摘要:9L0-612: Security Best Practices for Mac OS X v10.4 Exam
ACSA 9L0-612考試題庫由TestPassPort資深IT認證講師和ACSA產品專家結合PROMETRIC或VUE的真實9L0-612考試環境最新原題傾心打造。
題庫覆蓋了當前最新的真實考題,並且全部附有正確答案,我們承諾題庫對ACSA 9L0-612(Security Best Practices for Mac OS X v10.4 Exam)考試原題完整覆蓋。9L0-612題庫助您輕鬆通過認證考試,一次不過全額退款。1.What are the recommended POSIX permissions for a web folder being shared through WebDAV?
A.user - www group - www user/group/other - 775
B.user - root group - wheel user/group/other - 775
C.user - administrator group - web user/group/other - 744
D.user - administrator group - everyone user/group/other - 750
Correct:A
2.What Common Criteria tool lets you specify which log events to display?
B./usr/sbin/ccfilter
C./usr/sbin/auditfilter
D./usr/sbin/auditreduce
Correct
3.What is the result of adding the line below to the default slapd.conf file? Disallow bind_anon
A.All users must authenticate to connect to servers.
B.Clients will be required to provide authentication to use LDAP.
C.Nothing changes because that is the default setting for Open Directory.
D.Anonymous BIND (Berkeley Internet Name Daemon) will no longer be used for this server.
Correct:B
4.You have first enabled Personal File Sharing on your computer, and then turned on the built-in firewall. How does the default behavior of the Mac OS X firewall affect file sharing on your computer?
A.No computer can connect to your computer via AFP.
B.Any computer can connect to your computer via AFP.
C.Only computers on the local subnet can connect to your computer via AFP.
D.Only computers with a local Bonjour address can connect to your computer via AFP.
Correct:B
5.Which command will force users on local computers to create passwords of at least 12 characters, whether or not they are connected to a directory server?
A.pwpolicy -l /NetInfo/DefaultLocalNode -a root -setpassword minChars=12
B.passwd -l /NetInfo/DefaultLocalNode -a root -setglobalpolicy minChars=12
C.passwd -n /NetInfo/DefaultLocalNode -a administrator -setpassword minChars=12
D.pwpolicy -n /NetInfo/DefaultLocalNode -a administrator -setglobalpolicy minChars=12
Correct
6.Which file do you configure to enable Common Criteria auditing on startup?
A./etc/audit
B./etc/hostconfig
C./etc/security/cc_audit
D./etc/security/audit_warn
Correct:B
7.When using certificates, what role does a Certificate Authority (CA) play?
A.A CA must be present on the server before SSL can be enabled.
B.A CA is a trusted third party that ensures the identity of the server.
C.A CA determines what ciphers are available for symmetric encryption.
D.SSL routes traffic through the CA to verify the identity of the client and server.
Correct:B
8.Which statement best describes Wired Equivalent Privacy (WEP)?
A.WEP is a moderately secure firewall for wireless devices.
B.WEP optimizes performance of 802.11 devices over distances, so they perform as well as their wired equivalents.
C.WEP represents the first attempt at designing an algorithm to protect wireless communication from eavesdropping.
D.WEP allows wireless access point administrators to require user names and passwords of users who want to connect to the wireless access point.
Correct:C
9.Which two (2) actions might a rootkit perform? (Choose TWO.)
A.Monitor disk activity on the root volume.
B.Install security tools in root's home directory.
C.Provide remote access to a computer by opening ports.
D.Hide its presence by installing modified versions of system commands
E.Provide a set of tools that allow the system administrator to monitor security events.
Correct:C E
10.________ is a command-line tool that displays the headers of packets seen by a computer's network interface card.
A.arp
B.ping
C.netstat
D.tcpdump
Correct
11.Which statement about SSH tunneling is FALSE?
A.SSH tunnels can support the PPP protocol.
B.SSH tunnels secure all IP traffic, including UDP and TCP.
C.SSH tunnels secure otherwise non-secure traffic, such as POP and AFP.
D.Forwarding port 1023 and below requires root privileges for the initial receiving port.
Correct:B
12.Why might you prefer WPA Enterprise over WPA Personal?
A.You need 128-bit encryption.
B.You do not want to manage a RADIUS server.
C.You require more connections than WPA Personal allows
D.The security implications of WPA Personal's shared key are not acceptable.
Correct
13.Which two (2) authentication mechanisms are available to SSH users? (Choose TWO.)
A.public/private key pair
B.shared ssh_config files
C.user name and password
D.NTLM (NT LAN Manager)
E.L2TP (Layer 2 Tunneling Protocol)
Correct:A C