CompTIA RC0-501 Online Practice Questions and Exam Preparation

CompTIA RC0-501 Online Questions & Answers

• Question 271:

  A consultant has been tasked to assess a client's network. The client reports frequent network outages. Upon viewing the spanning tree configuration, the consultant notices that an old and law performing edge switch on the network has

  been elected to be the root bridge.

  Which of the following explains this scenario?

  A. The switch also serves as the DHCP server
  B. The switch has the lowest MAC address
  C. The switch has spanning tree loop protection enabled
  D. The switch has the fastest uplink port
  C. The switch has spanning tree loop protection enabled

• Question 272:

  Which of the following can affect electrostatic discharge in a network operations center?

  A. Fire suppression
  B. Environmental monitoring
  C. Proximity card access
  D. Humidity controls
  D. Humidity controls

• Question 273:

  A company's user lockout policy is enabled after five unsuccessful login attempts. The help desk notices a user is repeatedly locked out over the course of a workweek. Upon contacting the user, the help desk discovers the user is on vacation and does not have network access. Which of the following types of attacks are MOST likely occurring? (Choose two.)

  A. Replay
  B. Rainbow tables
  C. Brute force
  D. Pass the hash
  E. Dictionary
  C. Brute force
  E. Dictionary

• Question 274:

  A new mobile application is being developed in-house. Security reviews did not pick up any major flaws, however vulnerability scanning results show fundamental issues at the very end of the project cycle. Which of the following security activities should also have been performed to discover vulnerabilities earlier in the lifecycle?

  A. Architecture review
  B. Risk assessment
  C. Protocol analysis
  D. Code review
  D. Code review

• Question 275:

  A web application is configured to target browsers and allow access to bank accounts to siphon money to a foreign account. This is an example of which of the following attacks?

  A. SQL injection
  B. Header manipulation
  C. Cross-site scripting
  D. Flash cookie explogtation
  C. Cross-site scripting

• Question 276:

  An employee receives an email, which appears to be from the Chief Executive Officer (CEO), asking for a report of security credentials for all users. Which of the following types of attack is MOST likely occurring?

  A. Policy violation
  B. Social engineering
  C. Whaling
  D. Spear phishing
  D. Spear phishing

• Question 277:

  An organization finds that most help desk calls are regarding account lockout due to a variety of applications running on different systems. Management is looking for a solution to reduce the number of account lockouts while improving security. Which of the following is the BEST solution for this organization?

  A. Create multiple application accounts for each user.
  B. Provide secure tokens.
  C. Implement SSO.
  D. Utilize role-based access control.
  C. Implement SSO.

• Question 278:

  When performing data acquisition on a workstation, which of the following should be captured based on memory volatility? (Select two.)

  A. USB-attached hard disk
  B. Swap/pagefile
  C. Mounted network storage
  D. ROM
  E. RAM
  B. Swap/pagefile
  E. RAM

• Question 279:

  Which of the following precautions MINIMIZES the risk from network attacks directed at multifunction printers, as well as the impact on functionality at the same time?

  A. Isolating the systems using VLANs
  B. Installing a software-based IPS on all devices
  C. Enabling full disk encryption
  D. Implementing a unique user PIN access functions
  A. Isolating the systems using VLANs

• Question 280:

  An auditor is reviewing the following output from a password-cracking tool:

  

  Which of the following methods did the auditor MOST likely use?

  A. Hybrid
  B. Dictionary
  C. Brute force
  D. Rainbow table
  A. Hybrid