CertsTopics Logo

New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free and Premium Exin SCNP Dumps Questions Answers

Page: 1 / 9
Total 233 questions
Get SCNP Full Access Download SCNP PDF

SCNP Strategic Infrastructure Security Questions and Answers

Question 1

As per the guidelines in the ISO Security Policy standard, what is the purpose of the section on Physical and Environmental Security?

Options:

A.

The objectives of this section are to avoid breaches of any criminal or civil law, statutory, regulatory or contractual obligations and of any security requirements, and to ensure compliance of systems with organizational security policies and standards.

B.

The objectives of this section are to prevent unauthorized access, damage and interference to business premises and information; to prevent loss, damage or compromise of assets and interruption to business activities; to prevent compromise or theft of information and information processing facilities.

C.

The objectives of this section are to provide management direction and support for information security.

D.

The objectives of this section are to maintain appropriate protection of corporate assets and to ensure that information assets receive an appropriate level of protection.

E.

The objectives of this section are to control access to information, to prevent unauthorized access to information systems, to ensure the protection of networked services, and to prevent unauthorized computer access.

Buy Now
Question 2

You are discussing the design and infrastructure of the Internet with several colleagues when a disagreement begins over the actual function of the Tier System in the Internets design. What is the function of the Tier System in the physical structure of the Internet?

Options:

A.

The Tier System provides the physical network with communication channels for the Internet and voice/data applications.

B.

The Tier System provides a national interconnection of systems, called peering centers, to the NAPs.

C.

The Tier System provides for a layered/hierarchical connection system of ISPs connecting to the backbone.

D.

The Tier System provides for a connection point between an ISP and the backbone of the Internet.

E.

The Tier System provides the actual connection point between a local user and the Internet.

Question 3

Recently at your organization you have been requested to lead the team in performing a new Risk Analysis of the organization. During the first team meeting you identify to your team the three areas of Risk Analysis. What are those three areas?

Options:

A.

Verifying Risk, Minimizing Risk, Removing Risk

B.

Qualifying Risk, Mitigating Risk, Removing Risk

C.

Predicating Risk, Qualifying Risk, Minimizing Risk

D.

Predicting Risk, Quantifying Risk, Mitigating Risk

E.

Quantifying Risk, Mitigating Risk, Removing Risk

Question 4

In your organization, the majority of employees use Microsoft Outlook Express as their email client. You are configuring these systems so that applications on the employee systems cannot send email, posing as the user of the system. Under the Security tab, which option will you select to achieve this goal?

Options:

A.

Do not allow other applications to send mail as me.

B.

Disable application mail delivery.

C.

Prompt me prior to application mail delivery.

D.

Warn me when other applications try to send mail as me.

E.

Do not allow applications that could potentially transmit a virus to send mail as me.

Question 5

You are running Nessus in your organization to perform vulnerability assessments. If you wish to write your own plugin, to scan for a custom vulnerability, what will you use to write the plugin?

Options:

A.

Nessus Plugin Scripting (NPS)

B.

Nessus Custom Scripting (NCS)

C.

Nessus C++ Scripting (NC+S)

D.

Nessus Attack Scripting Language (NASL)

E.

Nessus Java Scripting Language (NJSL)

Question 6

To increase the security of your corporate website, you are running some basic checks on leaked information. You view the source code for a web page and see the following:

<title>Security Certifications for the IT Pro

From this code, which of the following would an attacker most likely assume is the operating system that was used to create this web site?

Options:

A.

OpenBSD

B.

FreeBSD

C.

Linux 5.0

D.

Linux 6.0

E.

Windows NT

Question 7

Recently you found out that there has been a flood of bogus network traffic hitting your Email server.

Because of this flood, authorized users have not been able to consistently send or receive email. What is happening to your Email server?

Options:

A.

A Denial of Service Attack

B.

A Virus Attack

C.

A Worm Attack

D.

A Macro Attack

E.

A Trojan Attack

Question 8

To maintain the security of your network you routinely run several checks of the network and computers.

Often you use the built-in tools, such as netstat. If you run the following command, netstat –s which of the following will be the result?

Options:

A.

Displays all connections and listening ports

B.

Displays Ethernet statistics.

C.

Displays addresses and port numbers in numerical form

D.

Shows connections for the protocol specified

E.

Displays per-protocol statistics

Question 9

You are examining a packet from an unknown host that was trying to ping one of your protected servers and notice that the packets it sent had an IPLen of 20 byes and DgmLen set to 60 bytes. What type of operating system should you believe this packet came from?

Options:

A.

Linux

B.

SCO

C.

Windows

D.

Mac OSX

E.

Netware

Question 10

Recently, you have seen an increase in intrusion attempts and in network traffic. You decide to use Snort to run a packet capture and analyze the traffic that is present. Looking at the example, what type of traffic did Snort capture in this log file?

Options:

A.

Nmap SYN/FIN Scan

B.

Nmap ACK Scan

C.

Nmap NULL Scan

D.

Nmap XMAS Scan

E.

Nmap SYN Scan

Question 11

In order for your newly written security policy to have any weight, it must be implemented. Which of the following are the three components of a successful Security Policy Implementation in an organization?

Options:

A.

Policy Monitoring

B.

Policy Design

C.

Policy Committee

D.

Policy Enforcement

E.

Policy Documentation

Question 12

Which of the following best describes the Repair Model?

Options:

A.

The model makes use of preventive measures and regular service as well as updates such as Service

Packs, maintenance updates, and patches. Preventive measures can also improve the chances of the repair model working better than if the system had no preventive measures ever taken.

B.

The repair model is the transference of risk to an insurance company that covers the costs of replacing the critical assets within your network. The drawbacks are increase in premiums after making a claim, high premiums anyway, down time while the insurance company is processing the claim, and claim may not pay what replacement costs are today.

C.

Assets will typically cost much more than the original capital outlay that it took to purchase it long ago.

Repair costs can be very high and a decision to exercise this model should not be made in haste. There are also depreciation issues to deal with as well. In any case, this model should be the last resort because of cost and may be the most time consuming.

D.

The repair model makes use of the acknowledged skills and abilities of the existing personnel. Knowing that assets have very specific dollar values assigned to them, the choice on how to manage the asset is based on the experience of the personnel.

E.

Before incurring the cost for repair of an inoperative asset, check for maintenance agreements that may include the cost of repair or the actual repair itself. Nevertheless, the repair model should focus on the restoration of the downed asset to its working status within the network infrastructure. Keep in mind that after hardware costs, costs for the reloading or replacement of software can be a large cost factor as well.

Question 13

Which two of the following are factors that must be considered in determining the likelihood of occurrence during a risk analysis review?

Options:

A.

What are the methods available to attack this asset?

B.

What are the costs associated with protecting this asset?

C.

Does the threat have sufficient capability to exercise the attack?

D.

Does the threat have the motivation or incentive to exercise the attack?

E.

Are any of the assets worthy of an attack?

Question 14

From the following list, chose the primary reason for splitting a Security Policy into multiple smaller policies?

Options:

A.

Smaller policies are cheaper to produce

B.

Smaller policies are simpler to manage

C.

Smaller policies are simpler to produce

D.

Smaller policies are more legally binding

E.

Smaller policies provide better security control

Question 15

Most companies that do business via the Web offer a shopping cart so you can specify all the items you want before placing the order. Poor shopping cart design, however, can allow a different kind of hack. Take a look at the HTML code sample presented here and determine the line that presents the vulnerability:

<input type=hidden name="price" value="39.95">

<input type=hidden name="item_no" value="WIDGET9">

QUANTITY: <input type=text name="quantity" size=2 maxlength=2 value=1>

Options:

A.

The line specifying the Perl script orders.pl

B.

The line specifying input type for price

C.

The line specifying input type for item number

D.

The line specifying input type for quantity

E.

The line specifying input type for item number and quantity

Question 16

In your network, you have built a single domain of only Windows computers. There are 55 XP machines and 10 Windows Server 2003 machines. You are concerned about the security of your SAM files on the Servers. Windows Server 2003 is the only Operating System on the computers, and the hard drives are all formatted with NTFS. Which of the following are issues you must be sure to address when securing the

SAM file?

Options:

A.

You must be sure that no user while locally logged in to the Server can delete the SAM file.

B.

You must be sure that no user while logged in to the Server remotely can delete the SAM file.

C.

You must be sure that no user can boot to DOS and delete the SAM file from there.

D.

You must be sure that no user can install a parallel Operating System and delete the SAM file from there.

E.

You must be sure to encrypt the Operating System files using the built-in EFS, so that no user may delete the SAM file from anywhere.

Question 17

If an attacker uses a program that sends thousands of email messages to every user of the network, some of them with over 50MB attachments. What are the possible consequences to the email server in the network?

Options:

A.

Server hard disk can fill to capacity

B.

Client hard disks can fill to capacity

C.

Server can completely crash

D.

Network bandwidth can be used up

E.

Clients cannot receive new email messages

Question 18

On your Windows 2003 system, you want to control inbound access to various ports. What feature of Windows 2003 will allow you to do this?

Options:

A.

Datagram Filtering

B.

IPSec

C.

EFS

D.

TCP/IP Filtering

E.

Session Management

Question 19

What type of cipher is used by an algorithm that encrypts data in chunks of data, 64 bits at a time?

Options:

A.

64-bit encryption Cipher

B.

Block Cipher

C.

Stream Cipher

D.

Diffuse Cipher

E.

Split Cipher

Question 20

After installing a new application on your SuSe Linux server, you need to read through the log files.

When you open the files, you notice they are very long, and you only wish to check the newest entries to the file. What command do you use to perform this action?

Options:

A.

currentlog

B.

newest

C.

/var/last

D.

lastlog

E.

trail

Question 21

Recently, you have seen an increase in intrusion attempts and in network traffic. You decide to use

Snort to run a packet capture and analyze the traffic that is present. Looking at the example, what type of traffic did Snort capture in this log file?

Options:

A.

Linux Ping Response

B.

Linux Ping Request

C.

Windows 2000 Ping Request

D.

Windows 2000 Ping Response

E.

Windows NT 4.0 Ping Request

Question 22

What type of encryption converts data from a variable-length to a fixed length piece of data?

Options:

A.

Asymmetric

B.

Symmetric

C.

Hash

D.

IPSec

E.

S/MIME

Question 23

While configuring TCP Wrappers on your Linux system, you desire to create a line that will effect every local computer's access to the ftp service. Which of the following lines will achieve this desired result?

Options:

A.

NETWORK(LOCAL): in.ftpd

B.

in.ftpd: LOCAL

C.

in.ftpd: NETWORK

D.

in.ftpd: NETWORK(LOCAL)

E.

LOCAL_NET: in.ftpd

Question 24

In Windows Server 2003, there are four methods of implementing IPSec. They are:

1 - Require Security

2 - Request Security

3 - Respond Only

4 - No IPSec Policy

Your network hosts many servers, and different security policies are in place in different locations in the network. The Clients and Servers in your network are configured as follows:

-You have servers numbered 1-9, which have a policy stating they require no network traffic security.

-You have servers numbered 10-19, which have a policy stating they are not required to be secure, but will encrypt network traffic if the client is able to receive it.

-You have servers numbered 20-29, which have a policy stating they are required to be secure and all network traffic they deliver must be secured.

-You have clients numbered 60-79 that are required to access secure servers 20-29.

-You have clients numbered 80-99 that are not required to access secure servers 20-29, but are required to access servers 1-9 and 10-19.

Based on the Client and Server configuration provided above, which of the following computers will implement IPSec method 4?

Options:

A.

Computers numbered 1-9

B.

Computers numbered 10-19

C.

Computers numbered 20-29

D.

Computers numbered 60-79

E.

Computers numbered 80-99

Question 25

You are configuring the security of a service using Xinetd. You wish to add a line to the configuration of the service that grants access during the hours of 6AM to 7PM. Which of the following lines will you need to add to the configuration to achieve this result?

Options:

A.

access_from = 6:00 - 19:00

B.

access_times = 6AM:7PM

C.

access_from = 6AM:7PM

D.

access_times = 6:00<->19:00

E.

access_times = 6:00 - 19:00

Question 26

There are several clients of your network that require the ability to connect remotely. You are using Internet Authentication Services (IAS) in Windows Server 2003 for security. What is IAS the Windows implementation of?

Options:

A.

MD5

B.

DES

C.

RSA

D.

PKI

E.

RADIUS

Question 27

After you have configured your new Linux file server, a colleague wishes to check the permission settings on some files. You run the command to view the permissions, and the onscreen result is:

-rwx-rw-rw- 1 ps_admin root 2345 10:23 file1

Which of the following are true based on this output?

Options:

A.

The owner has read, write, and execute permissions

B.

The group has read, write, and execute permissions

C.

The others have read, write, and execute permissions

D.

ps_admin is the owner

E.

root is the group

Question 28

Public Key Cryptography systems use which two of the following keys?

Options:

A.

Symmetric Key

B.

Public Key

C.

Hash Key

D.

Asymmetric Key

E.

Private Key

Question 29

You are examining the Event IDs in your Windows 2003 network. There have been a large number of failed attempts at logon in the network. What is the Event ID for a failed attempt at Logon due to an account being disabled?

Options:

A.

107

B.

230

C.

374

D.

413

E.

531

Question 30

You are setting the permissions on a new file in Linux. What will be the level of permission given to the user if you assign an Octal value of 7?

Options:

A.

rw-

B.

r-x

C.

---

D.

r--

E.

rwx

Question 31

What classic cipher is shown in this image?

Options:

A.

Feistel Cipher

B.

Caesar Cipher

C.

Vingre Cipher

D.

Polybius Cipher

E.

Enigma Cipher

Question 32

What classic cipher is shown in this image?

Options:

A.

Feistel Cipher

B.

Caesar Cipher

C.

Vingre Cipher

D.

Polybius Cipher

E.

Enigma Cipher

Question 33

You are making changes to your Windows Server 2003 file server, to increase security. You are aware from your auditing that attackers have been trying to map your network and perform reconnaissance. You wish to stop attackers from enumerating share names. What can you do to stop this?

Options:

A.

Disable the NULL Session under Local Policies, Security Options

B.

Be sure that the ADMIN$ share has been removed

C.

Be sure the %sysroot% is not accessible remotely

D.

Disable the Traverse Folders option from the %sysroot% directory

E.

Share Enumeration cannot be stopped. Enable Object Access logging to watch for this type of traffic pattern.

Question 34

What encryption algorithm was selected to replace DES?

Options:

A.

RC5

B.

IDEA

C.

AES

D.

Blowfish

E.

RSA

Exam Detail
Vendor: Exin
Certification: Exin Other Certification
Exam Code: SCNP
Exam Name: SCNP Strategic Infrastructure Security
Last Update: Jan 15, 2025
SCNP Question Answers
Page: 1 / 9
Total 233 questions
Get SCNP Full Access Download SCNP PDF