CompTIA RC0-501 Online Practice Questions and Exam Preparation

CompTIA RC0-501 Online Questions & Answers

• Question 111:

  A security engineer is configuring a wireless network that must support mutual authentication of the wireless client and the authentication server before users provide credentials. The wireless network must also support authentication with usernames and passwords. Which of the following authentication protocols MUST the security engineer select?

  A. EAP-FAST
  B. EAP-TLS
  C. PEAP
  D. EAP
  C. PEAP

• Question 112:

  Which of the following vulnerability types would the type of hacker known as a script kiddie be MOST dangerous against?

  A. Passwords written on the bottom of a keyboard
  B. Unpatched exploitable Internet-facing services
  C. Unencrypted backup tapes
  D. Misplaced hardware token
  B. Unpatched exploitable Internet-facing services

• Question 113:

  An analyst is reviewing a simple program for potential security vulnerabilities before being deployed to a Windows server. Given the following code:

  

  Which of the following vulnerabilities is present?

  A. Bad memory pointer
  B. Buffer overflow
  C. Integer overflow
  D. Backdoor
  B. Buffer overflow

• Question 114:

  A security administrator is developing controls for creating audit trails and tracking if a PHI data breach is to occur. The administrator has been given the following requirements:

  All access must be correlated to a user account.

  All user accounts must be assigned to a single individual.

  User access to the PHI data must be recorded.

  Anomalies in PHI data access must be reported.

  Logs and records cannot be deleted or modified.

  Which of the following should the administrator implement to meet the above requirements? (Select three.)

  A. Eliminate shared accounts.
  B. Create a standard naming convention for accounts.
  C. Implement usage auditing and review.
  D. Enable account lockout thresholds.
  E. Copy logs in real time to a secured WORM drive.
  F. Implement time-of-day restrictions.
  G. Perform regular permission audits and reviews.
  A. Eliminate shared accounts.
  C. Implement usage auditing and review.
  G. Perform regular permission audits and reviews.

• Question 115:

  Drag and drop the correct protocol to its default port.

  Select and Place:

  

  

  ---

  FTP uses TCP port 21.

  Telnet uses port 23.

  SSH uses TCP port 22. All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec, and slogin, also use TCP port 22. Secure Copy Protocol (SCP) is a secure filetransfer facility based on SSH and Remote Copy Protocol (RCP).

  Secure FTP (SFTP) is a secured alternative to standard File Transfer Protocol (FTP).

  SMTP uses TCP port 25.

  Port 69 is used by TFTP.

  SNMP makes use of UDP ports 161 and 162.

  References:

  Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 42, 45, 51

  http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

• Question 116:

  Joe notices there are several user accounts on the local network generating spam with embedded malicious code. Which of the following technical control should Joe put in place to BEST reduce these incidents?

  A. Account lockout
  B. Group Based Privileges
  C. Least privilege
  D. Password complexity
  A. Account lockout

• Question 117:

  An incident responder receives a call from a user who reports a computer is exhibiting symptoms consistent with a malware infection. Which of the following steps should the responder perform NEXT?

  A. Capture and document necessary information to assist in the response.
  B. Request the user capture and provide a screenshot or recording of the symptoms.
  C. Use a remote desktop client to collect and analyze the malware in real time.
  D. Ask the user to back up files for later recovery.
  A. Capture and document necessary information to assist in the response.

• Question 118:

  A vulnerability scanner that uses its running service's access level to better assess vulnerabilities across multiple assets within an organization is performing a:

  A. Credentialed scan.
  B. Non-intrusive scan.
  C. Privilege escalation test.
  D. Passive scan.
  A. Credentialed scan.

• Question 119:

  Anne, the Chief Executive Officer (CEO), has reported that she is getting multiple telephone calls from someone claiming to be from the helpdesk. The caller is asking to verify her network authentication credentials because her computer is broadcasting across the network. This is MOST likely which of the following types of attacks?

  A. Vishing
  B. Impersonation
  C. Spim
  D. Scareware
  A. Vishing

• Question 120:

  Ann. An employee in the payroll department, has contacted the help desk citing multiple issues with her device, including:

  Slow performance Word documents, PDFs, and images no longer opening A pop-up

  Ann states the issues began after she opened an invoice that a vendor emailed to her. Upon opening the invoice, she had to click several security warnings to view it in her word processor. With which of the following is the device MOST likely infected?

  A. Spyware
  B. Crypto-malware
  C. Rootkit
  D. Backdoor
  D. Backdoor