TITLE
«   2009/01   »
        1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30 31

 + 천국에서 지상으로 컴백
 + Abercrombie and Hollister
 + 투덜투덜
 + OPERA SOFTWARE
 + 여자친구에게서 걸려온...




 +  Jae-won.net
 +  Mini Stop
 +  Moreover
 +  the shadow of forgetful...
 +  썰렁한 엔지니어
 +  태우's log - web 2.0 an...


   SQL DB : 12.93 MB
   Server : 16.50 GB / 67.29 GB


   Browser : Robot
   OS : Robot


   IP :   [38.103.63.59]


   Total : 3


   Total : 303162 [03.05.2006 ~]

RealProject.NET Blog 섹션입니다. LOCATION  TAG  GUESTBOOK  ADMIN   
제 개인적인 잡생각이나 일상, 그리고 사진들을 올리는 곳입니다.
깊이 생각해서 쓰는 글보다는 순간순간 스쳐지나가는 생각들을 남기고자 합니다.
현재, 이 블로그는 Textcube 1.7.7 : Beta 1를 기반으로 운영되고 있습니다.
따라서, 메인웹사이트와 블로그 사이에 연동되는 부분이 한정되어 있으므로 이점 양지 부탁드립니다.
- Article Catagory -
Article 'Miscellaneous' : Result (10)

=> 검색 결과 :: 총 10개

+ 여자친구에게서 걸려온 전화 한통
   → Date : 2008/08/30   Comments : (3)

+ 내 아내의 이런 애교! 정말 싫다!
   → Date : 2008/08/22   Comments : (3)

+ 접속자 Browser별 사용빈도
   → Date : 2008/08/15   Comments :

+ 국제공인 컴퓨터 / IT자격증 정보
   → Date : 2008/08/02   Comments : (2)

+ Tatter Camp
   → Date : 2008/06/19   Comments : (2)

2008/08/30 08:10 2008/08/30 08:10
- 여자친구에게서 걸려온 전화 한통 -
  Author : JCrew
  Date : 2008/08/30 08:10
  Category : Miscellaneous
  Tags : , ,
여자 「자동차 시동이 안 걸려…」


남자 「그래? 배터리 나간거 아냐? 라이트는 켜져?」


여자 「어제까지는 제대로 됐는데. 왜 갑자기 시동이 안 걸리지?」


남자 「엔진 트러블이면 곤란한데. 일단 배터리 문제인가부터 확인해 봐. 라이트는 들어와?」


여자 「아이 참, 나 오늘 OO까지 가야되는데! 차 없으면 안 되는데...」


남자 「그거 큰일이네. 어때? 라이트는 켜져?」


여자 「아 분명히 어제 탔을 때는 괜찮았는데, 히잉. 이 고물차! 이럴 줄 알았으면 차 안 바꾸는건데!」


남자 「…라이트는 켜져? 안 켜지는거야?」


여자 「O시에 약속이니까 아직 시간은 있지만, 걸어서 가기에는 넘 멀어~」


남자 「그래. 그런데 라이트는 어때? 켜져?」


여자 「응? 미안, 잘 안 들렸어」


남자 「아, 뭐, 라이트는 켜져?」


여자 「왜?」


남자 「아, 시동 안 걸리는 거 아니야? 배터리 나가서 그러는 걸 수도 있으니까」


여자 「무슨 말이야?」


남자 「응?」


여자 「에?」


남자 「자동차 배터리 나갔을 수도 있으니까, 그거 확인부터 해보자구. 라이트 켜 봐」


여자 「그게 왜? 배터리 방전됐으면 라이트 안 켜지잖아?」


남자 「아니, 그러니까. 그걸 알아보려는 거니까 라이트 좀 켜 봐」


여자 「혹시 지금 화내고 있는 거야?」


남자 「아니 별로 화 안 났어」


여자 「화내고 있잖아. 왜 화 내?」


남자 「그러니까, 화 안 났다고」


여자 「뭐 내가 잘못했어? 말하면 사과할께」


남자 「괜찮아. 화 안 났어. 괜찮아, 괜찮으니까」


여자 「뭐가 괜찮은데?」


남자 「휴~ 아냐 배터리 말한거야」


여자 「차 이야기하는거야?」


남자 「아 그래, 차 이야기」


여자 「지금 차가 중요해? 」


남자  ……………  

[퍼온글:: http://manian.connect.kr/3679178 ]

왜이리 공감이 가는지... ㅋㅋㅋ

명언 한마디
단결은 힘이다. -호메로스
    짱구볼 PermaLink  Edit  Reply    2008/08/31 22:37
-ㅅ- 남자랑 여자가 바뀐것같아용~ㅋㅋㅋ
    ^^ PermaLink  Edit  Reply    2008/11/26 19:04
ㅋㅋㅋ
    dgdgf PermaLink  Edit  Reply    2009/01/02 20:02
E20-370
1. The customer's Centera is using CentraStar 3.0. A third-party vendor implemented an application and requested that a virtual pool and profile be created on the Centera. The application fails in its attempt to write to the Centera. What is a possible problem?
A. CE+ is enabled so no data can be written to the Centera
B. PEA file was never provided to the application
C. Replication wasn't turned on
D. Storage pool creation not completed
Answer: B

2. What is the maximum number of nodes in a Gen 4 Centera Cube?
A. 4
B. 8
C. 16
D. 32
Answer: C

3. Clips need to be migrated from the default pool to a virtual pool. An access profile has already been created.
Sequence the following steps to migrate clips:
1) Grant the profile access to the pool
2) Create application virtual pool
3) Start migrating poolmappings
4) Set the home pool for the access profile
5) Create poolmapping
A. 2, 4, 1, 5, 3
B. 2, 5, 4, 1, 3
C. 2, 1, 4, 5, 3
D. 2, 1, 5, 4, 3
Answer: A

4. What is an "unbundled" cluster?
A. Flexible solution where the customer chooses any configuration of hardware or software to deploy
B. Hardware only solution where the software is provided by the customer
C. Software only solution where the hardware is provided by the customer
D. Solution where the customer provides the rack in which the cluster is installed
Answer: D

5. What does SDK Failover enable with the default setting?
A. If a C-Clip cannot be found on the primary cluster, then the request goes to the secondary cluster
B. If the communication is interrupted to the primary Centera, all data is rewritten to the secondary Centera
C. If the pool has reached its defined quota then data is written automatically to the default pool
D. In case of a disk failure, data is written automatically to a node connected to the other power rail
Answer: A

6. How do you launch the CUA Monitor?
A. Connect Monitor and keyboard directly to the CUA node and launch web services
B. Start a http session to the IP-address of the CUA using port 16000
C. Start a https session to the IP-address of the CUA using port 7227
D. Starting a SSH session to the IP address of the CUA and use the function "M" in the menu
Answer: C

7. Click the exhibit button.

Which button, in the diagram, is used to start the CLI from within Centera viewer?

A. 1
B. 2
C. 3
D. 4
Answer: A

8. What are the available Centera replication topologies in addition to Uni-Directional and Bi-Directional?
A. Chain and Inward Star
B. Multipoint to Point and Chain
C. Point to Multipoint and Link
D. Ring and Star
Answer: A

9. A new customer has been testing their Centera in Governance mode. They have specified retention periods ranging from 0 days to 7 years. They would now like to erase the cluster and put it into production. How can the customer remove the test data from the cluster?
A. Customer can issue a reset cluster command from the CLI
B. Customer can switch the cluster off for 24 hours to delete all data
C. Customer can use the privileged delete command to remove the data
D. Can not be done, data remains on the cluster
Answer: C

10. With which enterprise backup solutions does CASbar work?
A. NDMP compatible systems
B. NDMP systems with DMA capabilities
C. Systems capable of mounting a UNIX file system
D. Systems capable of mounting a windows file system
Answer: D

11. How can an application get authenticated by the Centera?
A. Application sends the PAI-file encrypted to Centera as part of the connection process
B. Connect string contains IP-Address of one or more access nodes, and a valid pair of name and secret
C. Send IP address of all access nodes and correct subnet mask as part of the connect string
D. System administrator has to set an environment variable, which points to the location of the PAI-module
Answer: B

12. By default, how many different file sizes does Centera Verify use to perform tests?
A. 1
B. 2
C. 3
D. 4
Answer: C
13. What is the primary benefit of the GM naming scheme?
A. Combination of the MD5 plus SHA-256 hash algorithms
B. Containerizes small files for increased performance
C. Faster for both ingest and cluster operations
D. Single Instance Storage
Answer: C

14. Which management role is required for the profile to be used by Centera Console?
A. Accesscontrol role
B. Audit role
C. Monitor role
D. Replication role
Answer: C

15. What is the function of garbage collection?
A. Delete all CDFs with elapsed retention periods
B. Delete all reflections which do not contain pointers to blobs
C. Delete blobs that have no associated CDF
D. Delete virtual pools which do not contain data
Answer: C

16. Which item is responsible for granting capabilities?
A. Access profile
B. ACL's
C. CentraStar Mode (Basic, Governance or CE+)
D. Cluster profile
Answer: B

17. Which tool is used to create domains for use with Centera Console?
A. Centera CLI
B. Centera Console CLI
C. Centera Viewer
D. PDM
Answer: A

18. Which naming scheme facilitates single instance storage?
A. CPM
B. GM
C. M++
D. SSPF
Answer: C

19. What remains after an object is deleted from Centera by an application?
A. Copy of the CDF
B. Copy of the object
C. Nothing will remain
D. Reflection
Answer: D

20. What is an example of the command to turn CPP on when the license has been entered?
A. set content protection parity on
B. set protection CPP
C. set protection mode CPP
D. set protection write parity 250k
Answer: D

21. What is the best description for fixed content?
A. Content that is included in the companys back-up policy
B. Final copy of data
C. Fixed Database structures
D. Transactional data required for corporate compliance
Answer: B

22. What is the function of CASbar?
A. Monitor Centera health and status
B. Provide a connector for enterprise backup software
C. Provide a mountpoint interface to the Centera
D. Verify read/write/delete functionality of Centera
Answer: B

23. A Centera cluster is configured to use CPM. A customer creates a new Virtual Pool. What is the object count of the Virtual Pool after a 250 kB document is written to it?
A. 1
B. 2
C. 4
D. 9
Answer: C

24. How is the blob protected using CPM?
A. Fragmented in a 4+1 configuration
B. Mirrored across six nodes
C. Mirrored on one odd node and one even node
D. Segmented across six nodes with a seventh for parity
Answer: C

25. Using Enhanced Availability, how often does the database on the standby CUA get updated?
A. Active CUA sends all database updates immediately to the Standby CUA
B. Every 5 minutes or 500 writes, whichever occurs first
C. User must define the frequency depending on the desired RPO
D. Whenever the active CUA writes a backup of its database to Centera
Answer: B

26. What is the first step performed by the Centera API before the file is sent to the Centera?
A. Cache the file for later use
B. Calculate the content address
C. Encrypt the CDF and blob
D. Prepare the CDF
Answer: D

27. What is one method of getting files to a Centera?
A. A network file share from the Centera itself
B. CUA providing a share to the Centera
C. FTP a file from a host directly to the Centera
D. Presenting LUNs from the Centera to a host
Answer: B

28. Which protocol is used by the Centera SDK to interact with the Centera cluster?
A. Fibre Channel
B. SCSI
C. TCP/IP
D. WEP
Answer: C

29. A customer wants to start a backup set on January 31, 2006 at 5am. What is the correct syntax to specify this parameter in the configuration file?
A. BEGINTIME='2006-01-31 05:00'
B. FIRSTCLIPDATE='2006-01-31 05:00'
C. STARTTIMESTAMP='2006-01-31 05:00'
D. BEGINTIMEPERIOD='2006-01-31 05:00'
Answer: C
30. What is the maximum number of Centera clusters that can be monitored in a domain?
A. Two
B. Four
C. Six
D. Unlimited
Answer: B
Ccna ccnp ccie 등 인증시험의 덤프를 제공
우리회사의 홈페이지는 http://www.killtest.co.kr 입니다.
제 msn는 testkr@hotmail.com 입니다.
야호메일주소는 killtest@ymail.com 입니다.
          
2008/08/22 00:06 2008/08/22 00:06
- 내 아내의 이런 애교! 정말 싫다! -
  Author : JCrew
  Date : 2008/08/22 00:06
  Category : Miscellaneous
  Tags : , ,


사용자 삽입 이미지

아직 결혼도 안했는데 여자친구한테 위 5가지중 3가지가 벌써 보인다... 걱정이로다~ ㅠ.ㅠ



명언 한마디
자기를 칭찬하지 말라. 남을 꾸중하지 말라. 남을 꾸중하는 일은 항상 바르지 않다. 왜냐하면 비난받는 사람의 마음속에 일어난 일, 또는 일어나고 있는 일은 결코 아무도 모르기 때문이다. -톨스토이
    짱구볼 PermaLink  Edit  Reply    2008/08/24 13:49
예비신랑한테서 저 5개를 다 보고있는 난 모요-..-
    JCrew Edit    2008/08/24 23:32
아아~앙~ (*0*) (가슴을 흔들며...)
    535364365 PermaLink  Edit  Reply    2009/01/05 17:08
ECO-350
1.Samuel is the network administrator of DataX Communications, Inc. He is trying to configure his firewall to block password brute force attempts on his network. He enables blocking the intruder's IP address for a period of 24 hours time after more than three unsuccessful attempts. He is confident that this rule will secure his network from hackers on the Internet. But he still receives hundreds of thousands brute-force attempts generated from various IP addresses around the world. After some investigation he realizes that the intruders are using a proxy somewhere else on the Internet which has been scripted to enable the random usage of various proxies on each request so as not to get caught by the firewall rule. Later he adds another rule to his firewall and enables small sleep on the password attempt so that if the password is incorrect, it would take 45 seconds to return to the user to begin another attempt. Since an intruder may use multiple machines to brute force the password, he also throttles the number of connections that will be prepared to accept from a particular IP address. This action will slow the intruder's attempts. Samuel wants to completely block hackers brute force attempts on his network. What are the alternatives to defending against possible brute-force password attacks on his site?
A.Enforce a password policy and use account lockouts after three wrong logon attempts even though this might lock out legit users
B.Enable the IDS to monitor the intrusion attempts and alert you by e-mail about the IP address of the intruder so that you can block them at the Firewall manually
C.Enforce complex password policy on your network so that passwords are more difficult to brute force
D.You cannot completely block the intruders attempt if they constantly switch proxies
Correct:D
2.Which programming language is NOT vulnerable to buffer overflow attacks?
A.Java
B.ActiveX
C.C++
D.Assembly Language
Correct:A
3.A client has approached you with a penetration test requirement. They are concerned with the possibility of external threat, and have invested considerable resources in protecting their Internet exposure. However, their main concern is the possibility of an employee elevating his/her privileges and gaining access to information outside of their department. What kind of penetration test would you recommend that would best address the client's concern?
A.A Grey Hat test
B.A Grey Box test
C.A Black Hat test
D.A White Hat test
E.A Black Box test
F.A White Box test
Correct:B
4.What type of port scan is shown below? Scan directed at open port: ClientServer 192.5.2.92:4079 ---------FIN--------->192.5.2.110:23 192.5.2.92:4079 <----NO RESPONSE------192.5.2.110:23 Scan directed at closed port: ClientServer 192.5.2.92:4079 ---------FIN--------->192.5.2.110:23 192.5.2.92:4079<-----RST/ACK----------192.5.2.110:23
A.Idle Scan
B.FIN Scan
C.XMAS Scan
D.Windows Scan
Correct:B
5.Which of the following built-in C/C++ functions you should avoid to prevent your program from buffer overflow attacks?
A.strcpy()
B.strcat()
C.streadd()
D.strsock()
Correct:A B C
6.Bob is acknowledged as a hacker of repute and is popular among visitors of 'underground' sites. Bob is willing to share his knowledge to those who are willing to learn, and many have expressed their interest in learning from him. However, this knowledge has risks associated with it, as the same knowledge can be used for malevolent attacks as well. In this context, what would be the most effective method to bridge the knowledge gap between the "black" hats or crackers and the "white" hats or computer security professionals?
A.Hire more computer security monitoring personnel to monitor computer systems and networks
B.Educate everyone with books, articles and training on risk analysis, vulnerabilities and safeguards
C.Train more national guard and reservist in the art of computer security to help out in times of emergency or crises
D.Make obtaining either a computer security certification or accreditation easier to achieve so more individuals feel that they are a part of something larger than life
Correct:B
7.After a client sends a connection request (SYN) packet to the server, the server will respond (SYN-ACK) with a sequence number of its choosing, which then must be acknowledged (ACK) by the client. This sequence number is predictable; the attack connects to a service first with its own IP address, records the sequence number chosen, and then opens a second connection from a forged IP address. The attack doesn't see the SYN-ACK (or any other packet) from the server, but can guess the correct responses. If the source IP address is used for authentication, then the attacker can use the one-sided communication to break into the server. What attacks can you successfully launch against a server using the above technique?
A.Session Hijacking attacks
B.Denial of Service attacks
C.Web page defacement attacks
D.IP spoofing attacks
Correct:A
8.Eric notices repeated probes to port 1080. He learns that the protocol being used is designed to allow a host outside of a firewall to connect transparently and securely through the firewall. He wonders if his firewall has been breached. What would be your inference?
A.Eric's network has been penetrated by a firewall breach
B.The attacker is using the ICMP protocol to have a covert channel
C.Eric has a Wingate package providing FTP redirection on his network
D.Somebody is using SOCKS on the network to communicate through the firewall
Correct:D
9.Mark works as a contractor for the Department of Defense and is in charge of network security. He has spent the last month securing access to his network from all possible entry points. He has segmented his network into several subnets and has installed firewalls all over the network. He has placed very stringent rules on all the firewalls, blocking everything in and out except ports that must be used. He does need to have port 80 open since his company hosts a website that must be accessed from the Internet. Mark is fairly confident of his perimeter defenses, but is still worried about programs like Hping2 that can get into a network through covert channels. How should mark protect his network from an attacker using Hping2 to scan his internal network?
A.Block ICMP type 13 messages
B.Block all incoming traffic on port 53
C.Block all outgoing traffic on port 53
D.Use stateful inspection on the firewalls
Correct:A
10.Bill has started to notice some slowness on his network when trying to update his company's website and while trying to access the website from the Internet. Bill asks the help desk manager if he has received any calls about slowness from the end users, but the help desk manager says that he has not. Bill receives a number of calls from customers that cannot access the company website and cannot purchase anything online. Bill logs on to a couple of his routers and notices that the logs show network traffic is at an all time high.?He also notices that almost all the traffic is originating from a specific address. Bill decides to use Geotrace to find out where the suspect IP is originates from. The Geotrace utility runs a traceroute and finds that the IP is coming from Panama.?Bill knows that none of his customers are in Panama so he immediately thinks that his company is under a Denial of Service attack. Now Bill needs to find out more about the originating IP address. What Internet registry should Bill look in to find the IP address?
A.LACNIC
B.ARIN
C.RIPE LACNIC
D.APNIC
Correct:A
11.Bill has successfully executed a buffer overflow against a Windows IIS web server. He has been able to spawn an interactive shell and plans to deface the main web page. He first attempts to use the "Echo" command to simply overwrite index.html and remains unsuccessful. He then attempts to delete the page and achieves no progress. Finally, he tries to overwrite it with another page in which also he remains unsuccessful. What is the probable cause of Bill's problem?
A.The system is a honeypot
B.The HTML file has permissions of read only
C.You cannot use a buffer overflow to deface a web page
D.There is a problem with the shell and he needs to run the attack again
Correct:B
12.Clive is conducting a pen-test and has just port scanned a system on the network. He has identified the operating system as Linux and been able to elicit responses from ports 23, 25 and 53. He infers port 23 as running Telnet service, port 25 as running SMTP service and port 53 as running DNS service. The client confirms these findings and attests to the current availability of the services. When he tries to telnet to port 23 or 25, he gets a blank screen in response. On typing other commands, he sees only blank spaces or underscores symbols on the screen. What are you most likely to infer from this?
A.The services are protected by TCP wrappers
B.There is a honeypot running on the scanned machine
C.An attacker has replaced the services with trojaned ones
D.This indicates that the telnet and SMTP server have crashed
Correct:A
13.Maurine is working as a security consultant for Hinklemeir Associates.She has asked the Systems Administrator to create a group policy that would not allow null sessions on the network. The Systems Administrator is fresh out of college and has never heard of null sessions and does not know what they are used for. Maurine is trying to explain to the Systems Administrator that hackers will try to create a null session when footprinting the network. Why would an attacker try to create a null session with a computer on a network?
A.Enumerate users and shares
B.Install a backdoor for later attacks
C.Escalate his/her privileges on the target server
D.To create a user with administrative privileges for later use
Correct:A
14.What file system vulnerability does the following command take advantage of? type c:\anyfile.exe > c:\winnt\system32\calc.exe:anyfile.exe
A.HFS
B.ADS
C.NTFS
D.Backdoor access
Correct:B
15.What is the purpose of firewalking?
A.It's a technique used to map routers on a network link
B.It's a technique used to discover Wireless network on foot
C.It's a technique used to discover interface in promiscuous mode
D.It's a technique used to discover what rules are configured on a gateway
Correct:D
16.Travis works primarily from home as a medical transcriptionist. He just bought a brand new Dual Core Pentium computer with over 3 GB of RAM. He uses voice recognition software to help him transfer what he dictates to electronic documents. The voice recognition software is processor intensive, which is why he bought the new computer. Travis frequently has to get on the Internet to do research on what he is working on. After about two months of working on his new computer, he notices that it is not running nearly as fast as it used to. Travis uses antivirus software, anti-spyware software, and always keeps the computer up-to-date with Microsoft patches. After another month of working on the computer, Travis' computer is even more noticeably slow. Every once in awhile, Travis also notices a window or two pop-up on his screen, but they quickly disappear.He has seen these windows show up, even when he has not been on the Internet. Travis is really worried about his computer because he spent a lot of money on it, and he depends on it to work. Travis scans his computer with all kinds of software, and cannot find anything out of the ordinary. Travis decides to go through Windows Explorer and check out the file system, folder by folder, to see if there is anything he can find. He spends over four hours pouring over the files and folders and cannot find anything.But, before he gives up, he notices that his computer only has about 10 GB of free space available.Since his hard drive is a 200 GB hard drive, Travis thinks this is very odd. Travis downloads Space Monger and adds up the sizes for all the folders and files on his computer. According to his calculations, he should have around 150 GB of free space. What is mostly likely the cause of Travis' problems?
A.Travis's computer is infected with stealth kernel level rootkit
B.Travis's computer is infected with Stealth Trojan Virus
C.Travis's computer is infected with Self-Replication Worm that fills the hard disk space
D.Logic Bomb is triggered at random times creating hidden data consuming junk files
Correct:A
17.Why is Social Engineering considered attractive by hackers and commonly done by experts in the field?
A.It is not considered illegal
B.It is done by well-known hackers
C.It is easy and extremely effective to gain information
D.It does not require a computer in order to commit a crime
Correct:C
18.Lori has just been tasked by her supervisor toonduct vulnerability scan on the corporate network.She has been instructed to perform a very thorough test of the network to ensure that there are no security holes on any of the machines.Lori's company does not own any commercial scanning products, so she decides to download a free one off the Internet.Lori has never done a vulnerability scan before, so she is unsure of some of the settings available in the software she downloaded.One of the options is to choose which ports that can be scanned.Lori wants to do exactly what her boss has told her, but she does not know what ports should be scanned. If Lori is supposed to scan all known TCP ports, how many ports should she select in the software?
A.65536
B.1024
C.1025
D.Lori should not scan TCP ports, only UDP ports
Correct:A
19.Samantha has been actively scanning the client network for which she is doing a vulnerability assessment test. While doing a port scan she notices ports open in the 135 to 139 range. What protocol is most likely to be listening on those ports?
A.FTP
B.SMB
C.Finger
D.Samba
Correct:B
20.A program that defends against a port scanner will attempt to:
A.Sends back bogus data to the port scanner
B.Log a violation and recommend use of security-auditing tools
C.Limit access by the scanning system to publicly available ports only
D.Update a firewall rule in real time to prevent the port scan from being completed
Correct:D
21.A simple compiler technique used by programmers is to add a terminator 'canary word' containing four letters NULL (0x00), CR (0x0d), LF (0x0a) and EOF (0xff) so that most string operations are terminated. If the canary word has been altered when the function returns, and the program responds by emitting an intruder alert into syslog, and then halts what does it indicate?
A.The system has crashed
B.A buffer overflow attack has been attempted
C.A buffer overflow attack has already occurred
D.A firewall has been breached and this is logged
E.An intrusion detection system has been triggered
Correct:B
22.Blake is in charge of securing all 20 of his company's servers. He has enabled hardware and software firewalls, hardened the operating systems, and disabled all unnecessary services on all the servers. Unfortunately, there is proprietary AS400 emulation software that must run on one of the servers that requires the telnet service to function properly. Blake is especially concerned about this since telnet can be a very large security risk in an organization. Blake is concerned about how this particular server might look to an outside attacker so he decides to perform some footprinting, scanning, and penetration tests on the server.Blake telnets into the server and types in the following command: HEAD / HTTP/1.0 After pressing enter twice, Blake gets the following results: What has Blake just accomplished?

A.Grabbed the banner
B.Downloaded a file to his local computer
C.Submitted a remote command to crash the server
D.Poisoned the local DNS cache of the server
Correct:A
23.Harold is the senior security analyst for a small state agency in New York.He has no other security professionals that work under him, so he has to do all the security-related tasks for the agency.Coming from a computer hardware background, Harold does not have a lot of experience with security methodologies and technologies, but he was the only one who applied for the position. Harold is currently trying to run a Sniffer on the agency's network to get an idea of what kind of traffic is being passed around, but the program he is using does not seem to be capturing anything.He pours through the Sniffer's manual, but cannot find anything that directly relates to his problem.Harold decides to ask the network administrator if he has any thoughts on the problem.Harold is told that the Sniffer was not working because the agency's network is a switched network, which cannot be sniffed by some programs without some tweaking. What technique could Harold use to sniff his agency's switched network?
A.ARP spoof the default gateway
B.Conduct MiTM against the switch
C.Launch smurf attack against the switch
D.Flood the switch with ICMP packets
Correct:A
24.You have retrieved the raw hash values from a Windows 2000 Domain Controller. Using social engineering, you know that they are enforcing strong passwords. You understand that all users are required to use passwords that are at least 8 characters in length. All passwords must also use 3 of the 4 following categories: lower case letters, capital letters, numbers and special characters. With your given knowledge of users, likely user account names and the possibility that they will choose the easiest passwords possible, what would be the fastest type of password cracking attack you can run against these hash values to get results?
A.Hybrid Attack
B.Dictionary Attack
C.Encryption Attack
D.Brute Force Attack
Correct:A
25.When writing shellcodes, you must avoid ____________ because these will end the string. charhellcode[] f11 "\xeb\x1f\x5e\x89\x76\x08\x31\xc0\x88\x46\x07\x89\x46\x0c\xb0\x0b" f11 "\x89\xf3\x8d\x4e\x08\x8d\x56\x0c\xcd\x80\x31\xdb\x89\xd8\x40\xcd" f11 "\x80\xe8\xdc\xff\xff\xff/bin/sh"; voidain()? { int?ret; f11 ? ret??int?)&ret??; f11 ? (*ret)??int)shellcode; }
A.Null bytes
B.Root bytes
C.Char bytes
D.Unicode bytes
Correct:A
26.One of the most common and the best way of cracking RSA encryption is to begin to derive the two prime numbers, which are used in the RSA PKI mathematical process. If the two numbers p and q are discovered through a _____________ process, then the private key can be derived.
A.Factorization
B.Prime detection
C.Hashing
D.Brute-forcing
Correct:A
27.Bob has been hired to do a web application security test. Bob notices that the site is dynamic and must make use of a back end database. Bob wants to see if SQL Injection would be possible. What is the first character that Bob should use to attempt breaking valid SQL request?
A.Single Quote
B.Semi Column
C.Double Quote
D.Exclamation Mark
Correct:A
28.Paula works as the primary help desk contact for her company.Paula has just received a call from a user reporting that his computer just displayed a Blue Screen of Death screen and he can no longer work.Paula walks over to the user's computer and sees the Blue Screen of Death screen.The user's computer is running Windows XP, but the Blue Screen looks like a familiar one that Paula had seen on Windows 2000 computers periodically. The user said he stepped away from his computer for only 15 minutes and when he got back, the Blue Screen was there.Paula also noticed that the hard drive activity light was flashing, meaning that the computer was processing something.Paula knew this should not be the case since the computer should be completely frozen during a Blue Screen. She checks the network IDS live log entries and notices numerous nmap scan alerts. What is Paula seeing happen on this computer?
A.Paula's network was scanned using Floppyscan
B.Paula's network was scanned using Dumpsec
C.There was IRQ conflict in Paula's PC
D.Tools like Nessus will cause BSOD
Correct:A
29.Study the following log extract and identify the attack. 12/26-07:06:01.155349 128.173.37.135:1443 -> 172.16.1.106:80 TCP TTL:13 TOS:0x40 ID:35491 IpLen:20 DgmLen:493 DF ***AP*** Seq: 0x2BDC107 Ack: 0x1CB9F186 Win: 0x2238 TcpLen: 20 47 45 54 20 2F 6D 73 61 64 63 2F 2E 2E C0 AF 2E GET /msadc/..... 2E 2F 2E 2E C0 AF 2E 2E 2F 2E 2E C0 AF 2E 2E 2F ./....../....../ 77 69 6E 6E 74 2F 73 79 73 74 65 6D 33 32 2F 63 winnt/system32/c 6D 64 2E 65 78 65 3F 2F 63 2B 64 69 72 2B 63 3A md.exe?/c+dir+c: 5C 20 48 54 54 50 2F 31 2E 31 0D 0A 41 63 63 65 \ HTTP/1.1..Acce 70 74 3A 20 69 6D 61 67 65 2F 67 69 66 2C 20 69 pt: image/gif, i 6D 61 67 65 2F 78 2D 78 62 69 74 6D 61 70 2C 20 mage/x-xbitmap 69 6D 61 67 65 2F 6A 70 65 67 2C 20 69 6D 61 67 image/jpeg, imag 65 2F 70 6A 70 65 67 2C 20 61 70 70 6C 69 63 61 e/pjpeg, applica 74 69 6F 6E 2F 76 6E 64 2E 6D 73 2D 65 78 63 65 tion/vnd.ms-exce 6C 2C 20 61 70 70 6C 69 63 61 74 69 6F 6E 2F 6D l, application/m 73 77 6F 72 64 2C 20 61 70 70 6C 69 63 61 74 69 sword, applicati 6F 6E 2F 76 6E 64 2E 6D 73 2D 70 6F 77 65 72 70 on/vnd.ms-powerp 6F 69 6E 74 2C 20 2A 2F 2A 0D 0A 41 63 63 65 70 oint, */*..Accep 74 2D 4C 61 6E 67 75 61 67 65 3A 20 65 6E 2D 75 t-Language: en-u 73 0D 0A 41 63 63 65 70 74 2D 45 6E 63 6F 64 69 s..Accept-Encodi 6E 67 3A 20 67 7A 69 70 2C 20 64 65 66 6C 61 74 ng: gzip, deflat 65 0D 0A 55 73 65 72 2D 41 67 65 6E 74 3A 20 4D e..User-Agent: M 6F 7A 69 6C 6C 61 2F 34 2E 30 20 28 63 6F 6D 70 ozilla/4.0 (comp 61 74 69 62 6C 65 3B 20 4D 53 49 45 20 35 2E 30 atible; MSIE 5.0 31 3B 20 57 69 6E 64 6F 77 73 20 39 35 29 0D 0A 1; Windows 95).. 48 6F 73 74 3A 20 6C 61 62 2E 77 69 72 65 74 72 Host: lib.bvxttr 69 70 2E 6E 65 74 0D 0A 43 6F 6E 6E 65 63 74 69 ip.org..Connecti 6F 6E 3A 20 4B 65 65 70 2D 41 6C 69 76 65 0D 0A on: Keep-Alive.. 43 6F 6F 6B 69 65 3A 20 41 53 50 53 45 53 53 49 Cookie: ASPSESSI 4F 4E 49 44 47 51 51 51 51 51 5A 55 3D 4B 4E 4F ONIDGQQQQQZU=KNO 48 4D 4F 4A 41 4B 50 46 4F 50 48 4D 4C 41 50 4E HMOJAKPFOPHMLAPN 49 46 49 46 42 0D 0A 0D 0A 41 50 4E 49 46 49 46 IFIFB....APNIFIF 42 0D 0A 0D 0A B....
A.Hexcode Attack
B.Cross Site Scripting
C.Multiple Domain Traversal Attack
D.Unicode Directory Traversal Attack
Correct:D
30.While doing web application testing, you might be required to look through multiple web pages online which can take a long time. Which process below would be a more efficient way of doing this type of validation?
A.Use get utility to download all pages locally for further inspection
B.Use get * utility to download all pages locally for further inspection
C.Use wget utility to download all pages locally for further inspection
D.Use mget utility to download all pages locally for further inspection
Correct:C
Ccna ccnp ccie 등 인증시험의 덤프를 제공
우리회사의 홈페이지는 http://www.killtest.co.kr 입니다.
제 msn는 testkr@hotmail.com 입니다.
야호메일주소는 killtest@ymail.com 입니다.
          
2008/08/15 11:41 2008/08/15 11:41
- 접속자 Browser별 사용빈도 -
  Author : JCrew
  Date : 2008/08/15 11:41
  Category : OfficialWorks
  Tags : , ,

사용자 삽입 이미지
 

2008년도 사이트 접속한 브라우져별 사용빈도를 체크해보았다. 역시나 IE 6.0, IE 7.0이 많다.


명언 한마디
공직 생활을 하는 방법이 오직 세가지가 있으니 청념과 신중과 근면이다. 이 세가지를 알면, 몸가질 바를 알리라. -명심보감
          
2008/08/02 18:43 2008/08/02 18:43
- 국제공인 컴퓨터 / IT자격증 정보 -
  Author : JCrew
  Date : 2008/08/02 18:43
  Category : Miscellaneous
  Tags : , , , , , ,
CISCO
Network 분야에서 세계최고의 시장점유율을 자랑하는 HW기업이며 그 자격의 가치는 현존하는 자격중 가장 높다고 합니다. Cisco자격제도는 기업내 숙련된 네트워크 전문가의 능력을 Cisco가 인증하는 자격 프로그램입니다.


CCNA (Cisco Certified Network Associate)
SOHO(small office/home office) 시장에 필요한 네트워크 설치 및 운영 능력을 공인하는 자격증으로
초급 단계의 네트워킹 지식을 갖고 있음을 의미하는 인증입니다.

 

CCNP (Cisco Certified Network Professional)
라우터와 스위치 등의 장비를 이용해 네트워크를 구성하는 능력을 평가하며, 네트워크 운영상의 여러 가지
문제를 해결하는 능력에 관한 인증입니다.

 

CCSP (Cisco Certified Security Professional)
방화벽을 비롯한 가상사설망(VPN)ㆍ침입탐지시스템(IDS)ㆍ보안관리 등 보안 부문의 전문가 자격증입니다. CCSP 자격증을 소지한 사람은 방화벽을 직접 설치 운용할 수 있으며, VPN과 IDS 구축을 자유롭게 할 수 있는 정도의 전문 지식을 갖춘 것을 의미 합니다.

 

CCIE (Cisco Certified Internetwork Expert)
현재 국제공인자격증 중에서 가장 난이도가 높고 네트워크 엔지니어 뿐만 아니라 업체에서도 가장 선호되는 인증입니다.



Microsoft
Microsoft에서 자사의 제품(Windows NT,Visual tools, Office제품 등)에 대한 기술적 사용능력을 대외적으로 인증하여, 이를 사용자나 소지자가 적절히 활용할 수 있도록 인증해주는 자격 프로그램입니다.

 

MCSE 2003 (Microsoft Certified Systems Engineer)
비즈니스 요구 사항을 분석하고 Microsoft Windows? 2003 플랫폼과 Microsoft 서버 소프트웨어를 기반으로 비즈니스 솔루션용 인프라를 설계하고 구현하는 전문가들을 위한 프리미어 인증입니다.


 
Oracle
DataBase로 유명한 오라클 제품 사용자의 관련 업무별 전문 기술 지식 정도를 측정하여 대내외적으로 증명해 주며, 오라클의 제품과 최신기술을 활용하여 최적의 솔루션을 설계, 개발, 응용하는데 필요한 인력의 역량을 인증해 주는 자격 프로그램입니다.

 

OCP-DBA 9i (OCP9i Database Administrator)
Oracle DBMS를 관리하기 위한 지식과 기술을 비롯한 유사시를 대비한 Backup 전략과 Recovery 방법, Server Side Tuning 방법, Oracle9i Network 관리방법과 데이터베이스 관리에 필요한 Utility 사용에 관한 인증입니다.

 

OCP-DBA 10g (OCP10g Database Administrator)
Oracle DBMS를 관리하기 위한 지식과 기술을 비롯한 유사시를 대비한 Backup 전략과 Recovery 방법, Server Side Tuning 방법, Oracle9i Network 관리방법과 데이터베이스 관리에 필요한 Utility 사용에 관한 인증입니다.
Oracle Application Server 10g의 대표적인 새로운 기능중에는 Infrastructure 뿐만 아니라 File-based repository를 이용해 Grid 환경을 구축할 수 있으며, Backup & Recovery Tool을 이용해 서버의 Recovery를 수행할 수 있는 기능을 테스트 합니다.

 

OCM 9i (OCP9i Database Administrator) - ‘최고의 Oracle 전문가’
OCM자격증 시험은 전문 기술 지식 정도를 측정하는 보편적인 IT자격증 시험 구도에서 탈피하여 실무 운영능력을 검증하는 실기 시험 체제를 도입한 자격증입니다. 정보시스템에서 발생하는 각종 시나리오에 대처하는 능력을 평가하는 테스트를 통하여 ‘최고의 Oracle 전문가’ 로 인정 받게 됩니다.

직업정보>직업탐색?한국직업전망>데이터베이스관리자
OCM자격증 취득을 위하여, Oracle9i OCP-DBA 자격증을 소지하신, 응시자들은 오라클 교육센터에서 진행되는 DBA 고급과정 중 최소 2과목을 이수 하셔야 합니다.


DBA 고급과정 안내
Oracle9i OCM-DBA 자격증 취득에 필요한 오라클 교육센터에서 진행되는 DBA 고급과정들은 아래와 같습니다.
오프라인 교육과 온라인 교육 모두 OCM 자격증 취득에 필요한 2과목에 인정됩니다. (현재 한국 오라클 교육센터에서는 고급과정의 온라인 교육을 진행하지 않습니다.)


- Database Applications
- Oracle9i: Program with PL/SQL
- Oracle9i: Advanced PL/SQL
- Oracle9i: Implement Advanced Queing


- Performance Management
- Oracle9i: SQL Tuning Workshop


- Database and Data Management
- Oracle Enterprise Manager 9i
- Managing Oracle on Linux


- High Availability
- Oracle 9i: Data Guard Administration
- Oracle9i: Real Application Clusters


- Data Warehouse and Large
- Oracle9i: Data Warehouse Administration
- Oracle9i Database: Implement Partitioning



 
Sun Java
21세기의 가장 핵심이 되는 기업 기술 중 하나인 Java Technology를 사용하여 어플리케이션을 개발하는 것은 IT 전문가들에게 있어 중요한 능력이다. 웹 서비스를 예를 들면, 자바를 이용하면 개발 속도가 눈에 띄게 빨라질 뿐만 아니라 향후 60% 이상의 개발자들이 자바를 이용할 것이라는 전망입니다.

 

SCJP (Sun Certified Java Programmer)
Java Programming 언어의 기본적인 syntax와 구조를 사용해 본 경험이 있는 프로그래머들에게 적합한 시험으로 자바 프로그래머라면 반드시 취득하셔야 할 인증입니다.

 

SCWCD (Sun Certified Web Component Developer)
Java Technology Servlet과 JSP(Java Server Pages) APIs (Application Program Interface) 웹 어플리케이션을 사용하는 Java 2 Platform 개발자들의 능력을 검증하기 위한 인증입니다.

 

SCBCD (Sun Certified Business Component Developer)
EJB (Enterprise Java Beans) 어플리케이션을 설계, 개발, 테스트, 구현 및 통합하는 업무를 담당하는 프로그래머나 개발자들을 위한 인증입니다.


 
Sun Solaris
솔라리스 운영체제는 세계적인 선도업체들이 성장하게 된 기반이 되는 운영체제입니다.
솔라리스 운영체제는 높은 신뢰성, 확장성과 가용성을 제공해 줌으로써, 기업들이 급변하는 기업 환경에 적응할 뿐 아니라, 미래의 혁신에 대응할 수 있도록 지원해 드리고 있습니다.

 

SCSA (Sun Certified System Administrator)
솔라리스 운영체제 상에 운영되는 시스템 관리 업무 및 네트워크 서버 관리를 관할하는 기술 어플리케이션 지원 등 시스템관리자를 위한 인증입니다.

 

SCNA (Sun Certified Network Administrator)
Solaris/Unix 환경 하에서 네트워크 관리에 필요한 능력을 검증해 주는 인증이며 LAN과 솔라리스 운영 체제를 포함한 네트워크 시스템 상의 썬 시스템 관리자를 위한 인증입니다.

 
출처 - 국제 자격증 공식인증 시험센터

명언 한마디
일반적으로 우리들이 남을 칭찬하는 것은 결국 우리 자신이 칭찬 받으려는 기대에서 비롯되는 것이다. -라 로슈프코
    12352 PermaLink  Edit  Reply    2009/01/02 20:03
E20-370
1. The customer's Centera is using CentraStar 3.0. A third-party vendor implemented an application and requested that a virtual pool and profile be created on the Centera. The application fails in its attempt to write to the Centera. What is a possible problem?
A. CE+ is enabled so no data can be written to the Centera
B. PEA file was never provided to the application
C. Replication wasn't turned on
D. Storage pool creation not completed
Answer: B

2. What is the maximum number of nodes in a Gen 4 Centera Cube?
A. 4
B. 8
C. 16
D. 32
Answer: C

3. Clips need to be migrated from the default pool to a virtual pool. An access profile has already been created.
Sequence the following steps to migrate clips:
1) Grant the profile access to the pool
2) Create application virtual pool
3) Start migrating poolmappings
4) Set the home pool for the access profile
5) Create poolmapping
A. 2, 4, 1, 5, 3
B. 2, 5, 4, 1, 3
C. 2, 1, 4, 5, 3
D. 2, 1, 5, 4, 3
Answer: A

4. What is an "unbundled" cluster?
A. Flexible solution where the customer chooses any configuration of hardware or software to deploy
B. Hardware only solution where the software is provided by the customer
C. Software only solution where the hardware is provided by the customer
D. Solution where the customer provides the rack in which the cluster is installed
Answer: D

5. What does SDK Failover enable with the default setting?
A. If a C-Clip cannot be found on the primary cluster, then the request goes to the secondary cluster
B. If the communication is interrupted to the primary Centera, all data is rewritten to the secondary Centera
C. If the pool has reached its defined quota then data is written automatically to the default pool
D. In case of a disk failure, data is written automatically to a node connected to the other power rail
Answer: A

6. How do you launch the CUA Monitor?
A. Connect Monitor and keyboard directly to the CUA node and launch web services
B. Start a http session to the IP-address of the CUA using port 16000
C. Start a https session to the IP-address of the CUA using port 7227
D. Starting a SSH session to the IP address of the CUA and use the function "M" in the menu
Answer: C

7. Click the exhibit button.

Which button, in the diagram, is used to start the CLI from within Centera viewer?

A. 1
B. 2
C. 3
D. 4
Answer: A

8. What are the available Centera replication topologies in addition to Uni-Directional and Bi-Directional?
A. Chain and Inward Star
B. Multipoint to Point and Chain
C. Point to Multipoint and Link
D. Ring and Star
Answer: A

9. A new customer has been testing their Centera in Governance mode. They have specified retention periods ranging from 0 days to 7 years. They would now like to erase the cluster and put it into production. How can the customer remove the test data from the cluster?
A. Customer can issue a reset cluster command from the CLI
B. Customer can switch the cluster off for 24 hours to delete all data
C. Customer can use the privileged delete command to remove the data
D. Can not be done, data remains on the cluster
Answer: C

10. With which enterprise backup solutions does CASbar work?
A. NDMP compatible systems
B. NDMP systems with DMA capabilities
C. Systems capable of mounting a UNIX file system
D. Systems capable of mounting a windows file system
Answer: D

11. How can an application get authenticated by the Centera?
A. Application sends the PAI-file encrypted to Centera as part of the connection process
B. Connect string contains IP-Address of one or more access nodes, and a valid pair of name and secret
C. Send IP address of all access nodes and correct subnet mask as part of the connect string
D. System administrator has to set an environment variable, which points to the location of the PAI-module
Answer: B

12. By default, how many different file sizes does Centera Verify use to perform tests?
A. 1
B. 2
C. 3
D. 4
Answer: C
13. What is the primary benefit of the GM naming scheme?
A. Combination of the MD5 plus SHA-256 hash algorithms
B. Containerizes small files for increased performance
C. Faster for both ingest and cluster operations
D. Single Instance Storage
Answer: C

14. Which management role is required for the profile to be used by Centera Console?
A. Accesscontrol role
B. Audit role
C. Monitor role
D. Replication role
Answer: C

15. What is the function of garbage collection?
A. Delete all CDFs with elapsed retention periods
B. Delete all reflections which do not contain pointers to blobs
C. Delete blobs that have no associated CDF
D. Delete virtual pools which do not contain data
Answer: C

16. Which item is responsible for granting capabilities?
A. Access profile
B. ACL's
C. CentraStar Mode (Basic, Governance or CE+)
D. Cluster profile
Answer: B

17. Which tool is used to create domains for use with Centera Console?
A. Centera CLI
B. Centera Console CLI
C. Centera Viewer
D. PDM
Answer: A

18. Which naming scheme facilitates single instance storage?
A. CPM
B. GM
C. M++
D. SSPF
Answer: C

19. What remains after an object is deleted from Centera by an application?
A. Copy of the CDF
B. Copy of the object
C. Nothing will remain
D. Reflection
Answer: D

20. What is an example of the command to turn CPP on when the license has been entered?
A. set content protection parity on
B. set protection CPP
C. set protection mode CPP
D. set protection write parity 250k
Answer: D

21. What is the best description for fixed content?
A. Content that is included in the companys back-up policy
B. Final copy of data
C. Fixed Database structures
D. Transactional data required for corporate compliance
Answer: B

22. What is the function of CASbar?
A. Monitor Centera health and status
B. Provide a connector for enterprise backup software
C. Provide a mountpoint interface to the Centera
D. Verify read/write/delete functionality of Centera
Answer: B

23. A Centera cluster is configured to use CPM. A customer creates a new Virtual Pool. What is the object count of the Virtual Pool after a 250 kB document is written to it?
A. 1
B. 2
C. 4
D. 9
Answer: C

24. How is the blob protected using CPM?
A. Fragmented in a 4+1 configuration
B. Mirrored across six nodes
C. Mirrored on one odd node and one even node
D. Segmented across six nodes with a seventh for parity
Answer: C

25. Using Enhanced Availability, how often does the database on the standby CUA get updated?
A. Active CUA sends all database updates immediately to the Standby CUA
B. Every 5 minutes or 500 writes, whichever occurs first
C. User must define the frequency depending on the desired RPO
D. Whenever the active CUA writes a backup of its database to Centera
Answer: B

26. What is the first step performed by the Centera API before the file is sent to the Centera?
A. Cache the file for later use
B. Calculate the content address
C. Encrypt the CDF and blob
D. Prepare the CDF
Answer: D

27. What is one method of getting files to a Centera?
A. A network file share from the Centera itself
B. CUA providing a share to the Centera
C. FTP a file from a host directly to the Centera
D. Presenting LUNs from the Centera to a host
Answer: B

28. Which protocol is used by the Centera SDK to interact with the Centera cluster?
A. Fibre Channel
B. SCSI
C. TCP/IP
D. WEP
Answer: C

29. A customer wants to start a backup set on January 31, 2006 at 5am. What is the correct syntax to specify this parameter in the configuration file?
A. BEGINTIME='2006-01-31 05:00'
B. FIRSTCLIPDATE='2006-01-31 05:00'
C. STARTTIMESTAMP='2006-01-31 05:00'
D. BEGINTIMEPERIOD='2006-01-31 05:00'
Answer: C
30. What is the maximum number of Centera clusters that can be monitored in a domain?
A. Two
B. Four
C. Six
D. Unlimited
Answer: B
Ccna ccnp ccie 등 인증시험의 덤프를 제공
우리회사의 홈페이지는 http://www.killtest.co.kr 입니다.
제 msn는 testkr@hotmail.com 입니다.
야호메일주소는 killtest@ymail.com 입니다.
    43535 PermaLink  Edit  Reply    2009/01/05 17:08
ECO-350
1.Samuel is the network administrator of DataX Communications, Inc. He is trying to configure his firewall to block password brute force attempts on his network. He enables blocking the intruder's IP address for a period of 24 hours time after more than three unsuccessful attempts. He is confident that this rule will secure his network from hackers on the Internet. But he still receives hundreds of thousands brute-force attempts generated from various IP addresses around the world. After some investigation he realizes that the intruders are using a proxy somewhere else on the Internet which has been scripted to enable the random usage of various proxies on each request so as not to get caught by the firewall rule. Later he adds another rule to his firewall and enables small sleep on the password attempt so that if the password is incorrect, it would take 45 seconds to return to the user to begin another attempt. Since an intruder may use multiple machines to brute force the password, he also throttles the number of connections that will be prepared to accept from a particular IP address. This action will slow the intruder's attempts. Samuel wants to completely block hackers brute force attempts on his network. What are the alternatives to defending against possible brute-force password attacks on his site?
A.Enforce a password policy and use account lockouts after three wrong logon attempts even though this might lock out legit users
B.Enable the IDS to monitor the intrusion attempts and alert you by e-mail about the IP address of the intruder so that you can block them at the Firewall manually
C.Enforce complex password policy on your network so that passwords are more difficult to brute force
D.You cannot completely block the intruders attempt if they constantly switch proxies
Correct:D
2.Which programming language is NOT vulnerable to buffer overflow attacks?
A.Java
B.ActiveX
C.C++
D.Assembly Language
Correct:A
3.A client has approached you with a penetration test requirement. They are concerned with the possibility of external threat, and have invested considerable resources in protecting their Internet exposure. However, their main concern is the possibility of an employee elevating his/her privileges and gaining access to information outside of their department. What kind of penetration test would you recommend that would best address the client's concern?
A.A Grey Hat test
B.A Grey Box test
C.A Black Hat test
D.A White Hat test
E.A Black Box test
F.A White Box test
Correct:B
4.What type of port scan is shown below? Scan directed at open port: ClientServer 192.5.2.92:4079 ---------FIN--------->192.5.2.110:23 192.5.2.92:4079 <----NO RESPONSE------192.5.2.110:23 Scan directed at closed port: ClientServer 192.5.2.92:4079 ---------FIN--------->192.5.2.110:23 192.5.2.92:4079<-----RST/ACK----------192.5.2.110:23
A.Idle Scan
B.FIN Scan
C.XMAS Scan
D.Windows Scan
Correct:B
5.Which of the following built-in C/C++ functions you should avoid to prevent your program from buffer overflow attacks?
A.strcpy()
B.strcat()
C.streadd()
D.strsock()
Correct:A B C
6.Bob is acknowledged as a hacker of repute and is popular among visitors of 'underground' sites. Bob is willing to share his knowledge to those who are willing to learn, and many have expressed their interest in learning from him. However, this knowledge has risks associated with it, as the same knowledge can be used for malevolent attacks as well. In this context, what would be the most effective method to bridge the knowledge gap between the "black" hats or crackers and the "white" hats or computer security professionals?
A.Hire more computer security monitoring personnel to monitor computer systems and networks
B.Educate everyone with books, articles and training on risk analysis, vulnerabilities and safeguards
C.Train more national guard and reservist in the art of computer security to help out in times of emergency or crises
D.Make obtaining either a computer security certification or accreditation easier to achieve so more individuals feel that they are a part of something larger than life
Correct:B
7.After a client sends a connection request (SYN) packet to the server, the server will respond (SYN-ACK) with a sequence number of its choosing, which then must be acknowledged (ACK) by the client. This sequence number is predictable; the attack connects to a service first with its own IP address, records the sequence numbe