help confirm/explain answers to some questions
I'm confused about the answers to the following questions. Could anybody help explain them? Thanks.
Which of the following is a password cracking method?
A. Smurf attack
B. Birthday attack
C. Man-in-the-middle attack
D. Hybrid attack
Answer: D
Isn't Birthday attack also a password cracking method?
Which of the following is an effective method to identify the source of unauthorized zone transfers?
A. Change the default port that the DNS server uses.
B. Enable and evaluate the DNS transaction logs.
C. Enable the DNS authentication for the entire organization.
D. Enable better physical access to the DNS server.
Answer: D
I prefer answer B. Why is it wrong?
A user needs access to a drive to edit documents on a particular shared folder. According to the rule
of least privilege, which rights should the user have?
A. Read to the shared folder
B. Read and write to the shared folder
C. Read and write to the entire drive
D. Read to the entire drive
Answer: C
I think the answer is B. Why is it necessary to grant access to the entire drive?
Which of the following is a password cracking method?
A. Smurf attack
B. Birthday attack
C. Man-in-the-middle attack
D. Hybrid attack
Answer: D
Isn't Birthday attack also a password cracking method?
Which of the following is an effective method to identify the source of unauthorized zone transfers?
A. Change the default port that the DNS server uses.
B. Enable and evaluate the DNS transaction logs.
C. Enable the DNS authentication for the entire organization.
D. Enable better physical access to the DNS server.
Answer: D
I prefer answer B. Why is it wrong?
A user needs access to a drive to edit documents on a particular shared folder. According to the rule
of least privilege, which rights should the user have?
A. Read to the shared folder
B. Read and write to the shared folder
C. Read and write to the entire drive
D. Read to the entire drive
Answer: C
I think the answer is B. Why is it necessary to grant access to the entire drive?
Comments
2- DNS... I agree with you and i disagree with the answer... Physical Access... that doesn't make sense to me.
3- This answer is completely wrong.. it is defintely not C (read/write to entire drive) which means allowing access to other folders on that drive... and that's the exact opposite of the least privilige principle...
Just out of curiosity.. where did you get these responses from?
- CCNA
- CCENT
- Security+
- B.S. Computer Science (Info. Systems Security)
Is there any restriction on posting the source? Its name becomes ************ after I submit the reply. Although there are many controversial answers, they have pretty amazing coverage on the test. I passed the exam yesterday by reading mainly these questions. Maybe I'm lucky enough to not encounter those controversial questions.