Self Test Appendix • Appendix  799

                 5.  Yesterday, everything seemed to be running perfectly on the network.Today, the Windows 2003
                    production servers keep crashing and running erratically.The only events that have taken place
                    are a scheduled backup, a CD/DVD upgrade on several machines, and an unscheduled patch
                    install.What do you think has gone wrong?
                      A. The backup altered the archive bit on the backup systems
                      B. The CD/DVDs are not compatible with the systems in which they were installed
                      C. The patches were not tested before installation
                      D. The wrong patches were installed
                  C. It is of utmost importance to verify all patches on non-production computers before they
                    are deployed. Many times, security updates and patches can cause more problems than they fix.
                    This makes it very important to verify their functionality first.
                  Answer A is incorrect because a backup should not affect the functionality of software.At most,
                    the backup will only alter the archive bit of each file that is accessed.Answer B is incorrect
                    because CD/DVD units are mostly universal and will not typically cause this type of problem.
                    Answer D is incorrect because most OSes will check to see if the patch is the right version
                    before actually installing.

                 6.  You have been asked to examine a subnet of a computer and identify any open ports or ser-
                    vices that should be disabled.These systems are located in several different floors of the facility.
                    Which of the following would be the best type of tool to accomplish the task?
                      A. A process review tool such as Netstat
                      B. A port scanning tool such as Nmap
                      C. A registry tool such as RegEdit
                      D. Enable automatic updates on each of the targeted computers
                  B. Using a port scanning tool would allow you to quickly scan a large number of machines and
                    review the results from one location.
                  Answer A is incorrect because tools such as Netstat would require you to physically access each
                    system, which would be a time consuming process.Answer C is incorrect because a registry
                    tool would not show you what ports are open.Answer D is incorrect because while automatic
                    updates would help ensure that systems have the current patch, it would not help in your task
                    of determining open ports.




















                                                                              www.syngress.com