Answers to Questions 51-55
51. What can be installed to alert you that the network is either being compromised or at least an attempt is being made?
B. SNMP trap
Explanation: The correct choice is IDS or Intrusion Detection System. A Proxy may have alerting or logging capabilities, however that is an IDS feature that is built in to the proxy. The same can be said for a firewall.
& Section 3.1.9: IDS (Intrusion Detection System)
52. To monitor all the traffic on a network and automate defensive measures you would install a
A. Passive Network Based IDS
B. Active Network Based IDS
C. Passive Host Based IDS
D. Active Host Based IDS
Explanation: IDS is broken into host based or network based. A host based system monitors only a single host; a network based system monitors all network traffic. From there, they are either passive or active. Active-based systems follow rule-based steps, such as disconnecting a network connection. A passive system logs the event without taking any actions like paging the system administrator.
& Section 3.1.10: Network Monitoring / Diagnostics
53. Select the type of cable that is not prone to RFI or eavesdropping to EM
Explanation: Being driven by light, not electro-magnetic signals, fiber is not prone to the signal being snooped and is not affected by EM. Both wireless and UTP involve the transmission of electrical signals and are thus vulnerable to RFI and eavesdropping.
& Section 3.2.3: Fiber
54. When backing up using tape the administrator needs to
A. Periodically confirm the tape is still valid
B. Clean the tape drive
C. Store the tape off-site in a secured area
D. All of these choices are correct
E. No choices are correct
Explanation: More than one company has found that storing tape in a high security area off site still needs to check the tapes. In one case a freezer running in an adjoining security area erased the tapes. The motor running the compressor created enough EMI to erase the tapes in the adjoining area.
& Section 184.108.40.206: Tape
55. The area between a public network such as the Internet and your LAN is frequently called a
D. No choice is correct
Explanation: Users of the public network outside the company can access only the DMZ, or demilitarized zone, of a company's network. Typically, internal users accessing the Internet make a request that the DMZ performs on the users behalf via a proxy server.
& Section 220.127.116.11: DMZ (Demilitarized Zone)
Home - Table Of Contents - Contact Us
CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004
Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.