1.drag drop

　　Drag and drop question. Drag the items to the proper locations.

　　Correct Answers:

　　2.drag drop

　　Drag and drop question. Drag the items to the proper locations.

　　Correct Answers:

　　3.What is the primary method of mitigating port redirection attacks?

　　A: keep firewalls up to date with the latest patches and fixes

　　B: do not allow trust models

　　C: keep OS and applications up to date with the latest patches and fixes

　　D: use proper trust models

　　Correct Answers:　D

　　4.How are password attacks mitigated in the SAFE SMR midsize network design corporate Internet module?

　　A: filtering at the ISP, edge router, and corporate firewall

　　B: RFC 2827 and 1918 filtering at ISP edge and midsize network edge router

　　C: e-mail content filtering, HIDS, and host-based virus scanning

　　D: OS and IDS detection

　　E: CAR at the ISP edge and TCP setup controls at the firewall

　　Correct Answers:　D

　　5.What method helps mitigate the threat of IP spoofing?

　　A: access control

　　B: logging

　　C: SNMP polling

　　D: Layer 2 switching

　　Correct Answers:　A

　　6.Why are all providers of Internet connectivity urged to implement the filtering described in RFC 2827?

　　A: to prohibit attackers from using source addresses that reside within a range of legitimately advertised prefixes

　　B: to prohibit attackers from using forged source addresses that do not reside within a range of legitimately advertised prefixes

　　C: to filter Java applications that come from a source that is not trusted

　　D: to stop internal users from reaching web sites that violate the established security policy

　　Correct Answers:　B

　　7.What are three steps of the Security Wheel? Choose three.

　　A:improve

　　B:log

　　C:maintain

　　D:test

　　E:secure

　　F:report

　　Correct Answers:　A, D, E

　　8.How are port redirection attacks mitigated in the SAFE SMR small network campus module?

　　A: switched infrastructure

　　B: host based virus scanning

　　C: the use of NIDS and application access control

　　D: the latest security fixes and NIDS

　　E: private VLANs

　　F: HIDS

　　Correct Answers:　F

　　9.Which commands are used for basic filtering in the SAFE SMR small network campus module? Choose two.

　　A:access-group

　　B:ip inspect-name

　　C:ip route

　　D:access-list

　　Correct Answers:　A, D

　　10.Which is a key server found in SAFE Enterprise network design edge corporate internet module?

　　A: database server

　　B: application server

　　C: URL filtering server

　　D: proxy server

　　Correct Answers:　C