Independence Day Special - 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: spcl70

Note! SCNP has been withdrawn.

SCNP Practice Exam Questions with Answers SCNP Strategic Infrastructure Security Certification

Question # 6

You are conducting a security awareness session for some of the employees in your organization. The discussion moves to the use if the web browser, which is Internet Explorer 7.0 for all employees. What are the four Zones that are available in Internet Explorer 7.0?

A.

Internet

B.

Local intranet

C.

Trusted sites

D.

Restricted sites

E.

Unrestricted sites

Full Access
Question # 7

Your network has been hit by a virus that is infecting the MBR on many of the systems in the network.

You are working to repair the damage this virus has done. After two days of non-stop work on the problem, you get things under control. What type of virus was in your network?

A.

Macro Virus

B.

Scripting Virus

C.

Boot Sector Virus

D.

Multi-part Virus

E.

File Infection Virus

Full Access
Question # 8

You are creating the User Account section of your organizational security policy. From the following options, select the questions to use for the formation of this section?

A.

Are users allowed to make copies of any operating system files (including, but not limited to /etc/passwd or the SAM)?

B.

Who in the organization has the right to approve the request for new user accounts?

C.

Are users allowed to have multiple accounts on a computer?

D.

Are users allowed to share their user account with coworkers?

E.

Are users required to use password-protected screensavers?

F.

Are users allowed to modify files they do not own, but have write abilities?

Full Access
Question # 9

Your organization assigns an Annual Loss Expectancy to assets during a risk analysis meeting. You have a server which if down for a day will lose the company $35,000, and has a serious root access attack against it once per month. What is the ALE for this attack against this server?

A.

$35,000

B.

$120,000

C.

$2,916

D.

$3,500

E.

$420,000

Full Access
Question # 10

Which of the following are symmetric encryption algorithms?

A.

MD5

B.

RSA

C.

Diffie-Hellman

D.

3DES

E.

AES

Full Access
Question # 11

Microsoft has developed several security tools to help you with the security and configuration of the systems in your network. One of these tools is the Microsoft Security Baseline Analyzer (MBSA). In the command line options of the MBSA is the HFNetChk tool. What is the function of the HFNetChk tool, available with MBSA?

A.

To check for the current Hotfixes that are available from Microsoft

B.

It is an upgrade to the Windows Update tool for checking on all updates

C.

It is the tool that must be run prior to installing IIS 6.0

D.

It is the tool that checks the network configuration of all web servers

E.

To record what Hotfixes and service packs are running on the Windows machine

Full Access
Question # 12

The Root-Level DNS servers have come under many attacks over the years. Due to attacks, such as the DDoS attack on the Root-Level DNS servers in October of 2002, which of the following systems was implemented to increase the security of the DNS servers for the Internet?

A.

Multicasting

B.

Unicasting

C.

Anycasting

D.

Broadcasting

E.

X-Casting

Full Access
Question # 13

Recently, you have seen an increase in intrusion attempts and in network traffic. You decide to use Snort to run a packet capture and analyze the traffic that is present. Looking at the example, what type of traffic did Snort capture in this log file?

SCNP question answer
A.

Trojan Horse Scan

B.

Back Orifice Scan

C.

NetBus Scan

D.

Port Scan

E.

Ping Sweep

Full Access
Question # 14

You work for a medium sized ISP and there have been several attacks of the DNS configuration recently.

You are particularly concerned with DNS Spoofing attacks. If an attacker is able to send out false data to a

DNS client before the response from the DNS server arrives, this is which type of DNS Spoofing?

A.

DNS Server Compromise

B.

DNS Cache Poisoning

C.

Spoofing the DNS Response

D.

DNS Source-Router Spoof

E.

IXFR Source-Spoof

Full Access
Question # 15

Recently you have had meetings with an organization to design their security policy. There has been some resistance on their board concerning the need for a security policy. To help remove the resistance, you describe the many benefits to having a security policy. Which of the following are the benefits of a security policy?

A.

Help to prevent misuse of resources

B.

Help to decrease the legal liability

C.

Help to protect proprietary information

D.

Help to lower bandwidth usage

E.

Help protect data from unauthorized access

Full Access
Question # 16

What is a problem with symmetric key cryptography?

A.

It is slower than asymmetric key cryptography

B.

Secure distribution of the public key

C.

There is a lack of encryption protocols that can use symmetric key cryptography

D.

Secure distribution of a secret key

E.

Symmetric key cryptography is reserved for the NSA

Full Access
Question # 17

Recently, you have seen an increase in intrusion attempts and in network traffic. You decide to use

Snort to run a packet capture and analyze the traffic that is present. Looking at the example, what type of traffic did Snort capture in this log file?

SCNP question answer
A.

Port Scan

B.

Trojan Scan

C.

Back Orifice Scan

D.

NetBus Scan

E.

Ping Sweep

Full Access
Question # 18

You have a file on your Linux system, and you need to modify the file's permissions. The permissions you wish to apply are: Read and Write for the User; Read and Write for the Group: and Read for the Others.

What command will allow you to achieve this?

A.

chmod 660 test_file.tar.gz

B.

chmod 760 test_file.tar.gz

C.

chmod 604 test_file.tar.gz

D.

chmod 704 test_file.tar.gz

E.

chmod 664 test_file.tar.gz

Full Access
Question # 19

Which three of the following are examples of the reason that Message Authentication is needed?

A.

Packet Loss

B.

Content Modification

C.

Masquerading

D.

Public Key Registration

E.

Sequence Modification

Full Access
Question # 20

When using the 3DES encryption ( C = EK1[DK2[EK1[P]]] ) , what is the function of P?

A.

P is the text before encryption

B.

P is the first encryption key

C.

P is the second encryption key

D.

P is the decryption key

E.

P is the text after encryption

Full Access
Question # 21

You are the main person responsible for the security of a mid-sized company. To have control over all the aspects of the security of the network, you study and analyze each component thoroughly. Your network is running all Windows 2003 servers, and you are studying the logon process. You know there are many components of the process, and are now at the point where you are analyzing the Security Accounts Manager (SAM). What is the SAM?

A.

The SAM is a listing of users or group SIDS

B.

The SAM is an authentication protocol used by Windows to authenticate clients

C.

The SAM is used to check user permissions in order to access an object

D.

The SAM is used to store user account information

E.

The SAM is used to generate access tokens, and manages authentication

Full Access
Question # 22

You are creating a new Auditing and Logging policy for your network. On a Windows 2003 system, if you wish to audit events like the computer restarting, which of the following options would you use?

A.

Audit Account Logon Events

B.

Audit Account Management

C.

Audit Logon Events

D.

Audit Object Access

E.

Audit System Events

Full Access
Question # 23

While configuring TCP Wrappers on your Linux system, you desire to create a line that will effect the single host 10.20.23.45 accessing the telnet service. Which of the following lines will achieve this desired result?

A.

10.20.23.45_HOST: in.telnetd

B.

HOST(10.20.23.45): in.telnetd

C.

in.telnetd: HOST_10.20.23.45

D.

in.telnetd: ONLY_10.20.23.45/32

E.

in.telnetd: 10.20.23.45

Full Access
Question # 24

Recently, you have seen an increase in intrusion attempts and in network traffic. You decide to use

Snort to run a packet capture and analyze the traffic that is present. Looking at the example, what type of traffic did Snort capture in this log file?

SCNP question answer
A.

Nmap XMAS Scan

B.

Nmap NULL Scan

C.

Nmap SYN Scan

D.

Nmap ACK Scan

E.

Nmap SYN/FIN Scan

Full Access
Question # 25

You are making changes to your Windows Server 2003 file server, to increase security. You are aware from your auditing that attackers have been trying to map your network and perform reconnaissance. You wish to stop attackers from enumerating share names. What can you do to stop this?

A.

Disable the NULL Session under Local Policies, Security Options

B.

Be sure that the ADMIN$ share has been removed

C.

Be sure the %sysroot% is not accessible remotely

D.

Disable the Traverse Folders option from the %sysroot% directory

E.

Share Enumeration cannot be stopped. Enable Object Access logging to watch for this type of traffic pattern.

Full Access
Question # 26

You are setting the permissions on a new file in Linux. What will be the level of permission given to the user if you assign an Octal value of 7?

A.

rw-

B.

r-x

C.

---

D.

r--

E.

rwx

Full Access
Question # 27

You are examining the Event IDs in your Windows 2003 network. There have been a large number of failed attempts at logon in the network. What is the Event ID for a failed attempt at Logon due to an unknown username or bad password?

A.

412

B.

529

C.

675

D.

749

E.

855

Full Access
Question # 28

The computer you are currently using is running Linux, and you are logged into the system with your normal user account. An application you wish to run requires root access to execute. Which of the following can you do to have the application execute, and not have the security of the system lowered?

A.

Log out as your user account, and log in as root

B.

You cannot run an application as a user other than the one you are logged in as

C.

Use the sw ID 0 command

D.

Install the Switch User application, restart the computer, log in as root, then switch to your current user account and run the application

E.

Use the su root command

Full Access
Question # 29

When a cryptanalyst is using linguistic patterns to decrypt ciphertext, what is the analyst doing?

A.

Analyzing the frequency of letters

B.

Analyzing the degree of the letters

C.

Analyzing the Caesar Shift

D.

Analyzing the Transposition Cipher

E.

Analyzing the Substitution Cipher

Full Access
Question # 30

Recently, you have seen an increase in intrusion attempts and in network traffic. You decide to use

Snort to run a packet capture and analyze the traffic that is present. Looking at the example, what type of traffic did Snort capture in this log file?

SCNP question answer
A.

Nmap SYN/FIN Scan

B.

Nmap ACK Scan

C.

Nmap NULL Scan

D.

Nmap XMAS Scan

E.

Nmap SYN Scan

Full Access
Question # 31

What type of cryptographic system is represented in this image?

SCNP question answer
A.

Caesar

B.

Vingre

C.

Polybius

D.

Purple

E.

Enigma

Full Access
Question # 32

As per the guidelines in the ISO Security Policy standard, what is the purpose of the section on Physical and Environmental Security?

A.

The objectives of this section are to avoid breaches of any criminal or civil law, statutory, regulatory or contractual obligations and of any security requirements, and to ensure compliance of systems with organizational security policies and standards.

B.

The objectives of this section are to prevent unauthorized access, damage and interference to business premises and information; to prevent loss, damage or compromise of assets and interruption to business activities; to prevent compromise or theft of information and information processing facilities.

C.

The objectives of this section are to provide management direction and support for information security.

D.

The objectives of this section are to maintain appropriate protection of corporate assets and to ensure that information assets receive an appropriate level of protection.

E.

The objectives of this section are to control access to information, to prevent unauthorized access to information systems, to ensure the protection of networked services, and to prevent unauthorized computer access.

Full Access
Question # 33

When a new user account is created in Linux, what values are assigned to the user account?

A.

Shell_GID

B.

SetGID

C.

SetUID

D.

UID

E.

GID

Full Access
Question # 34

Windows 2003 Server can utilize many different forms of authentication, from standard passwords to Smart Cards. What are the advantages of using NTLM Authentication over LM Authentication in Windows?

A.

Creates 128-bit hash with MD4

B.

Creates 64-bit hash with DES

C.

Single string of 14 characters

D.

Uses 16-bit Unicode characters

E.

Uses standard character set

Full Access