• Home
  • Articles
  • Dec-2024 FREE CIW 1D0-671 PRACTICE QUESTIONS AND ANSWERS UPDATES [Q54-Q75]

Dec-2024 FREE CIW 1D0-671 PRACTICE QUESTIONS AND ANSWERS UPDATES [Q54-Q75]

Share

Dec-2024 FREE CIW 1D0-671 PRACTICE QUESTIONS AND ANSWERS UPDATES

DEMO FREE BEFORE YOU BUY 1D0-671 DUMPS

NEW QUESTION # 54
Which choice lists typical firewall functions?

  • A. Issuing alerts and limiting host access
  • B. Creating a VLAN and configuring the intrusion-detection system
  • C. Logging traffic and creating a choke point
  • D. Implementing the security policy and scanning the internal network

Answer: C


NEW QUESTION # 55
Irina has contracted with a company to provide Web design consulting services. The company has asked her to use several large files available via an HTTP server.
The IT department has provided Irina with user name and password, as well as the DNS name of the HTTP server. She then used this information to obtain the files she needs to complete her task using Mozilla Firefox.
Which of the following is a primary risk factor when authenticating with a standard HTTP server?

  • A. Irina has used the wrong application for this protocol, thus increasing the likelihood of a man-in- the- middle attack.
  • B. HTTP uses cleartext transmission during authentication, which can lead to a man-in-the- middle attack.
  • C. Irina has accessed the Web server using a non-standard Web browser.
  • D. A standard HTTP connection uses public-key encryption that is not sufficiently strong, inviting the possibility of a man-in-the-middle attack.

Answer: B


NEW QUESTION # 56
Which type of encryption poses challenges to key transport?

  • A. Hash encryption
  • B. Asymmetric-key encryption
  • C. Diffie-Hellman
  • D. Symmetric-key encryption

Answer: D


NEW QUESTION # 57
Which type of certificate is used to verify a company's Web server?

  • A. Certificate authority certificate
  • B. Server certificate
  • C. Personal certificate
  • D. Software or publisher certificate

Answer: B


NEW QUESTION # 58
Why can instant messaging (IM) and peer-to-peer (P2P) applications be considered a threat to network security?

  • A. Because they use ports below 1023 and many firewalls are not configured to block this traffic
  • B. Because they usually lie outside the broadcast domain
  • C. Because they are susceptible to VLAN hopping
  • D. Because they use ports above 1023 and many firewalls are not configured to block this traffic

Answer: D


NEW QUESTION # 59
You have been assigned to configure a DMZ that uses multiple firewall components. Specifically, you must configure a router that will authoritatively monitor and, if necessary, block traffic. This device will be the last one that inspects traffic before it passes to the internal network.
Which term best describes this device?

  • A. Proxy server
  • B. Bastion host
  • C. Screening router
  • D. Choke router

Answer: D


NEW QUESTION # 60
Which term is used to describe the activity of a hacker who enters a computer network and begins mapping the contents of the system?

  • A. Trojan
  • B. Spoofing
  • C. Virus planting
  • D. System snooping

Answer: D


NEW QUESTION # 61
Which of the following can help reduce the likelihood of a successful dictionary attack?

  • A. The use of Microsoft Active Directory
  • B. An IPSEC-based VPN
  • C. A security policy
  • D. A strong password policy

Answer: D


NEW QUESTION # 62
Which step in security policy implementation ensures that security policy will change as technology advances?

  • A. Repeat the process and keep current.
  • B. Publish the security policy.
  • C. Secure each resource and service.
  • D. Log, test and evaluate.

Answer: A


NEW QUESTION # 63
Which technique can help to protect an FTP server?

  • A. Place downloads on the same partition as the FTP server binaries.
  • B. When setting IP-based blocking rules for the FTP server, move the FTP files to C:\ftpfiles for maximum security.
  • C. Install the operating system on the same partition as the FTP server.
  • D. Use separate FTP user accounts from those used to access the Web.

Answer: D


NEW QUESTION # 64
Which of the following is a typical target of a trojan on a Linux system?

  • A. Kernel modules
  • B. System32 DLL files
  • C. Shared libraries
  • D. Boot sector files

Answer: A


NEW QUESTION # 65
You have just deployed an application that uses hash-based checksums to monitor changes in the configuration scripts of a database server that is accessible via the Internet.
Which of the following is a primary concern for this solution?

  • A. The extra hard disk space required to store the database of checksums
  • B. The security of the checksum database on a read-only media format
  • C. The possibility of a buffer overflow attack leading to a security breach
  • D. The amount of memory remaining now that the checksum-based application is running

Answer: B


NEW QUESTION # 66
Which of the following is a security principle that allows you to protect your network resources?

  • A. Avoid being suspicious of legitimate activity.
  • B. Provide training for end users and IT workers.
  • C. Deploy security enforcement only in the largest departments.
  • D. Realize that some high-end systems should stand alone.

Answer: B


NEW QUESTION # 67
A new video conferencing device has been installed on the network. You have been assigned to troubleshoot a connectivity problem between remote workers and the central company. Specifically, remote workers are having problems making any connection at all.
Which technique will most likely help you solve this problem while retaining the existing level of security at the firewall?

  • A. Configure a second network connection directly to the video conferencing device.
  • B. Configure the firewall to provide VPN access.
  • C. Deny all use of UDP above Port 1024.
  • D. Allow all use of UDP below Port 1024.

Answer: B


NEW QUESTION # 68
After you have determined that a hacker has entered your system, what is the first step you should take?

  • A. Review the pre-written security response policy.
  • B. Determine the scope of the breach on affected systems.
  • C. Document the hacker's activity after penetration has occurred.

Answer: A


NEW QUESTION # 69
A disgruntled employee has discovered that the company Web server is not protected against particular buffer overflow vulnerability.
The disgruntled employee has created an application to take advantage of this vulnerability and secretly obtain sensitive data from the Web server's hard disk. This application sends a set of packets to the Web server that causes it to present an unauthenticated terminal with root privileges.
What is the name for this particular type of attack?

  • A. Trojan
  • B. Denial of service
  • C. Zero-day attack
  • D. Man-in-the-middle attack

Answer: C


NEW QUESTION # 70
Which of the following tools allows you to implement packet filtering for a network?

  • A. Bridge
  • B. Router
  • C. Browser
  • D. Hub

Answer: B


NEW QUESTION # 71
Requests for Web-based resources have become unacceptably slow. You have been assigned to implement a solution that helps solve this problem.
Which of the following would you recommend?

  • A. Implement caching on the network proxy server
  • B. Enable stateful multi-layer inspection on the packet filter
  • C. Enable authentication on the network proxy server
  • D. Implement a screening router on the network DMZ

Answer: A


NEW QUESTION # 72
At the beginning of an IPsec session, which activity occurs during the Internet Key Exchange (IKE)?

  • A. Determining the network identification number
  • B. Determining the number of security associations
  • C. Negotiating the version of IP to be used
  • D. Negotiating the authentication method

Answer: D


NEW QUESTION # 73
Which of the following is a primary auditing activity?

  • A. Encrypting data files
  • B. Changing login accounts
  • C. Configuring the firewall
  • D. Checking log files

Answer: D


NEW QUESTION # 74
To implement a successful security system, you should:

  • A. place your firewall and network in a public area so that authorized users have easy access to them to solve problems as they occur.
  • B. use as many security principles and techniques as you can to protect each resource.
  • C. implement beta software and operating systems that hold the promise of enhanced security measures.
  • D. find a product that can offer full protection against all threats.

Answer: B


NEW QUESTION # 75
......

Latest CIW 1D0-671 Dumps with Test Engine and PDF: https://freetorrent.actual4dumps.com/1D0-671-study-material.html

Related Articles

more
CIW 1D0-671 Certification Practice Exam

Copyright © 2026 Actual4Dumps NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy