Auditing is used to track user accounts for file and object access, logon attempts, system shutdown, and many more vulnerabilities to enhance the security of the network. It encompasses a wide variety of activities.
Place the different auditing activities in front of their descriptions.
Explanation: Auditing encompasses a wide variety of activities as follows:
Logging: It is the activity of recording information to a log file or database about events or occurrences.
Log Analysis: It is a systematic form of monitoring where the logged information is analyzed in detail. It is done to find out the trends and patterns as well as abnormal, unauthorized, illegal, and policy-violating activities.
Intrusion Detection: It is a process to detect unwanted system access by monitoring both recorded information and real time events.
Alarm Triggers: These are the notifications that are sent to an administrator whenever a specific event occurs.
Monitoring: It is the activity of manually or programmatically reviewing logged information.
Questions 5
Which of the following statements is true about a relational database?
A. It is difficult to extend a relational database.
B. The standard user and application program interface to a relational database is Programming Language (PL).
C. It is a collection of data items organized as a set of formally-described tables.
D. It is a set of tables containing data fitted into runtime defined categories.
A relational database is a collection of data items organized as a set of formally-described tables from which data can be accessed or reassembled in many different ways without having to reorganize the database tables.
Answer: B is incorrect. The standard user and application program interface to a relational database is the structured query language (SQL).
Answer: A is incorrect. In addition to being relatively easy to create and access, a relational database has the important advantage of being easy to extend.
Answer: D is incorrect. A relational database is a set of tables containing data fitted into predefined categories. Each table (which is sometimes called a relation) contains one or more data categories in columns. Each row contains a unique
instance of data for the categories defined by the columns.
Questions 6
You work as a Network Administrator for ABC Inc. The company uses a secure wireless network. John complains to you that his computer is not working properly. What type of security audit do you need to conduct to resolve the problem?
An independent audit is an audit that is usually conducted by external or outside resources. It is the process of reviewing detailed audit logs for the following purposes:
1.
To examine the system activities and access logs
2.
To assess the adequacy of system methods
3.
To assess the adequacy of system controls
4.
To examine compliance with established enterprise network system policies
5.
To examine compliance with established enterprise network system procedures
6.
To examine effectiveness of enabling, support, and core processes Answer: B is incorrect. It is not a valid type of security audit. Answer: D is incorrect. It is done to examine the operational and ongoing activities within a network. Answer: B is incorrect. It is not a valid type of security audit. Answer: D is incorrect. It is done to examine the operational and ongoing activities within a network. Answer: A is incorrect. It is not a valid type of security audit.
Questions 7
Which of the following are HTML tags, used to create a table?
Routinely doing site surveys (or better still, having them automatically conducted frequently) is the only way to know what is connected to your network. And it will reveal any rogue access points. Answer: B is incorrect. While antivirus software
is always a good idea, it will do nothing to prevent rogue access points.
Answer: A is incorrect. While anti-spyware software is always a good idea, it will do nothing to prevent rogue access points.
Answer: C is incorrect. A protocol analyzer will help you analyze the specific traffic on a given node, but won't be much help in directly detecting rogue access points.
Questions 9
You have to ensure that your Cisco Router is only accessible via telnet and ssh from the following hosts and subnets: 10.10.2.103 10.10.0.0/24.
Which of the following sets of commands will you use to accomplish the task?
A. access-list 10 permit host 10.10.2.103access-list 10 permit 10.10.0.0 0.0.0.255access-list 10 deny any line vty 0 4 access-class 10 out
B. access-list 10 permit 10.10.2.103access-list 10 permit 10.10.0.0 0.0.0.255access-list 10 deny any line vty 0 4 access-group 10 in
C. access-list 10 permit host 10.10.2.103access-list 10 permit 10.10.0.0 0.0.0.255access-list 10 deny any line vty 0 4access-class 10 in
D. access-list 10 permit host 10.10.2.103access-list 11 permit host 10.10.0.0 255.255.255.0access-list 12 deny any line vty 0 4access-group 10, 11, 12 in
In order to accomplish the task, you will have to run the following sets of commands: access-list 10 permit host 10.10.2.103 access-list 10 permit 10.10.0.0 0.0.0.255 access-list 10 deny any line vty 0 4 access- class 10 in This configuration
set meets all the requirements. The ACL is correctly configured and is applied to the VTY lines using the access-class command for inbound connections. Answer: D is incorrect. This configuration actually creates 3 separate ACL's (10, 11,
and 12) and also incorrectly attempts to apply the ACL's to the VTY lines.
Answer: A is incorrect. This configuration is correct except for the access-class command being applied in the outbound direction. When using "access-class out", the router will not match connections coming into the router for Telnet and/or
SSH. Instead, it will match connections being generated from the router. Answer: B is incorrect. This configuration is correct except for the access-group command. Access-group is used to apply ACLs to an interface. Access-class is used to
apply ACLs to VTY lines.
Questions 10
Which of the following is a prevention-driven activity to reduce errors in the project and to help the project meet its requirements?
Quality assurance is the application of planned, systematic quality activities to ensure that the project will employ all processes needed to meet requirements. It is a prevention-driven activity to reduce errors in the project and to help the
project meet its requirements.
Answer: A is incorrect. Audit sampling is an application of the audit procedure that enables the IT auditor to evaluate audit evidence within a class of transactions for the purpose of forming a conclusion concerning the population. When
designing the size and structure of an audit sample, the IT auditor should consider the audit objectives determined when planning the audit, the nature of the population, and the sampling and selection methods.
Answer: C is incorrect. The process of limiting access to the resources of a Web site is called access control.
Access control can be performed in the following ways:
1.
Registering the user in order to access the resources of the Web site. This can be confirmed by the user name and password.
2.
Limiting the time during which resources of the Web site can be used. For example, the Web site can be viewed between certain hours of a day.
Answer: B is incorrect. It is the practice of managing the whole life cycle (design, construction, commissioning, operating, maintaining, repairing, modifying, replacing and decommissioning/disposal) of physical and infrastructure assets such
as structures, production, distribution networks, transport systems, buildings, and other physical assets.
Questions 11
You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to see the username, real name, home directory, encrypted password, and other information about a user.
Which of the following Unix configuration files can you use to accomplish the task?
In Unix, the /etc/passwd file contains username, real name, home directory, encrypted password, and other information about a user.
Answer: C is incorrect. In Unix, the /etc/hosts file lists the hosts for name lookup use that are locally required.
Answer: D is incorrect. In Unix, the /etc/inittab file is the configuration file for init. It controls startup run levels and determines scripts to start with.
Answer: B is incorrect. In Unix, the /etc/printcap file is the configuration file for printers.
Questions 12
Mark works as a Web Designer for XYZ CORP. The company has a Windows-based network. Mark creates an HTML document that gives the following error on execution: "These hypertext system features are not supported by HTML".
Which of the following can be the hypertext system features that are NOT supported by HTML? (Choose three)
HTML lacks some of the features found in earlier hypertext systems, such as typed links, source tracking, fat links etc. Even some hypertext features that were in early versions of HTML have been ignored by most popular web browsers until recently, such as the link element and in- browser Web page editing. Sometimes Web services or browser manufacturers remedy these shortcomings. Answer: C is incorrect. Hyperlink is supported by HTML as well as Hypertext.
Questions 13
Pingdom is a website monitoring service.
Which of the following services are provided by Pingdom?
A. It creates complicated charts to spot trends and imprecisely pinpoint problems.
B. It works as an iPhone application to make sure that a website is reachable and responding properly at all times.
C. It is used to monitor sites and servers on the Internet.
D. It is used to track the uptime, downtime, and performance of websites.
Pingdom is a website monitoring service that is used by administrators to monitor sites and servers on the Internet. It alerts the site owners if it detects a problem. Pingdom service is used to track the uptime, downtime, and overall performance of websites. Pingdom also works as an iPhone application to make sure that a website is reachable and responding properly at all times. If not so, it provides the administrator with the email and SMS alerts. It creates charts and tables that are easy to understand. These charts and tables enable an administrator to spot trends and accurately pinpoint problems. Answer: A is incorrect. Pingdom creates chartsthat are easy to understand. These charts are used to spot trends and accurately pinpoint problems.
TESTED 02 Jun
