3COM certification 3COM
Adobe certification Adobe
Apple certification Apple
Avaya certification Avaya
BEA certification BEA Systems
Business Objects certification Business Objects
Check Point certification Check Point
Cisco certification Cisco
Citrix certification Citrix
CIW certification CIW
CompTIA certification CompTIA
CWNP certification CWNP
EC-Council certification EC-Council
EMC certification EMC
Exam Express certification Exam Express
Exin certification Exin
F5 Networks certification F5 Networks
HDI certification HDI
HP certification HP
Hitachi certification Hitachi
IBM certification IBM
ISC certification ISC
ISEB certification ISEB
Juniper certification Juniper Networks
Lotus certification Lotus
LPI certification LPI
Microsoft certification Microsoft
Mile2 certification Mile2
Network Appliance certification Network Appliance
Nortel certification Nortel
Novell certification Novell
Oracle certification Oracle
PMI certification PMI
RedHat certification RedHat
SAIR certification SAIR
SAS certification SAS Institute
SNIA certification SNIA
Sun certification Sun
Sybase certification Sybase
Symantec certification Symantec
Teradata certification Teradata
Tibco certification Tibco
Veritas certification Veritas
VMware certification VMware
All Exams

SCP SC0-451 Exam - PassITexam.com

Free SC0-451 Sample Questions:

1. You are planning on implementing a token-based authentication system in your network. The network currently is spread out over four floors of your building. There are plans to add three branch offices. During your research you are analyzing the different types of systems. Which of the following are the two common systems token-based authentication uses?
A. Challenge/Response
B. Random-code
C. Time-based
D. Challenge/Handshake
E. Password-Synch
Answer: AC

2. You have implemented an IPSec policy, using only AH.  You are analyzing your network traffic in Network Monitor, which of the following statements are true about your network traffic?
A. You will not be able to view the data in the packets, as it is encrypted.
B. You will not be able to identify the upper layer protocol.
C. You will be able to view the unencrypted data in the packets.
D. You will be able to identify the encryption algorithm in use.
E. You will not be able to view the packet header.
Answer: C

3. In order to perform promiscuous mode captures using the Wireshark capture tool on a Windows Server 2003 machine, what must first be installed?
A. IPv4 stack
B. IPv6 stack
C. WinPcap
D. Nothing, it will capture by default
E. At least two network adapters
Answer: C

4. You are configuring the rules on your firewall, and need to take into consideration that some clients in the network are using automatic addressing. What is the IP address range reserved for internal use for APIPA in Microsoft networks?
A. 169.254.0.0 /4
B. 169.254.0.0 /16
C. 169.254.0.0 /8
D. 169.254.0.0 /0
E. 168.255.0.0 /16
Answer: B

5. If you capture an 802.11 frame, and the ToDS bit is set to zero and the FromDS bit is set to zero, what type of WLAN is this frame a part of?
A. Mesh
B. Broadcast
C. Infrastructure
D. Hierarchical
E. Ad Hoc
Answer: E

6. There are several options available to you for your new wireless networking technologies, and you are examining how different systems function. What transmission system uses short bursts combined together as a channel?
A. Frequency Hopping Spread Spectrum (FHSS)
B. Direct Sequence Spread Spectrum (DSSS)
C. Lamar Anthell Transmission (LAT)
D. Digital Band Hopping (DBH)
E. Digital Channel Hopping (DCH)
Answer: A

7. You have just installed a new Intrusion Detection System in your network. You are concerned that there are functions this system will not be able to perform. What is a reason an IDS cannot manage hardware failures?
A. The IDS can only manage RAID 5 failures.
B. The IDS cannot be programmed to receive SNMP alert messages.
C. The IDS cannot be programmed to receive SNMP trap messages.
D. The IDS cannot be programmed to respond to hardware failures.
E. The IDS can only inform you that an event happened.
Answer: E

8. For the new Snort rules you are building, it will be required to have Snort examine inside the content of the packet. Which keyword is used to tell Snort to ignore a defined number of bytes before looking inside the packet for a content match?
A. Depth
B. Offset
C. Nocase
D. Flow_Control
E. Classtype
Answer: B

9. You have recently taken over the security of a mid-sized network. You are reviewing the current configuration of the IPTables firewall, and notice the following rule:
ipchains -A input -p TCP -d 0.0.0.0/0 12345 -j DENY
What is the function of this rule?
A. This rule for the output chain states that all incoming packets from any host to port 12345 are to be denied.
B. This rule for the input chain states that all incoming packets from any host to port 12345 are to be denied.
C. This rule for the input chain states that any TCP traffic from any address destined for any IP address and to port 12345 is to be denied.
D. This rule for the output chain states that any TCP traffic from any address destined for any IP address and to port 12345 is to be denied.
E. This rule for the input chain states that all TCP packets inbound from any network destined to any network is to be denied for ports 1, 2, 3, 4, and 5.
Answer: C

10. At a policy meeting you have been given the task of creating the firewall policy. What are the two basic positions you can take when creating the policy?
A. To deny all traffic and permit only that which is required.
B. To permit only IP traffic and filter TCP traffic
C. To permit only TCP traffic and filter IP traffic
D. To permit all traffic and deny that which is required.
E. To include your internal IP address as blocked from incoming to prevent spoofing.
Answer: AD