CIW网络安全专家题库.pdf

TestInside1D0-570 CIW 1D0-570 CIW v5 Security Professional Exam QA 2008-6-18 English: www.TestI BIG5: www.T GB: www.T ,help you pass any IT exam! TestInside TestInside 1D0-570 1. The chief operations officer (COO) has questioned the need for end-user training. Which of the following is the most effective response? A.Indicate that you will not be responsible for the next virus outbreak. B.Remind the CEO about the last virus attack and the expense incurred. C.Explain that the cost of end-user training is a fraction of the cost of the last security breach caused by end users. D.Provide statistics that definitively show how end-user training reduces the likelihood of security breaches on the corporate network. Answer: C 2. Consider the following sequence: user1@zeppelin:/public$ su - root@zeppelin:~# chmod 1777 /public root@zeppelin:~# exit Which of the following most accurately describes the result of this command? A.Only the root user can create and delete files in the /public directory. B.All users can create, delete and read files in the /public directory, but only root has execute permissions. C.All users can create and read files in the /public directory, but only root can delete another users file. D.Any user can create files in the / directory, but no user can delete a file in this directory unless root permissions are obtained. Answer: C 3. What is the first step of a gap analysis? A.Scan the firewall. B.Review antivirus settings. C.Review the security policy. D.Review intrusion-detection software settings. Answer: C 4. Consider the following firewall rules: Incoming traffic: TCP