explanation for this problem?

A. The network scanner needs to be replaced.

B. The network scanner is no substitute for scans conducted by an individual.

C. The network scanner has atrojan.

D. The network scanner needs an update.

Answer: D