New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

Certensure Logo
  1. Home
  2. CIW
  3. Web Security Associate
  4. 1D0-571 - CIW v5 Security Essentials

CIW 1D0-571 CIW v5 Security Essentials Exam Practice Test

Demo: 9 questions
Total 62 questions
Get 1D0-571 Full Access Download 1D0-571 PDF

CIW v5 Security Essentials Questions and Answers

Question 1

What is the first tool needed to create a secure networking environment?

Options:

A.

User authentication

B.

Confidentiality

C.

Security policy

D.

Auditing

Question 2

A CGI application on the company's Web server has a bug written into it. This particular bug allows the application to write data into an area of memory that has not been properly allocated to the application. An attacker has created an application that takes advantage of this bug to obtain credit card information. Which of the following security threats is the attacker exploiting, and what can be done to solve the problem?

Options:

A.

- Buffer overflow

- Work with the Web developer to solve the problem

B.

- SQL injection

- Work with a database administrator to solve the problem

C.

- Denial of service

- Contact the organization that wrote the code for the Web server

D.

- Man-in-the-middle attack

- Contact the company auditor

Question 3

What is the primary use of hash (one-way) encryption in networking?

Options:

A.

Signing files, for data integrity

B.

Encrypting files, for data confidentiality

C.

Key exchange, for user authentication

D.

User authentication, for non-repudiation

Question 4

A security breach has occurred involving the company e-commerce server. Customer credit card data has been released to unauthorized third parties. Which of the following lists the appropriate parties to inform?

Options:

A.

Shareholders, law enforcement agencies and company employees

B.

Affected customers, credit card companies and law enforcement agencies

C.

The Internet Service Provider, ICANN and company shareholders

D.

External security consultants, company board members and affected customers

Question 5

Which of the following is a primary weakness of asymmetric-key encryption?

Options:

A.

It is slow because it requires extensive calculations by the computer.

B.

It can lead to the corruption of encrypted data during network transfer.

C.

It is reliant on the Secure Sockets Layer (SSL) standard, which has been compromised.

D.

It is difficult to transfer any portion of an asymmetric key securely.

Question 6

Which of the following describes the practice of stateful multi-layer inspection?

Options:

A.

Using a VLAN on a firewall to enable masquerading of private IP addresses

B.

Prioritizing voice and video data to reduce congestion

C.

Inspecting packets in all layers of the OSI/RM with a packet filter

D.

Using Quality of Service (QoS) on a proxy-oriented firewall

Question 7

Requests for Web-based resources have become unacceptably slow. You have been assigned to implement a solution that helps solve this problem. Which of the following would you recommend?

Options:

A.

Enable stateful multi-layer inspection on the packet filter

B.

Implement caching on the network proxy server

C.

Enable authentication on the network proxy server

D.

Implement a screening router on the network DMZ

Question 8

Consider the following diagram:

Which of the following best describes the protocol activity shown in the diagram, along with the most likely potential threat that accompanies this protocol?

Options:

A.

The ICMP Time Exceeded message, with the threat of a denial-of-service attack

B.

The SIP three-way handshake, with the threat of a buffer overflow

C.

The TCP three-way handshake, with the threat of a man-in-the-middle attack

D.

The DNS name query, with the threat of cache poisoning

Question 9

Which choice lists typical firewall functions?

Options:

A.

Creating a VLAN and configuring the intrusion-detection system

B.

Issuing alerts and limiting host access

C.

Logging traffic and creating a choke point

D.

Implementing the security policy and scanning the internal network

Load More 1D0-571 Questions
Demo: 9 questions
Total 62 questions
Get 1D0-571 Full Access Download 1D0-571 PDF