CompTIA RC0-501 Online Practice Questions and Exam Preparation

CompTIA RC0-501 Online Questions & Answers

• Question 131:

  Which of the following attacks specifically impacts data availability?

  A. DDoS
  B. Trojan
  C. MITM
  D. Rootkit
  A. DDoS

• Question 132:

  A company has three divisions, each with its own networks and services. The company decides to make its secure web portal accessible to all employees utilizing their existing usernames and passwords. The security administrator has elected to use SAML to support authentication. In this scenario, which of the following will occur when users try to authenticate to the portal? (Select two.)

  A. The portal will function as a service provider and request an authentication assertion.
  B. The portal will function as an identity provider and issue an authentication assertion.
  C. The portal will request an authentication ticket from each network that is transitively trusted.
  D. The back-end networks will function as an identity provider and issue an authentication assertion.
  E. The back-end networks will request authentication tickets from the portal, which will act as the third-party service provider authentication store.
  F. The back-end networks will verify the assertion token issued by the portal functioning as the identity provider.
  A. The portal will function as a service provider and request an authentication assertion.
  B. The portal will function as an identity provider and issue an authentication assertion.

• Question 133:

  Having adequate lighting on the outside of a building is an example of which of the following security controls?

  A. Deterrent
  B. Compensating
  C. Detective
  D. Preventative
  A. Deterrent

• Question 134:

  A forensic analyst is asked to respond to an ongoing network attack on a server. Place the items in the list below in the correct order in which the forensic analyst should preserve them.

  Select and Place:

  

  

  ---

  When dealing with multiple issues, address them in order of volatility (OOV); always deal with the most volatile first. Volatility can be thought of as the amount of time that you have to collect certain data before a window of opportunity is gone.

  Naturally, in an investigation you want to collect everything, but some data will exist longer than others, and you cannot possibly collect all of it once. As an example, the OOV in an investigation may be RAM, hard drive data, CDs/DVDs, and

  printouts.

  Order of volatility: Capture system images as a snapshot of what exists, look at network traffic and logs, capture any relevant video/screenshots/hashes, record time offset on the systems, talk to witnesses, and track total man-hours and

  expenses associated with the investigation.

  References:

  Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, p. 453

• Question 135:

  A security administrator is creating a subnet on one of the corporate firewall interfaces to use as a DMZ which is expected to accommodate at most 14 physical hosts. Which of the following subnets would BEST meet the requirements?

  A. 192.168.0.16 255.25.255.248
  B. 192.168.0.16/28
  C. 192.168.1.50 255.255.25.240
  D. 192.168.2.32/27
  B. 192.168.0.16/28

• Question 136:

  An application team is performing a load-balancing test for a critical application during off-hours and has requested access to the load balancer to review which servers are up without having the administrator on call. The security analyst is hesitant to give the application team full access due to other critical applications running on the load balancer. Which of the following is the BEST solution for security analyst to process the request?

  A. Give the application team administrator access during off-hours.
  B. Disable other critical applications before granting the team access.
  C. Give the application team read-only access.
  D. Share the account with the application team.
  C. Give the application team read-only access.

• Question 137:

  Two users need to send each other emails over unsecured channels. The system should support the principle of non-repudiation. Which of the following should be used to sign the user's certificates?

  A. RA
  B. CA
  C. CRL
  D. CSR
  B. CA

• Question 138:

  A technician needs to implement a system which will properly authenticate users by their username and password only when the users are logging in from a computer in the office building. Any attempt to authenticate from a location other than the office building should be rejected. Which of the following MUST the technician implement?

  A. Dual factor authentication
  B. Transitive authentication
  C. Single factor authentication
  D. Biometric authentication
  B. Transitive authentication

• Question 139:

  Given the log output:

  Max 15 00:15:23.431 CRT: #SEC_LOGIN-5-LOGIN_SUCCESS:

  Login Success [user: msmith] [Source: 10.0.12.45]

  [localport: 23] at 00:15:23:431 CET Sun Mar 15 2015

  Which of the following should the network administrator do to protect data security?

  A. Configure port security for logons
  B. Disable telnet and enable SSH
  C. Configure an AAA server
  D. Disable password and enable RSA authentication
  B. Disable telnet and enable SSH

• Question 140:

  The firewall administrator is adding a new certificate for the company's remote access solution. The solution requires that the uploaded file contain the entire certificate chain for the certificate to load properly. The administrator loads the

  company certificate and the root CA certificate into the file.

  The file upload is rejected.

  Which of the following is required to complete the certificate chain?

  A. Certificate revocation list
  B. Intermediate authority
  C. Recovery agent
  D. Root of trust
  B. Intermediate authority