SCP SC0-451 Exam Practice Test Instant Access

Question 1

You are configuring your new IDS machine, and are creating new rules. You enter the following rule: Alert tcp any any -> 10.0.10.0/24 any (msg: "NULL scan detected"; flags: 0;) What is the effect of this rule?

AThis is a logging rule, designed to capture NULL scans originating from the 10.0.10.0/24 network.

BThis is a logging rule, designed to capture NULL scans.

CThis is an alert rule, designed to notify you of NULL scans of the network in either direction.

DThis is an alert rule, designed to notify you of NULL scans of the network in one direction.

EThis is a logging rule, designed to notify you of NULL scans.

Answer : D

Question 2

You are designing a new IPSec implementation for your organization, and are trying to determine your security needs. You need to clearly understand the implementation choices, before you make any changes to the network. Which of the following describes what transport and tunnel modes protect using IPSec?

AIn transport mode, IPSec protects upper-layer protocols.

BIn transport mode, IPSec protects just the TCP header.

CIn tunnel mode, IPSec protects the upper-layer protocols.

DIn transport mode, IPSec protects the entire IP packet.

EIn tunnel mode, IPSec protects the entire IP packet.

FIn tunnel mode, IPSec protects just the IP header.

Answer : A, E

Question 3

You are configuring your new IDS machine, and are creating new rules. You enter the following rule: Alert tcp any any -> 10.0.10.0/24 any (msg: "SYN-FIN scan detected"; flags:SF;) What is the effect of this rule?

AThis is an alert rule, designed to notify you of SYN-FIN scans of the network in one direction.

BThis is an alert rule, designed to notify you of SYN-FIN scans of the network in either direction.

CThis is a logging rule, designed to capture SYN-FIN scans.

DThis is a logging rule, designed to notify you of SYN-FIN scans.

EThis is an alert rule, designed to notify you of SYN-FIN scans originating from the 10.0.10.0/24 network.

Answer : A

Question 4

You are configuring the new Intrusion Detection System at your office. Your CEO asks you what the IDS will do for the organization. You tell the CEO about the three main components of Network Security and explain how an IDS can be used to meet two of those components. What are the two major components of network security that an IDS can meet?

APrevention

BAnalysis

CDetection

DInterpretation

EResponse

Answer : C, E

Question 5

Your network is a mixed environment of Windows, Linux, and UNIX, computers. The routers are primarily Cisco and the network uses a T-1 to connect to the Internet. You are experimenting with setting up a mail server in a production environment for internal use only. You do not want this mail server to receive any requests from anywhere but the internal network. Therefore you have decided to block incoming SMTP traffic at the Firewall. Which port will you block at the Firewall?

A23

B25

C53

D80

E110

Answer : B

Question 6

You are building the rules of your new firewall. You wish to allow only (Internal) access to standard www sites on the Internet (External). You wish for all other traffic to be disallowed. Which of the following rules will you have to implement to make this happen?

ADirection: Inbound, Protocol: TCP, Source IP: Internal, Destination IP: External, Source Port: 80, Destination Port: >=1024, Action: Allow.

BDirection: Outbound, Protocol: TCP, Source IP: External, Destination IP: Internal, Source Port: 80, Destination Port: >=1024, Action: Allow.

CDirection: Outbound, Protocol: TCP, Source IP: Internal, Destination IP: External, Source Port: >=1024, Destination Port: 80, Action: Allow.

DDirection: Inbound, Protocol: TCP, Source IP: External, Destination IP: Internal, Source Port: 80, Destination Port: >=1024, Action: Allow.

EDirection: Inbound, Protocol: WWW, Source IP: Internal, Destination IP: External, Source Port: 80, Destination Port: >=1024, Action: Allow

Answer : C, D

Question 7

It is a given that two computers that communicate using TCP/IP as the protocol must use valid addresses and media to do so. What combination of the following is required to create a TCP/IP socket?

AThe MAC Address, the IP Address and the IP Protocol ID

BThe IP Address, the IP Protocol ID and a Port number

CThe MAC Address and the IP Protocol ID

DThe MAC Address, the IP Protocol ID and a Port number

EThe Ethertype and a Port number

Answer : B

SCP SC0-451 Tactical Perimeter Defense Exam Practice Test