Sure Pass Exam 312-50v12 PDF

Page: 40 / 42

Question 160

Bob, a system administrator at TPNQM SA, concluded one day that a DMZ is not needed if he properly configures the firewall to allow access just to servers/ports, which can have direct internet access, and block the access to workstations.

Bob also concluded that DMZ makes sense just when a stateful firewall is available, which is not the case of TPNQM SA.

In this context, what can you say?

Options:

Bob can be right since DMZ does not make sense when combined with stateless firewalls

Bob is partially right. He does not need to separate networks if he can create rules by destination IPs, one by one

Bob is totally wrong. DMZ is always relevant when the company has internet servers and workstations

Bob is partially right. DMZ does not make sense when a stateless firewall is available

Question 161

Which of the following is a low-tech way of gaining unauthorized access to systems?

Options:

Social Engineering

Eavesdropping

Scanning

Sniffing

Question 162

Todd has been asked by the security officer to purchase a counter-based authentication system. Which of the following best describes this type of system?

Options:

A biometric system that bases authentication decisions on behavioral attributes.

A biometric system that bases authentication decisions on physical attributes.

An authentication system that creates one-time passwords that are encrypted with secret keys.

An authentication system that uses passphrases that are converted into virtual passwords.

Question 163

Eric has discovered a fantastic package of tools named Dsniff on the Internet. He has learnt to use these tools in his lab and is now ready for real world exploitation. He was able to effectively intercept communications between the two entities and establish credentials with both sides of the connections. The two remote ends of the communication never notice that Eric is relaying the information between the two. What would you call this attack?