CompTIA RC0-501 Online Practice Questions and Exam Preparation

CompTIA RC0-501 Online Questions & Answers

• Question 211:

  A security administrator is given the security and availability profiles for servers that are being deployed.

  Match each RAID type with the correct configuration and MINIMUM number of drives.

  Review the server profiles and match them with the appropriate RAID type based on integrity, availability, I/O, storage requirements. Instructions:

  All drive definitions can be dragged as many times as necessary

  Not all placeholders may be filled in the RAID configuration boxes

  If parity is required, please select the appropriate number of parity checkboxes

  Server profiles may be dragged only once

  Instructions: If at any time you would like to bring back the initial state of the simulation, please select the Reset button. When you have completed the simulation, please select the Done button to submit. Once the simulation is submitted, please select the Next button to continue.

  Select and Place:

  

  

  ---

  RAID-0 is known as striping. It is not a fault tolerant solution but does improve disk performance for read/write operations. Striping requires a minimum of two disks and does not use parity. RAID-0 can be used where performance is required

  over fault tolerance, such as a media streaming server.

  RAID-1 is known as mirroring because the same data is written to two disks so that the two disks have identical data. This is a fault tolerant solution that halves the storage space. A minimum of two disks are used in mirroring and does not

  use parity. RAID-1 can be used where fault tolerance is required over performance, such as on an authentication server.

  RAID-5 is a fault tolerant solution that uses parity and striping. A minimum of three disks are required for RAID-5 with one disk's worth of space being used for parity information.

  However, the parity information is distributed across all the disks. RAID-5 can recover from a sing disk failure.

  RAID-6 is a fault tolerant solution that uses dual parity and striping. A minimum of four disks are required for RAID-6. Dual parity allows RAID-6 to recover from the simultaneous failure of up to two disks. Critical data should be stored on a

  RAID-6 system.

  References:

  Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 34-36, 234-235

• Question 212:

  A security administrator is developing training for corporate users on basic security principles for personal email accounts. Which of the following should be mentioned as the MOST secure way for password recovery?

  A. Utilizing a single Qfor password recovery
  B. Sending a PIN to a smartphone through text message
  C. Utilizing CAPTCHA to avoid brute force attacks
  D. Use a different e-mail address to recover password
  B. Sending a PIN to a smartphone through text message

• Question 213:

  Which of the following can be used to control specific commands that can be executed on a network infrastructure device?

  A. LDAP
  B. Kerberos
  C. SAML
  D. TACACS+
  D. TACACS+

• Question 214:

  In a corporation where compute utilization spikes several times a year, the Chief Information Officer (CIO) has requested a cost-effective architecture to handle the variable capacity demand. Which of the following characteristics BEST describes what the CIO has requested?

  A. Elasticity
  B. Scalability
  C. High availability
  D. Redundancy
  A. Elasticity

• Question 215:

  An information system owner has supplied a new requirement to the development team that calls for increased non-repudiation within the application. After undergoing several audits, the owner determined that current levels of non-repudiation were insufficient. Which of the following capabilities would be MOST appropriate to consider implementing is response to the new requirement?

  A. Transitive trust
  B. Symmetric encryption
  C. Two-factor authentication
  D. Digital signatures
  E. One-time passwords
  D. Digital signatures

• Question 216:

  Before an infection was detected, several of the infected devices attempted to access a URL that was similar to the company name but with two letters transported. Which of the following BEST describes the attack vector used to infect the devices?

  A. Cross-site scripting
  B. DNS poisoning
  C. Typo squatting
  D. URL hijacking
  C. Typo squatting

• Question 217:

  The security administrator has installed a new firewall which implements an implicit DENY policy by default. Click on the firewall and configure it to allow ONLY the following communication.

  1.

  The Accounting workstation can ONLY access the web server on the public network over the default HTTPS port. The accounting workstation should not access other networks.

  2.

  The HR workstation should be restricted to communicate with the Financial server ONLY, over the default SCP port

  3.

  The Admin workstation should ONLY be able to access the servers on the secure network over the default TFTP port.

  Instructions: The firewall will process the rules in a top-down manner in order as a first match The port number must be typed in and only one port number can be entered per rule Type ANY for all ports. The original firewall configuration can

  be reset at any time by pressing the reset button. Once you have met the simulation requirements, click save and then Done to submit.

  

  Hot Area:

  

  

  ---

  

  Implicit deny is the default security stance that says if you aren't specifically granted access or privileges for a resource, you’re denied access by default.

  Rule #1 allows the Accounting workstation to ONLY access the web server on the public network over the default HTTPS port, which is TCP port 443.

  Rule #2 allows the HR workstation to ONLY communicate with the Financial server over the default SCP port, which is TCP Port 22

  Rule #3 and Rule #4 allow the Admin workstation to ONLY access the Financial and Purchasing servers located on the secure network over the default TFTP port, which is Port 69.

  References:

  Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp.26, 44

  http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

• Question 218:

  A director of IR is reviewing a report regarding several recent breaches. The director compiles the following statistic's -Initial IR engagement time frame -Length of time before an executive management notice went out -Average IR phase completion The director wants to use the data to shorten the response time. Which of the following would accomplish this?

  A. CSIRT
  B. Containment phase
  C. Escalation notifications
  D. Tabletop exercise
  D. Tabletop exercise

• Question 219:

  A security analyst reviews the following output:

  

  The analyst loads the hash into the SIEM to discover if this hash is seen in other parts of the network. After inspecting a large number of files, the security analyst reports the following:

  

  Which of the following is the MOST likely cause of the hash being found in other areas?

  A. Jan Smith is an insider threat
  B. There are MD5 hash collisions
  C. The file is encrypted
  D. Shadow copies are present
  B. There are MD5 hash collisions

• Question 220:

  A security engineer is configuring a system that requires the X.509 certificate information to be pasted into a form field in Base64 encoded format to import it into the system. Which of the following certificate formats should the engineer use to obtain the information in the required format?

  A. PFX
  B. PEM
  C. DER
  D. CER
  B. PEM