- (Topic 2) What is the purpose of Cellpadding attribute of
tag?
Correct Answer:C Cellpadding attribute is used to set the space, in pixels , between the cell border and its content. If you have not set the value of Cellpadding attribute for a table, the browser takes the default value as 1.
Question 7
- (Topic 2) You work as a Web Developer for XYZ CORP. The company has a Windows-based network. You have been assigned the task to secure the website of the company. To accomplish the task, you want to use a website monitoring service. What are the tasks performed by a website monitoring service?
Correct Answer:BCD Website monitoring service can check HTTP pages, HTTPS, FTP, SMTP, POP3, IMAP, DNS, SSH, Telnet, SSL, TCP, PING, Domain Name Expiry, SSL Certificate Expiry, and a range of other ports with great variety of check intervals from every four hours to every one minute. Typically, most website monitoring services test a server anywhere between once-per hour to once-per-minute. Advanced services offer in-browser web transaction monitoring based on browser add-ons such as Selenium or iMacros. These services test a website by remotely controlling a large number of web browsers. Hence, it can also detect website issues such a JavaScript bugs that are browser specific. Answer A is incorrect. This task is performed under network monitoring. Network tomography deals with monitoring the health of various links in a network using end-to-end probes sent by agents located at vantage points in the network/Internet.
Question 8
- (Topic 4) You are the Security Administrator for an Internet Service Provider. From time to time your company gets subpoenas from attorneys and law enforcement for records of customers' access to the internet. What policies must you have in place to be prepared for such requests?
Correct Answer:D Storage and retention policies will determine how long you keep records (such as records of customers Web activity), how you will store them, and how you will dispose of them. This will allow you to know what records you should still have on hand should a legal request for such records come in. Answer C is incorrect. User policies might determine what a customer has access to, but won't help you identify what they actually did access. Answer A is incorrect. Group policies are usually pertinent to network administration, not the open and uncontrolled environment of an ISP. Answer B is incorrect. Backup policies dictate how data is backed up and stored.
Question 9
- (Topic 2) You work as a Network Administrator for XYZ CORP. The company has a Windows-based network. You want to use multiple security countermeasures to protect the integrity of the information assets of the company. To accomplish the task, you need to create a complex and multi-layered defense system. Which of the following components can be used as a layer that constitutes 'Defense in depth'? (Choose three)
Correct Answer:BCD The components of Defense in depth include antivirus software, firewalls, anti-spyware programs, hierarchical passwords, intrusion detection, and biometric verification. In addition to electronic countermeasures, physical protection of business sites along with comprehensive and ongoing personnel training enhances the security of vital data against compromise, theft, or destruction. Answer A is incorrect. A backdoor is any program that allows a hacker to connect to a computer without going through the normal authentication process. The main advantage of this type of attack is that the network traffic moves from inside a network to the hacker's computer. The traffic moving from inside a network to the outside world is typically the least restrictive, as companies are more concerned about what comes into a network, rather than what leaves it. It, therefore, becomes hard to detect backdoors.
Question 10
- (Topic 2) Which of the following aaa accounting commands should be used to enable logging of both the start and stop records for user terminal sessions on the router?
Correct Answer:D In order to enable logging of both start and stop records for user terminal sessions on the router, the aaa accounting exec start-stop tacacs+ command should be used. The exec option performs accounting for EXEC shell sessions. Answer B is incorrect. The aaa accounting system none tacacs+ command disables accounting services on a specific interface for all system-level events that are not related with users such as reload. Answer C is incorrect. The aaa accounting connection start-stop tacacs+ command is used to enable logging of both start and stop records for all outbound connections that are established from the NAS (Network Access Server), such as Telnet, local-area transport (LAT), TN3270, packet assembler and disassembler (PAD), and rlogin. Answer A is incorrect. The aaa accounting auth proxy start-stop tacacs+ command is used to enable logging of both start and stop records for all authenticated proxy user events.
