CompTIA RC0-501 Online Practice Questions and Exam Preparation

CompTIA RC0-501 Online Questions & Answers

• Question 161:

  Which of the following is the proper way to quantify the total monetary damage resulting from an explogted vulnerability?

  A. Calculate the ALE
  B. Calculate the ARO
  C. Calculate the MTBF
  D. Calculate the TCO
  A. Calculate the ALE

• Question 162:

  A security administrator is trying to encrypt communication. For which of the following reasons should administrator take advantage of the Subject Alternative Name (SAM) attribute of a certificate?

  A. It can protect multiple domains
  B. It provides extended site validation
  C. It does not require a trusted certificate authority
  D. It protects unlimited subdomains
  B. It provides extended site validation

• Question 163:

  A group of non-profit agencies wants to implement a cloud service to share resources with each other and minimize costs. Which of the following cloud deployment models BEST describes this type of effort?

  A. Public
  B. Hybrid
  C. Community
  D. Private
  C. Community

• Question 164:

  Which of the fallowing security controls does an iris scanner provide?

  A. Logical
  B. Administrative
  C. Corrective
  D. Physical
  E. Detective
  F. Deterrent
  D. Physical

• Question 165:

  A company is developing a new secure technology and requires computers being used for development to be isolated. Which of the following should be implemented to provide the MOST secure environment?

  A. A perimeter firewall and IDS
  B. An air gapped computer network
  C. A honeypot residing in a DMZ
  D. An ad hoc network with NAT
  E. A bastion host
  B. An air gapped computer network

• Question 166:

  During a routine audit, it is discovered that someone has been using a stale administrator account to log into a seldom used server. The person has been using the server to view inappropriate websites that are prohibited to end users. Which of the following could best prevent this from occurring again?

  A. Credential management
  B. Group policy management
  C. Acceptable use policy
  D. Account expiration policy
  B. Group policy management

• Question 167:

  A user of the wireless network is unable to gain access to the network. The symptoms are:

  1.) Unable to connect to both internal and Internet resources 2.) The wireless icon shows connectivity but has no network access

  The wireless network is WPA2 Enterprise and users must be a member of the wireless security group to authenticate.

  Which of the following is the MOST likely cause of the connectivity issues?

  A. The wireless signal is not strong enough
  B. A remote DDoS attack against the RADIUS server is taking place
  C. The user's laptop only supports WPA and WEP
  D. The DHCP scope is full
  E. The dynamic encryption key did not update while the user was offline
  C. The user's laptop only supports WPA and WEP

• Question 168:

  A penetration tester finds that a company's login credentials for the email client were being sent in clear text. Which of the following should be done to provide encrypted logins to the email server?

  A. Enable IPSec and configure SMTP.
  B. Enable SSH and LDAP credentials.
  C. Enable MIME services and POP3.
  D. Enable an SSL certificate for IMAP services.
  D. Enable an SSL certificate for IMAP services.

• Question 169:

  An analyst wants to implement a more secure wireless authentication for office access points. Which of the following technologies allows for encrypted authentication of wireless clients over TLS?

  A. PEAP
  B. EAP
  C. WPA2
  D. RADIUS
  A. PEAP

• Question 170:

  When considering a third-party cloud service provider, which of the following criteria would be the BEST to include in the security assessment process? (Select two.)

  A. Use of performance analytics
  B. Adherence to regulatory compliance
  C. Data retention policies
  D. Size of the corporation
  E. Breadth of applications support
  B. Adherence to regulatory compliance
  C. Data retention policies