← Back to exam page

SCNS SCNS Tactical Perimeter Defense

Loading demo links...

Showing 4–6 of 15 questions

Question 4 (Volume B)

You have just installed a new firewall and explained the benefits to your CEO. Next you are asked what some of the limitations of the firewall are. Which of the following are issues where a firewall cannot help to secure the network?

Select all that apply, then click Submit answer.

  • Poor Security Policy

  • Increased ability to enforce policies

  • End node virus control

  • Decreased ability to enforce policies

  • Social Engineering


Question 5 (Volume A)

The exhibit shows a router with three interfaces E0, E1 and S0. Interfaces E0 and E1 are connected to internal networks 192.168.10.0 and 192.168.20.0 respectively and interface

S0 is connected to the Internet.

The objective is to allow host 192.168.10.7 access to the Internet via ftp and deny access to the Internet to everyone else while allowing them to access resources amongst themselves. From the following, select all the access list statements that are required to make this possible.

Select all that apply, then click Submit answer.

  • access-list 153 permit tcp 192.168.10.7 0.0.0.0 any eq ftp

  • access-list 21 permit ip 192.168.10.7 0.0.0.0 any eq ftp

  • access-list 21 deny 0.0.0.0 255.255.255.255

  • int S0, ip access-group 21 out

  • int S0, ip access-group 153 out

  • int E1, ip access-group 153 in


Question 6 (Volume B)

You have decided to install Snort on your Windows Server 2003 and are making changes to the default configuration file. You see the following two lines:

include classification.config

include reference.config

What should these two lines read, after you make your changes, on a default installation?

Select all that apply, then click Submit answer.

  • include C:\Snort\etc\classification.config

  • include C:\Snort\etc\reference.config

  • include \classification.config

  • include \reference.config

  • include //classification.config

  • include //reference.config