DCOM 258 Final Exam Review UPDATED
Actual Exam Questions and CORRECT
Answers
Which of the following techniques enables an already secure organization to assess security
vulnerabilities in real time? - CORRECT ANSWER✔✔- Continuous monitoring
Which of the following can determine which flags are set in a TCP/IP handshake? -
CORRECT ANSWER✔✔- Protocol analyzer
Which of following is the most basic form of IDS? - CORRECT ANSWER✔✔- Signature-
based
You suspect a broadcast storm on the LAN. Which tool is required to diagnose which
network adapter is causing the storm? - CORRECT ANSWER✔✔- Protocol analyzer
Which of the following log files should show attempts at unauthorized access? - CORRECT
ANSWER✔✔- Security
Jason is a security administrator for a company of 4000 users. He wants to store 6 months of
security logs to a logging server for analysis. The reports are required by upper management
due to legal obligations but are not time-critical. When planning for the requirements of the
logging server, which of the following should not be implemented? - CORRECT
ANSWER✔✔- Performance baseline and audit trails
What kind of security control do computer security audits fall under? - CORRECT
ANSWER✔✔- Detective
Which tool can be instrumental in capturing FTP GET requests? - CORRECT ANSWER✔✔-
Protocol analyzer
Michael has just completed monitoring and analyzing a web server. Which of the following
indicates that the server might have been compromised? - CORRECT ANSWER✔✔- The
web server is showing a drop in CPU speed and hard disk speed.
, Which of the following protocols are you observing in the packet capture below?
16:42:01 - SRC 192.168.1.5:3389 - DST 10.254.254.57:8080 - SYN/ACK - CORRECT
ANSWER✔✔- RDP
Which of the following requires a baseline? (Select the two best answers.) - CORRECT
ANSWER✔✔- Behavior-based monitoring
Anomaly-based monitoring
What tool can alert you if a server's processor trips a certain threshold? - CORRECT
ANSWER✔✔- Performance Monitor
You have established a baseline for your server. Which of the following is the best tool to use
to monitor any changes to that baseline? - CORRECT ANSWER✔✔- Performance Monitor
Your boss wants you to properly log what happens on a database server. What are the most
important concepts to think about while you do so? (Select the two best answers.) -
CORRECT ANSWER✔✔- The amount of disk space you will require
The information that will be needed to reconstruct events later
One of the developers in your organization installs a new application in a test system to test
its functionality before implementing into production. Which of the following is most likely
affected? - CORRECT ANSWER✔✔- Initial baseline configuration
Which of the following is a record of the tracked actions of users? - CORRECT
ANSWER✔✔- Audit trails
Of the following, which two security measures should be implemented when logging a
server? (Select the two best answers.) - CORRECT ANSWER✔✔- The application of
retention policies on log files
Hashing of log files
Actual Exam Questions and CORRECT
Answers
Which of the following techniques enables an already secure organization to assess security
vulnerabilities in real time? - CORRECT ANSWER✔✔- Continuous monitoring
Which of the following can determine which flags are set in a TCP/IP handshake? -
CORRECT ANSWER✔✔- Protocol analyzer
Which of following is the most basic form of IDS? - CORRECT ANSWER✔✔- Signature-
based
You suspect a broadcast storm on the LAN. Which tool is required to diagnose which
network adapter is causing the storm? - CORRECT ANSWER✔✔- Protocol analyzer
Which of the following log files should show attempts at unauthorized access? - CORRECT
ANSWER✔✔- Security
Jason is a security administrator for a company of 4000 users. He wants to store 6 months of
security logs to a logging server for analysis. The reports are required by upper management
due to legal obligations but are not time-critical. When planning for the requirements of the
logging server, which of the following should not be implemented? - CORRECT
ANSWER✔✔- Performance baseline and audit trails
What kind of security control do computer security audits fall under? - CORRECT
ANSWER✔✔- Detective
Which tool can be instrumental in capturing FTP GET requests? - CORRECT ANSWER✔✔-
Protocol analyzer
Michael has just completed monitoring and analyzing a web server. Which of the following
indicates that the server might have been compromised? - CORRECT ANSWER✔✔- The
web server is showing a drop in CPU speed and hard disk speed.
, Which of the following protocols are you observing in the packet capture below?
16:42:01 - SRC 192.168.1.5:3389 - DST 10.254.254.57:8080 - SYN/ACK - CORRECT
ANSWER✔✔- RDP
Which of the following requires a baseline? (Select the two best answers.) - CORRECT
ANSWER✔✔- Behavior-based monitoring
Anomaly-based monitoring
What tool can alert you if a server's processor trips a certain threshold? - CORRECT
ANSWER✔✔- Performance Monitor
You have established a baseline for your server. Which of the following is the best tool to use
to monitor any changes to that baseline? - CORRECT ANSWER✔✔- Performance Monitor
Your boss wants you to properly log what happens on a database server. What are the most
important concepts to think about while you do so? (Select the two best answers.) -
CORRECT ANSWER✔✔- The amount of disk space you will require
The information that will be needed to reconstruct events later
One of the developers in your organization installs a new application in a test system to test
its functionality before implementing into production. Which of the following is most likely
affected? - CORRECT ANSWER✔✔- Initial baseline configuration
Which of the following is a record of the tracked actions of users? - CORRECT
ANSWER✔✔- Audit trails
Of the following, which two security measures should be implemented when logging a
server? (Select the two best answers.) - CORRECT ANSWER✔✔- The application of
retention policies on log files
Hashing of log files
