RC0-C02 Exam Details

  • Exam Code
    :RC0-C02
  • Exam Name
    :CompTIA Advanced Security Practitioner (CASP) Recertification Exam for Continuing Education
  • Certification
    :CompTIA Advanced Security Practitioner
  • Vendor
    :CompTIA
  • Total Questions
    :308 Q&As
  • Last Updated
    :Jul 07, 2026

CompTIA RC0-C02 Online Questions & Answers

  • Question 1:

    ABC Corporation has introduced token-based authentication to system administrators due to the risk of password compromise. The tokens have a set of HMAC counter-based codes and are valid until they are used. Which of the following types of authentication mechanisms does this statement describe?

    A. TOTP
    B. PAP
    C. CHAP
    D. HOTP

  • Question 2:

    The following has been discovered in an internally developed application:

    Error - Memory allocated but not freed:

    char *myBuffer = malloc(BUFFER_SIZE);

    if (myBuffer != NULL) {

    *myBuffer = STRING_WELCOME_MESSAGE;

    printf("Welcome to: %s\n", myBuffer);

    }

    exit(0);

    Which of the following security assessment methods are likely to reveal this security weakness? (Select TWO).

    A. Static code analysis
    B. Memory dumping
    C. Manual code review
    D. Application sandboxing
    E. Penetration testing
    F. Black box testing

  • Question 3:

    A new IDS device is generating a very large number of irrelevant events. Which of the following would BEST remedy this problem?

    A. Change the IDS to use a heuristic anomaly filter.
    B. Adjust IDS filters to decrease the number of false positives.
    C. Change the IDS filter to data mine the false positives for statistical trending data.
    D. Adjust IDS filters to increase the number of false negatives.

  • Question 4:

    The security administrator finds unauthorized tables and records, which were not present before, on a Linux database server. The database server communicates only with one web server, which connects to the database server via an

    account with SELECT only privileges.

    Web server logs show the following:

    90.76.165.40 ?- [08/Mar/2014:10:54:04] "GET calendar.php?create%20table%20hidden HTTP/1.1" 200 5724

    90.76.165.40 ?- [08/Mar/2014:10:54:05] "GET ../../../root/.bash_history HTTP/1.1" 200 90.76.165.40 ?- [08/Mar/2014:10:54:04] "GET index.php?user<;scrip>;Creat<;/scrip>; HTTP/1.1" 200 5724

    The security administrator also inspects the following file system locations on the database server using the command `ls -al /root'

    drwxrwxrwx 11 root root 4096 Sep 28 22:45 .

    drwxr-xr-x 25 root root 4096 Mar 8 09:30 ..

    -rws------ 25 root root 4096 Mar 8 09:30 .bash_history

    -rw------- 25 root root 4096 Mar 8 09:30 .bash_history

    -rw------- 25 root root 4096 Mar 8 09:30 .profile

    -rw------- 25 root root 4096 Mar 8 09:30 .ssh

    Which of the following attacks was used to compromise the database server and what can the security administrator implement to detect such attacks in the future? (Select TWO).

    A. Privilege escalation
    B. Brute force attack
    C. SQL injection
    D. Cross-site scripting
    E. Using input validation, ensure the following characters are sanitized:
    F. Update crontab with: find / \( -perm -4000 \) –type f –print0 | xargs -0 ls –l | email.sh
    G. Implement the following PHP directive: $clean_user_input = addslashes($user_input)
    H. Set an account lockout policy

  • Question 5:

    A security administrator wants to calculate the ROI of a security design which includes the purchase of new equipment. The equipment costs $50,000 and it will take 50 hours to install and configure the equipment. The administrator plans to hire a contractor at a rate of $100/hour to do the installation. Given that the new design and equipment will allow the company to increase revenue and make an additional $100,000 on the first year, which of the following is the ROI expressed as a percentage for the first year?

    A. -45 percent
    B. 5.5 percent
    C. 45 percent
    D. 82 percent

  • Question 6:

    IT staff within a company often conduct remote desktop sharing sessions with vendors to troubleshoot vendor product-related issues. Drag and drop the following security controls to match the associated security concern. Options may be used once or not at all.

    Select and Place:

  • Question 7:

    Which of the following provides the BEST risk calculation methodology?

    A. Annual Loss Expectancy (ALE) x Value of Asset
    B. Potential Loss x Event Probability x Control Failure Probability
    C. Impact x Threat x Vulnerability
    D. Risk Likelihood x Annual Loss Expectancy (ALE)

  • Question 8:

    A security administrator was doing a packet capture and noticed a system communicating with an unauthorized address within the 2001::/32 prefix. The network administrator confirms there is no IPv6 routing into or out of the network.

    Which of the following is the BEST course of action?

    A. Investigate the network traffic and block UDP port 3544 at the firewall
    B. Remove the system from the network and disable IPv6 at the router
    C. Locate and remove the unauthorized 6to4 relay from the network
    D. Disable the switch port and block the 2001::/32 traffic at the firewall

  • Question 9:

    Anne, the security administrator, at a company has received a subpoena for the release of all the email received and sent by the company Chief Information Officer (CIO) for the past three years. Anne is only able to find one year's worth of email records on the server and is now concerned about the possible legal implications of not complying with the request. Which of the following should Anne check BEFORE responding to the request?

    A. The company data privacy policies
    B. The company backup logs and archives
    C. The company data retention policies and guidelines
    D. The company data retention procedures

  • Question 10:

    A medical device manufacturer has decided to work with another international organization to develop the software for a new robotic surgical platform to be introduced into hospitals within the next 12 months. In order to ensure a competitor does not become aware, management at the medical device manufacturer has decided to keep it secret until formal contracts are signed. Which of the following documents is MOST likely to contain a description of the initial terms and arrangement and is not legally enforceable?

    A. OLA
    B. BPA
    C. SLA
    D. SOA
    E. MOU

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your RC0-C02 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.