Question 1

List eight different types of information that might be found in a log created by an auditor.

Accepted Answer

Any eight of the following:
1. Every time services are started and stopped
2. Every time services are reconfigured or configured incorrectly
3. Hardware events, such as when a peripheral has been activated or if disk space is running out
4. Hardware problems, such as a failing port, disk drive, or other problems
5. Every time files and directories are backed up
6. Events related to network services such as DNS, DHCP, Web servers, and others
7. Every time an operating system has been shut down and rebooted
8. Every logon attempt
9. Every time a file has been accessed 
10. Every time permissions are changed on an object 
11. Every time a print job has succeeded or failed 
12. Network connection events

Question 2

A(n) ____________________ is a command-line string issued remotely that is intended to weaken the security or to alter an operating system.

Accepted Answer

string signature

Question 3

Which Network Monitor pane provides statistics about traffic from other computers on the network, including the MAC (device) address of each computer's NIC and data about the number of frames sent from and received by each computer?

Accepted Answer

A)  Graph 
B)  Total Statistics 
C)  Session Statistics 
D)  Station Statistics 
A)  Graph 
B)  Total Statistics 
C)  Session Statistics 
D)  Station Statistics C

Question 4

Which Netware 6.x log is displayed in the figure above?

Accepted Answer

A)  Access 
B)  Audit 
C)  Module 
D)  Console 
A)  Access 
B)  Audit 
C)  Module 
D)  Console

Question 5

In Red Hat Linux, log files are managed through a process called ____________________ .

Accepted Answer

The answer of In Red Hat Linux, log files are...

Question 6

What type of computer is placed on a network to attract attackers?

Accepted Answer

A)  Dummy 
B)  Honeypot 
C)  Fake 
D)  Both a and b 
E)  Both b and c 
A)  Dummy 
B)  Honeypot 
C)  Fake 
D)  Both a and b 
E)  Both b and c

Question 7

SYSCON is a Server Console command that is carried forward from earlier versions of NetWare.

Accepted Answer

A) True 
 B)False

Question 8

What utility can be used to clean up the Mac OS X Server logs?

Accepted Answer

A)  MacJanitor 
B)  MacCleanUp 
C)  MacSweep 
D)  MacRotate 
A)  MacJanitor 
B)  MacCleanUp 
C)  MacSweep 
D)  MacRotate

Question 9

What type of intrusion detection monitors the system on which it is loaded?

Accepted Answer

A)  Host-based 
B)  System-based 
C)  Network-based 
D)  Local-based 
A)  Host-based 
B)  System-based 
C)  Network-based 
D)  Local-based

Question 10

The Netware 6.x Console Log enables you to trace information, such as NLMs that have been loaded or unloaded, and to trace other activities that have been performed from the console.

Accepted Answer

A) True 
 B)False

Question 11

What four tasks can be accomplished using NetWare Remote Manager?

Accepted Answer

1. View current connections
2.

Question 12

SNMP enables network agents to gather information about network performance and send that information to a network management station.

Accepted Answer

A) True 
 B)False

Question 13

By default in Red Hat Linux 9.x , how many rotation levels does each log file have?

Accepted Answer

A)  2 
B)  3 
C)  4 
D)  5 
A)  2 
B)  3 
C)  4 
D)  5

Question 14

Match between columns
                        Premises: Records specific situations that an administrator wants to be warned about
Sends an alert to an administrator or takes an action to block an attack
Setting up ways to detect and record intrusion attempts, without taking action
A viewing capability that enables you to display only specific events
Used to attract attackers
Examines captured data and determines if there has been an intrusion
Performs a specific function when a predefined situation occurs
Used to detect and report possible network and computer system intrusions
Tracks a wide range of data and events related to an operating system
A message sent to an administrator about a specific operating system event

Accepted Answer

The Answer of Auditor and Passive intrusion detection and Filter is...

Question 15

Which command provides information about who is logged on to Red Hat Linux 9.x?

Accepted Answer

A)  who 
B)  who am i 
C)  proc 
D)  login 
A)  who 
B)  who am i 
C)  proc 
D)  login

Question 16

Does the Netware 6.x Console log contain error information recorded for the NetWare server?

Accepted Answer

A) True 
 B)False

Question 17

Which type of IDS automatically records information to a log?

Accepted Answer

A)  Network-based 
B)  Host-based 
C)  Auditor 
D)  Inspector 
A)  Network-based 
B)  Host-based 
C)  Auditor 
D)  Inspector

Question 18

In the Windows 2000 Computer Management tool, what three options under Shared Folders provide information about users currently logged on to the operating system?

Accepted Answer

1. Shares

Question 19

The device log records information about system-related events such as hardware errors, driver problems, and hard drive errors.

Accepted Answer

A) True 
 B)False

Question 20

Which Linux Red Hat 9.x "who" command option shows the amount of time each user process has been idle?

Accepted Answer

A)  -a 
B)  -b 
C)  -i 
D)  -s 
A)  -a 
B)  -b 
C)  -i 
D)  -s

List eight different types of information that might be found in a log created by an auditor.

A(n) ____________________ is a command-line string issued remotely that is intended to weaken the security or to alter an operating system.

Which Network Monitor pane provides statistics about traffic from other computers on the network, including the MAC (device) address of each computer's NIC and data about the number of frames sent from and received by each computer?

Which Netware 6.x log is displayed in the figure above?

In Red Hat Linux, log files are managed through a process called ____________________ .

What type of computer is placed on a network to attract attackers?

SYSCON is a Server Console command that is carried forward from earlier versions of NetWare.

What utility can be used to clean up the Mac OS X Server logs?

What type of intrusion detection monitors the system on which it is loaded?

The Netware 6.x Console Log enables you to trace information, such as NLMs that have been loaded or unloaded, and to trace other activities that have been performed from the console.

What four tasks can be accomplished using NetWare Remote Manager?

SNMP enables network agents to gather information about network performance and send that information to a network management station.

By default in Red Hat Linux 9.x , how many rotation levels does each log file have?

Which command provides information about who is logged on to Red Hat Linux 9.x?

Does the Netware 6.x Console log contain error information recorded for the NetWare server?

Which type of IDS automatically records information to a log?

In the Windows 2000 Computer Management tool, what three options under Shared Folders provide information about users currently logged on to the operating system?

The device log records information about system-related events such as hardware errors, driver problems, and hard drive errors.

Which Linux Red Hat 9.x "who" command option shows the amount of time each user process has been idle?

Operating Systems Security: Keeping Computers and Networks Secure

Viruses, Worms, and Malicious Software

Security Through Authentication and Encryption

Account-Based Security

File, Directory, and Shared Resource Security

Firewalls and Border Security

Physical and Network Topology Security

Wireless Security

Web, Remote Access, and VPN Security

E-Mail Security

Security Through Disaster Recovery

Filters

Exam 12: Security Through Monitoring and Auditing

List eight different types of information that might be found in a log created by an auditor.

A(n) ____________________ is a command-line string issued remotely that is intended to weaken the security or to alter an operating system.

Which Network Monitor pane provides statistics about traffic from other computers on the network, including the MAC (device) address of each computer's NIC and data about the number of frames sent from and received by each computer?

Which Netware 6.x log is displayed in the figure above?

In Red Hat Linux, log files are managed through a process called ____________________ .

What type of computer is placed on a network to attract attackers?

SYSCON is a Server Console command that is carried forward from earlier versions of NetWare.

What utility can be used to clean up the Mac OS X Server logs?

What type of intrusion detection monitors the system on which it is loaded?

The Netware 6.x Console Log enables you to trace information, such as NLMs that have been loaded or unloaded, and to trace other activities that have been performed from the console.

What four tasks can be accomplished using NetWare Remote Manager?

SNMP enables network agents to gather information about network performance and send that information to a network management station.

By default in Red Hat Linux 9.x , how many rotation levels does each log file have?

Which command provides information about who is logged on to Red Hat Linux 9.x?

Does the Netware 6.x Console log contain error information recorded for the NetWare server?

Which type of IDS automatically records information to a log?

In the Windows 2000 Computer Management tool, what three options under Shared Folders provide information about users currently logged on to the operating system?

The device log records information about system-related events such as hardware errors, driver problems, and hard drive errors.

Which Linux Red Hat 9.x "who" command option shows the amount of time each user process has been idle?

Operating Systems Security: Keeping Computers and Networks Secure

Viruses, Worms, and Malicious Software

Security Through Authentication and Encryption

Account-Based Security

File, Directory, and Shared Resource Security

Firewalls and Border Security

Physical and Network Topology Security

Wireless Security

Web, Remote Access, and VPN Security

E-Mail Security

Security Through Disaster Recovery

Filters