SCP SC0-451 Exam Practice Test Instant Access

Question 1

You are configuring your new IDS machine, and are creating new rules. You enter the following rule: Alert tcp any any -> 10.0.10.0/24 any (msg: "NULL scan detected"; flags: 0;) What is the effect of this rule?

AThis is a logging rule, designed to capture NULL scans originating from the 10.0.10.0/24 network.

BThis is a logging rule, designed to capture NULL scans.

CThis is an alert rule, designed to notify you of NULL scans of the network in either direction.

DThis is an alert rule, designed to notify you of NULL scans of the network in one direction.

EThis is a logging rule, designed to notify you of NULL scans.

Answer : D

Question 2

You are designing a new IPSec implementation for your organization, and are trying to determine your security needs. You need to clearly understand the implementation choices, before you make any changes to the network. Which of the following describes what transport and tunnel modes protect using IPSec?

AIn transport mode, IPSec protects upper-layer protocols.

BIn transport mode, IPSec protects just the TCP header.

CIn tunnel mode, IPSec protects the upper-layer protocols.

DIn transport mode, IPSec protects the entire IP packet.

EIn tunnel mode, IPSec protects the entire IP packet.

FIn tunnel mode, IPSec protects just the IP header.

Answer : A, E

Question 3

You are configuring your new IDS machine, and are creating new rules. You enter the following rule: Alert tcp any any -> 10.0.10.0/24 any (msg: "SYN-FIN scan detected"; flags:SF;) What is the effect of this rule?

AThis is an alert rule, designed to notify you of SYN-FIN scans of the network in one direction.

BThis is an alert rule, designed to notify you of SYN-FIN scans of the network in either direction.

CThis is a logging rule, designed to capture SYN-FIN scans.

DThis is a logging rule, designed to notify you of SYN-FIN scans.

EThis is an alert rule, designed to notify you of SYN-FIN scans originating from the 10.0.10.0/24 network.

Answer : A

Question 4

You are configuring the new Intrusion Detection System at your office. Your CEO asks you what the IDS will do for the organization. You tell the CEO about the three main components of Network Security and explain how an IDS can be used to meet two of those components. What are the two major components of network security that an IDS can meet?

APrevention

BAnalysis

CDetection

DInterpretation

EResponse

Answer : C, E

Question 5

Your network is a mixed environment of Windows, Linux, and UNIX, computers. The routers are primarily Cisco and the network uses a T-1 to connect to the Internet. You are experimenting with setting up a mail server in a production environment for internal use only. You do not want this mail server to receive any requests from anywhere but the internal network. Therefore you have decided to block incoming SMTP traffic at the Firewall. Which port will you block at the Firewall?

A23

B25

C53

D80

E110

Answer : B

Question 6

You have just installed a new IDS and are creating the analysis options. Since you wish for your options to be based on time, which of the following will be able to meet your analysis needs?

AInterval Analysis

BReal-time Analysis

CStatistical Analysis

DSignature Analysis

EBehavioral Use Analysis

Answer : A, B

Question 7

You have been given the task of adding some new wireless equipment to the existing wireless network in your office. What wireless standard allows for up to 54 Mbps transmission rates and is compatible with 802.11b?

A802.1a

B802.11e

C802.11c

D802.11g

E802.11i

Answer : D

SCP SC0-451 Tactical Perimeter Defense Exam Practice Test