Like what you see? Get it in one document for easy printing!
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Test yourself better with 300 extra Security+ questions!
Get It Here!

Custom Search







Table Of Contents  CertiGuide to Security+
 9  Chapter 7:  Practice Exam Answers

Previous Topic/Section
Answers to Questions 71-75
Previous Page
Pages in Current Topic/Section
1
Next Page
Answers to Questions 81-85
Next Topic/Section

Answers to Questions 76-80

76. Which of the following should NOT be logged for performance problems?

A. CPU load.

B. Percentage of idle time.

C. Percentage of use.

D. No Answer is Correct

Explanation: The level of logging will be according to your company requirements. Below is a list of items that could be logged, please note that some of the items may not be applicable to all operating systems. What is being logged depends on whether you are looking for performance problems or security problems. However you have to be careful about performance problems that could affect your security.

& Section 1.7: Auditing

& Section 5.9.4: Logs and Inventories

 

77. Which of the following should be logged for security problems?

A. Use of mount command.

B. Percentage of idle time.

C. Percentage of use.

D. No Answer is Correct

Explanation: The level of logging will be according to your company requirements. Below is a list of items that could be logged, please note that some of the items may not be applicable to all operating systems. What is being logged depends on whether you are looking for performance problems or security problems. However you have to be careful about performance problems that could affect your security.

Percentage of idle time and percentage of use might be useful in capacity planning, in which you determine what computing resources you will need to handle future needs, but they are not generally related to security problems.

& Section 1.7: Auditing

& Section 5.9.4: Logs and Inventories

 

78. Which of the following services should be logged for security purpose?

A. bootp

B. tftp

C. sunrpc

D. No Answer is Correct

Explanation: Requests for the following services should be logged on all systems: systat, bootp, tftp, sunrpc, snmp, snmp-trap, nfs. This list is rather UNIX-centric, nevertheless, it's possible for many of those services to be running on Windows as well (if you're running them, log them!).

& Section 1.7: Auditing

& Section 5.9.4: Logs and Inventories

 

79. The activity that consists of collecting information that will be used for monitoring is called:

A. Logging

B. Troubleshooting

C. Auditing

D. Inspecting

Explanation: Logging is the activity that consists of collecting information that will be used for monitoring and auditing. Detailed logs combined with active monitoring allow detection of security issues before they negatively affect your systems.

Troubleshooting is the activity of collecting information used for diagnosing a system or network problem, not for monitoring. Auditing is the review of logs, configuration information, etc. for reasons including verifying compliance with security policies and identifying potential issues. Inspecting is also a review of existing information, hardware or software.

& Section 1.7: Auditing

& Section 5.9.4: Logs and Inventories

 

80. How often should logging be performed?

A. Always

B. Once a day

C. Once every week

D. During maintenance

Explanation: Usually logging is done 24 hours per day, 7 days per week, on all available systems and services except during the maintenance window where some of the systems and services may not be available while maintenance is being performed.

If you only perform logging at certain times, then any activities taking place at other times won't be logged, and can't be used for auditing or forensic activities at a later date. This makes your network more vulnerable to undetected intrusions and thus a more attractive target for attackers.

& Section 1.7: Auditing

& Section 5.9.4: Logs and Inventories


Previous Topic/Section
Answers to Questions 71-75
Previous Page
Pages in Current Topic/Section
1
Next Page
Answers to Questions 81-85
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $



Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.