NO0-002

NO0-002
Nokia Security Administrator

Q No: 1
What are the advantages of an external syslog server Vs data log files (Choose three):
A. External backup of logs in case of malicious activity
B. Guaranteed delivery of logs
C. Multiple indexing and searching of logs
D. Ability to see more information and select what outputs including internal facility and severity fields?
E. Allows a user to see Object ID
Answer: A,C,D
Incorrect answers:
B - There is no guarantee of delivery. The NAP could be down, or the syslog daemon failed.
E - You will not see Object ID's. What you would be able to see is the remote device IP and hostname.


Q No: 2
You want to live messages in the log file. What command would you use via clish (Choose one):
A. Vi -e /var/log/messages
B. Tail -200 /var/db/messages
C. Tail - t /var/log/messages more
D. Fw log -nft
E. Tail -f /var/log/messages
Answer: E
Tail -f views messages in real-time. Fw log views the Firewall connection logs in real-time


Q No: 3
What commands can display interface statistics (Choose one):
A. Ifconfig -a (iclid)
B. Ipconfig -a (clish)
C. Show interface (clish)
D. Ifconfig -a (clish)
E. Show interface (iclid)
Answer: D, E
IFconfig is a command line shell utility Show interface as with all show commands can be run from Iclid


Q No: 4
When using voyager what will make permanent changes after a reboot (Choose one):
A. Clicking apply
B. Clicking apply and then save
C. Saving changes from advanced fw config
D. Clicking apply and rebooting the NAP
Answer: B
Clicking apply only saves changes to the running configuration. Which are overwritten at startup by /config/db/inital


Q No: 5
(Choose one):
A. /config/db
B. /conf/
C. /var/conf
D. /var/admin
Answer: A
Even when manually saving a hostsfile it is temporary. It's config/db/initial (symlinked as /config/active) and NOT /etc that changes are made to. Changes to /etc are temporary!


Q No: 6
communications. What command will give you access and reset http:
A. Voyager -e 0 80
B. Set voyager ssl-level 0
C. Apachd -0 httpd.conf
D. Set Httpd -r -s
Answer: A, B
The voyager and set voyager commands are the only valid answers listed in the question.


Q No: 7
User UID of 0 will give:
A. Admin permissions of root on the machine
B. Backup user permissions on the enforcement module
C. Monitor user permissions
Answer: A
Setting the UID of 0 from the Voyager or the CLI will give the same machine
permissions as the root user on a Nokia IPSO device.NO0-002


Q No: 8
What ICLID command will show the version of the OS:
A. Show running config
B. Copy run start
C. Show version
D. Fw Ver
Answer: C
Show version from iclid will show the IPSO version, up time and current system time

NO0-002

ILO-786

Intel

IL0-786

Certified Information Forensics Investigator

Q NO: 1 Firewalls are an excellent source of:
A. Details of system usage
B. Details of protocol usage
C. Forensic Evidence for malicious attacks
D. Port/service mappings
Answer: C

Q NO: 2 What technique of layered security design will allow for both investigation and recovery after an incident?
A. RI Technology
B. Highly available systems
C. Overlap design approach
D. Honeypot placement
Answer: B

Q NO: 3 If a CIFI violates the ISFA code of Ethics, her CIFI certification can be immediately revoked.
A. True
B. False
Answer: B

Q NO: 4 The 1st amendment allows hackers to exercise free speech by altering content on websites to express opposing viewpoints.
A. True
B. False
Answer: B

Q NO: 5 The term "Browser Artifacts" refer to:
A. Web browser cache, cookies, favorites, history, auto complete information
B. Older web browser applications that have little or no security and allow for unchecked use
C. Older web browser applications that can be used as a surveillance tool for investigators due to their lack of security
D. Web browser cookies
Answer: A

Q NO: 6 All of the following are methods of auditing except:
A. Internal audit
B. External audit
C. Thorough audit
D. 3rd party audit
Answer: C

Q NO: 7 In selecting Forensic tools for collecting evidence in the investigation of a crime the standard for authenticating computer records is:
A. The same for authenticating other records. The degree of authentication does not vary simply because a record happens to be (or has been at one point) in electronic form.
B. Much more complex, and requires an expert to be present at each step of the process.
C. To convert the technical terms & definitions into a basic understandable language to be presented as evidence.
D. To ensure the tools are equipped with logging to document the steps of evidence collection.
Answer: C

Q NO: 8 "Interesting data" is:
A. Data relevant to your investigation
B. Pornography
C. Documents, spreadsheets, and databases
D. Schematics or other economic based information
Answer: A

Q NO: 9 Social engineer is legal in the United States, Great Britain, Canada, and Australia as long as the social engineer does not:
A. Attempt to extract corporate secrets
B. Lie
C. Apply the Frye Scenario
D. Live outside those countries
Answer: A

Q NO: 10 Drive geometry refers to
A. The algorithms used to computer a specific location of a particular segment.
B. The functional dimensions of a drive in terms of the number of heads, cylinders, and sectors per track.
C. Physical dimensions of the drive platters.
D. The depth of the pits on optical media or magnetic field charge on magnetic media
Answer: B

NOTE: All the questions were from www.exams.ws study material