Page 783 - StudyBook.pdf
P. 783

Self Test Appendix • Appendix  767

                      A. Break through a system’s security to determine how to best protect it
                      B. Test a system’s response to various attack scenarios
                      C. Check compliance of a system against desktop security policies
                      D. Determine a logging policy to use which ensures the capture of log data for recent attack
                         types
                  B.The use of pen testing tools to test a system’s response to various attack scenarios is the best
                    use for this type of tool.
                  Answer A is incorrect because the purpose of pen testing tools is not simply to break through a
                    system’s security.You also want to know if the system is already secure from known attacks.This
                    is an analysis tool, not a tool to break into systems.Answer C is incorrect because pen testing is
                    not necessary to test desktop compliance. Since the desktops would be corporate-controlled,
                    you could use a variety of other methods to check compliance without going to the depths
                    provided by pen testing tools.Answer D is incorrect because logging policies should not be
                    defined just in response to recent attack patterns. Logging policies should be defined to capture
                    relevant information regardless of the attack type used against a system.

                  12. You are performing an audit to attempt to track down an intruder that managed to access a
                      system on your network.You suspect that the intruder may have been a former employee
                      who had intimate knowledge of the IT infrastructure.As part of your audit, which of the fol-
                      lowing would you consider crucial to tracking the intruder?
                      A. Log file analysis
                      B. System scanning
                      C. Penetration testing
                      D. Segregation of duties
                  A. Log file analysis will help you to determine what the intruder did and how the intruder
                    accessed the systems.
                  Answer B is incorrect because system scanning will help you to identify risks, but will not help
                    track this intruder.Answer C is incorrect because penetration testing will also help identify risks
                    and may determine through which vulnerability the intruder accessed the system, but it will
                    not help track what they did while in the system.Answer D is incorrect because segregation of
                    duties does not apply in this situation.

                  13. You have been asked to configure a remote access server (RAS) for external dial-up users to
                      use on your TCP/IP-based network.As part of this configuration, you must determine which
                      protocols to allow to be routed through the RAS and which to explicitly deny.Which of the
                      following would you choose to explicitly deny?
                      A. TCP/IP
                      B. IPX/SPX
                      C. NETBIOS
                      D. CDP





                                                                              www.syngress.com
   778   779   780   781   782   783   784   785   786   787   788