|
¾È³çÇϼ¼¿ä, »ç¹«±¹ÀÔ´Ï´Ù.
2006 CISA Review Questions, Answers & Explanations Manual(625Á¦)ÀÇ
C4-69ÀÇ ´äÀ» B¿¡¼ D·Î Á¤Á¤ÇÕ´Ï´Ù.
È¥µ·À» µå·Á Á˼ÛÇÕ´Ï´Ù.
C4-69 ´ÙÀ½ Áß ÇÁ·ÎÅäÄÝÀÇ Ãë¾àÁ¡À» ÀÌ¿ëÇÏ´Â ³×Æ®¿öÅ© ¿ú ¹ÙÀÌ·¯½ºÀÇ È®»ê¿¡ °¡Àå È¿°úÀûÀÎ ´ëó ¹æ¹ýÀº ¾î´À °ÍÀΰ¡?
A. Ãë¾àÁ¡¿¡ ´ëÇÑ °ø±Þ¾÷üÀÇ º¸¾È ¼öÁ¤»çÇ×(security fix)À» ¼³Ä¡ÇÑ´Ù.
B. °æ°è¼±(perimeter) ¹æȺ®ÀÇ ÇÁ·ÎÅäÄÝ Æ®·¡ÇÈÀ» Â÷´ÜÇÑ´Ù.
C. ³»ºÎ ³×Æ®¿öÅ© ¼¼±×¸ÕÆ® »çÀÌÀÇ ÇÁ·ÎÅäÄÝ Æ®·¡ÇÈÀ» Â÷´ÜÇÑ´Ù.
D. ÀûÀýÇÑ º¸¾È ¼öÁ¤»çÇ×ÀÌ ¼³Ä¡µÉ ¶§±îÁö ¼ºñ½º¸¦ ÁßÁöÇÑ´Ù.
D ¼ºñ½º¸¦ ÁßÁöÇÏ°í º¸¾È ¼öÁ¤»çÇ×À» ¼³Ä¡ÇÏ´Â °ÍÀº ¿ú ¹ÙÀÌ·¯½ºÀÇ È®»êÀ» ¹æÁöÇÏ´Â °¡Àå ¾ÈÀüÇÑ ¹æ¹ýÀÌ´Ù. ¸¸ÀÏ ¼ºñ½º°¡ ÁßÁöµÇÁö ¾Ê´Â´Ù¸é, ¼öÁ¤»çÇ×ÀÌ È¿·ÂÀ» ¹ßÈÖÇÏ°Ô µÉ ¶§±îÁö ¿ú ¹ÙÀÌ·¯½º°¡ °è¼Ó È®»êµÇ±â ¶§¹®¿¡ ¼öÁ¤»çÇ× ¼³Ä¡´Â °¡Àå È¿°úÀûÀÎ ¹æ¹ýÀÌ ¾Æ´Ï´Ù. °æ°è¼± »óÀÇ ÇÁ·ÎÅäÄÝÀ» Â÷´ÜÇÏ´Â °ÍÀº ¿ú ¹ÙÀÌ·¯½º°¡ ³»ºÎ ³×Æ®¿öÅ©¿¡¼ È®»êµÇ´Â °ÍÀ» ÁßÁö½ÃÅ°Áö ¸øÇÑ´Ù. ÇÁ·ÎÅäÄÝÀÇ Â÷´ÜÀº ¿ú ¹ÙÀÌ·¯½ºÀÇ È®»ê ¼Óµµ¸¦ ¶³¾î¶ß¸± ¼ö´Â ÀÖÁö¸¸ ¼¼±×¸ÕÆ® »çÀ̸¦ Åë°úÇÏ´Â ¸ðµç ¼ÒÇÁÆ®¿þ¾î¸¦ »ç¿ëÇÒ ¼ö ¾ø°Ô ÇÑ´Ù.
¿µ¹® ¿øº»
C4-69 Which of the following is the MOST effective method for dealing with the spreading of a network worm that
exploits a vulnerability in a protocol?
A. Install the vendor¡¯s security fix for the vulnerability.
B. Block the protocol traffic in the perimeter firewall.
C. Block the protocol traffic between internal network segments.
D. Stop the service until an appropriate security fix is installed.
D Stopping the service and installing the security fix is the safest way to prevent the worm from spreading.
If the service is not stopped, installing the fix is not the most effective method because the worm continues
spreading until the fix becomes effective. Blocking the protocol on the perimeter does not stop the worm from
spreading to the internal network(s). Blocking the protocol helps to slow down the spreading but also prohibits
every software that utilizes it from working between segments
|
°øÁö»çÇ×