CIWとは、インターネット技術者の能力を、特定のベンダー技術ではなく、WindowsとLinux、Internet ExplorerとNetscapeなど業界標準となっている技術や知識を対象に教育、認定している。またCIWの試験は出題される言語こそ違うが、世界共通の問題が出題され、「国際標準」を謳っている。世界70カ国以上で実施され、10万人以上がCIW資格を取得している。1D0-470認定科目はCIW の一つ人気のある科目で、多くの受験者は1D0-470科目を取るにはたくさんの精力と知力を払っています。でも精力と知力だけできっと1D0-470試験が通れますか。それは必ずとは言えないね、今私から一つのいい1D0-470模擬試験問題集を紹介します、この1D0-470問題集を使って、合格することを保証します
1D0-470無料問題集みんなと分かち合います
1.What is the final step in assessing the risk of network intrusion from an internal or external
source?
A.Using the existing management and control architecture
B.Evaluating the existing perimeter and internal security
C.Analyzing, categorizing and prioritizing resources
D.Considering the business concerns
Correct:A
2.While assessing the risk to a network, which step are you conducting when you determine
whether the network can differentiate itself from other networks?
A.Considering the business concerns
B.Analyzing, categorizing and prioritizing resources
C.Evaluating the existing perimeter and internal security
D.Using the existing management and control architecture
Correct:C
3.Which service, tool or command allows a remote or local user to learn the directories or files
that are accessible on the network?
A.Traceroute
B.Share scanner
C.Port scanner
D.Ping scanner
Correct:B
4.Which type of attack uses a database or databases to guess a password in order to gain access
to a computer system?
A.Hijacking attack
B.Virus attack
C.Dictionary attack
D.Man-in-the-middle attack
Correct:C
5.Your IDS application paged you at 3:00 a.m. and informed you that an attack occurred against
your DNS server. You drive to the server site to investigate. You find no evidence of an attack,
although the IDS application claims that a remote DNS server waged an attack on port 53 of your
intranet DNS server. You check the logs and discover that a zone transfer has occurred. You
check your zones and name resolution, and discover that all entries exist, and no unusual entries
have been added to the database. What has most likely occurred?
A.A DNS poisoning attack against your internal DNS server
B.A denial-of-service attack against your internal DNS server
C.A false positive generated by the IDS
D.A malfunction of the internal name server
Correct:C
7.What host-level information would you want to obtain so you can exploit defaults and patches?
A.Servers
B.Routers and switches
C.Databases
D.Firewall types
Correct:A
8.Which type of attack occurs when a hacker obtains passwords and other information from
legitimate transactions?
A.Man-in-the-middle attack
B.Denial-of-service attack
C.Dictionary attack
D.Illicit server attack
Correct:A
9.In a typical corporate environment, which of the following resources demands the highest level
of security on the network?
A.Purchasing
B.Engineering
C.Sales
D.Accounting
Correct:D
10.When assessing the risk to a machine or network, what step should you take first?
A.Analyzing, categorizing and prioritizing resources
B.Evaluating the existing perimeter and internal security
C.Checking for a written security policy
D.Analyzing the use of existing management and control architecture
Correct:C
http://www.killtest.jp/CIW/
1D0-470無料問題集みんなと分かち合います
1.What is the final step in assessing the risk of network intrusion from an internal or external
source?
A.Using the existing management and control architecture
B.Evaluating the existing perimeter and internal security
C.Analyzing, categorizing and prioritizing resources
D.Considering the business concerns
Correct:A
2.While assessing the risk to a network, which step are you conducting when you determine
whether the network can differentiate itself from other networks?
A.Considering the business concerns
B.Analyzing, categorizing and prioritizing resources
C.Evaluating the existing perimeter and internal security
D.Using the existing management and control architecture
Correct:C
3.Which service, tool or command allows a remote or local user to learn the directories or files
that are accessible on the network?
A.Traceroute
B.Share scanner
C.Port scanner
D.Ping scanner
Correct:B
4.Which type of attack uses a database or databases to guess a password in order to gain access
to a computer system?
A.Hijacking attack
B.Virus attack
C.Dictionary attack
D.Man-in-the-middle attack
Correct:C
5.Your IDS application paged you at 3:00 a.m. and informed you that an attack occurred against
your DNS server. You drive to the server site to investigate. You find no evidence of an attack,
although the IDS application claims that a remote DNS server waged an attack on port 53 of your
intranet DNS server. You check the logs and discover that a zone transfer has occurred. You
check your zones and name resolution, and discover that all entries exist, and no unusual entries
have been added to the database. What has most likely occurred?
A.A DNS poisoning attack against your internal DNS server
B.A denial-of-service attack against your internal DNS server
C.A false positive generated by the IDS
D.A malfunction of the internal name server
Correct:C
7.What host-level information would you want to obtain so you can exploit defaults and patches?
A.Servers
B.Routers and switches
C.Databases
D.Firewall types
Correct:A
8.Which type of attack occurs when a hacker obtains passwords and other information from
legitimate transactions?
A.Man-in-the-middle attack
B.Denial-of-service attack
C.Dictionary attack
D.Illicit server attack
Correct:A
9.In a typical corporate environment, which of the following resources demands the highest level
of security on the network?
A.Purchasing
B.Engineering
C.Sales
D.Accounting
Correct:D
10.When assessing the risk to a machine or network, what step should you take first?
A.Analyzing, categorizing and prioritizing resources
B.Evaluating the existing perimeter and internal security
C.Checking for a written security policy
D.Analyzing the use of existing management and control architecture
Correct:C
http://www.killtest.jp/CIW/