CompTIA RC0-C02 Online Practice Questions and Exam Preparation

CompTIA RC0-C02 Online Questions & Answers

• Question 211:

  The risk manager is reviewing a report which identifies a requirement to keep a business critical legacy system operational for the next two years. The legacy system is out of support because the vendor and security patches are no longer released. Additionally, this is a proprietary embedded system and little is documented and known about it. Which of the following should the Information Technology department implement to reduce the security risk from a compromise of this system?

  A. Virtualize the system and migrate it to a cloud provider.
  B. Segment the device on its own secure network.
  C. Install an antivirus and HIDS on the system.
  D. Hire developers to reduce vulnerabilities in the code.
  B. Segment the device on its own secure network.

  ---

  The question states that the application is a proprietary embedded system and little is documented and known about it. If we don't know much about the application or system, we should not make any changes to the system. The best solution would be to isolate the system by segmenting the device on its own secure network. This will reduce the risk of a compromise of the system without making changes to the system itself.

• Question 212:

  A corporation has expanded for the first time by integrating several newly acquired businesses. Which of the following are the FIRST tasks that the security team should undertake? (Select TWO).

  A. Remove acquired companies Internet access.
  B. Federate identity management systems.
  C. Install firewalls between the businesses.
  D. Re-image all end user computers to a standard image.
  E. Develop interconnection policy.
  F. Conduct a risk analysis of each acquired company's networks.
  E. Develop interconnection policy.
  F. Conduct a risk analysis of each acquired company's networks.

• Question 213:

  Customers have recently reported incomplete purchase history and other anomalies while accessing their account history on the web server farm. Upon investigation, it has been determined that there are version mismatches of key e-commerce applications on the production web servers. The development team has direct access to the production servers and is most likely the cause of the different release versions. Which of the following process level solutions would address this problem?

  A. Implement change control practices at the organization level.
  B. Adjust the firewall ACL to prohibit development from directly accessing the production server farm.
  C. Update the vulnerability management plan to address data discrepancy issues.
  D. Change development methodology from strict waterfall to agile.
  A. Implement change control practices at the organization level.

  ---

  Change control and change management defines policies and practices to manage changes made to a system. It ensures that changes to a system occur in an orderly process.

• Question 214:

  The helpdesk department desires to roll out a remote support application for internal use on all company computers. This tool should allow remote desktop sharing, system log gathering, chat, hardware logging, inventory management, and remote registry access. The risk management team has been asked to review vendor responses to the RFQ. Which of the following questions is the MOST important?

  A. What are the protections against MITM?
  B. What accountability is built into the remote support application?
  C. What encryption standards are used in tracking database?
  D. What snapshot or "undo" features are present in the application?
  E. What encryption standards are used in remote desktop and file transfer functionality?
  B. What accountability is built into the remote support application?

• Question 215:

  A company has issued a new mobile device policy permitting BYOD and company-issued devices. The company-issued device has a managed middleware client that restricts the applications allowed on company devices and provides those that are approved. The middleware client provides configuration standardization for both company owned and BYOD to secure data and communication to the device according to industry best practices. The policy states that, "BYOD clients must meet the company's infrastructure requirements to permit a connection." The company also issues a memorandum separate from the policy, which provides instructions for the purchase, installation, and use of the middleware client on BYOD. Which of the following is being described?

  A. Asset management
  B. IT governance
  C. Change management
  D. Transference of risk
  B. IT governance

  ---

  It governance is aimed at managing information security risks. It entails educating users about risk and implementing policies and procedures to reduce risk.

• Question 216:

  The Chief Information Security Officer (CISO) is asking for ways to protect against zero-day exploits. The CISO is concerned that an unrecognized threat could compromise corporate data and result in regulatory fines as well as poor corporate publicity. The network is mostly flat, with split staff/guest wireless functionality. Which of the following equipment MUST be deployed to guard against unknown threats?

  A. Cloud-based antivirus solution, running as local admin, with push technology for definition updates.
  B. Implementation of an offsite data center hosting all company data, as well as deployment of VDI for all client computing needs.
  C. Host based heuristic IPS, segregated on a management VLAN, with direct control of the perimeter firewall ACLs.
  D. Behavior based IPS with a communication link to a cloud based vulnerability and threat feed.
  D. Behavior based IPS with a communication link to a cloud based vulnerability and threat feed.

  ---

  Good preventive security practices are a must. These include installing and keeping firewall policies carefully matched to business and application needs, keeping antivirus software updated, blocking potentially harmful file attachments and keeping all systems patched against known vulnerabilities. Vulnerability scans are a good means of measuring the effectiveness of preventive procedures. Real-time protection: Deploy inline intrusion- prevention systems (IPS) that offer comprehensive protection. When considering an IPS, seek the following capabilities: network-level protection, application integrity checking, application protocol Request for Comment (RFC) validation, content validation and forensics capability. In this case it would be behavior-based IPS with a communication link to a cloud-based vulnerability and threat feed.

• Question 217:

  The Chief Information Officer (CIO) is reviewing the IT centric BIA and RA documentation. The documentation shows that a single 24 hours downtime in a critical business function will cost the business $2.3 million. Additionally, the business unit which depends on the critical business function has determined that there is a high probability that a threat will materialize based on historical data. The CIO's budget does not allow for full system hardware replacement in case of a catastrophic failure, nor does it allow for the purchase of additional compensating controls. Which of the following should the CIO recommend to the finance director to minimize financial loss?

  A. The company should mitigate the risk.
  B. The company should transfer the risk.
  C. The company should avoid the risk.
  D. The company should accept the risk.
  B. The company should transfer the risk.

  ---

  To transfer the risk is to deflect it to a third party, by taking out insurance for example.

• Question 218:

  ABC Company must achieve compliance for PCI and SOX. Which of the following would BEST allow the organization to achieve compliance and ensure security? (Select THREE).

  A. Establish a list of users that must work with each regulation
  B. Establish a list of devices that must meet each regulation
  C. Centralize management of all devices on the network
  D. Compartmentalize the network
  E. Establish a company framework
  F. Apply technical controls to meet compliance with the regulation
  B. Establish a list of devices that must meet each regulation
  D. Compartmentalize the network
  F. Apply technical controls to meet compliance with the regulation

  ---

  Payment card industry (PCI) compliance is adherence to a set of specific security standards that were developed to protect card information during and after a financial transaction. PCI compliance is required by all card brands.

  There are six main requirements for PCI compliance. The vendor must:

  Build and maintain a secure network

  Protect cardholder data

  Maintain a vulnerability management program

  Implement strong access control measures

  Regularly monitor and test networks

  Maintain an information security policy

  To achieve PCI and SOX compliance you should:

  Establish a list of devices that must meet each regulation. List all the devices that contain the sensitive data.

  Compartmentalize the network. Compartmentalize the devices that contain the sensitive data to form a security boundary.

  Apply technical controls to meet compliance with the regulation. Secure the data as required.

• Question 219:

  The technology steering committee is struggling with increased requirements stemming from an increase in telecommuting. The organization has not addressed telecommuting in the past. The implementation of a new SSL-VPN and a VOIP phone solution enables personnel to work from remote locations with corporate assets. Which of the following steps must the committee take FIRST to outline senior management's directives?

  A. Develop an information classification scheme that will properly secure data on corporate systems.
  B. Implement database views and constrained interfaces so remote users will be unable to access PII from personal equipment.
  C. Publish a policy that addresses the security requirements for working remotely with company equipment.
  D. Work with mid-level managers to identify and document the proper procedures for telecommuting.
  C. Publish a policy that addresses the security requirements for working remotely with company equipment.

  ---

  The question states that "the organization has not addressed telecommuting in the past". It is therefore unlikely that a company policy exists for telecommuting workers. There are many types of company policies including Working time, Equality and diversity, Change management, Employment policies, Security policies and Data Protection policies. In this question, a new method of working has been employed: remote working or telecommuting. Policies should be created to establish company security requirements (and any other requirements) for users working remotely.

• Question 220:

  select id, firstname, lastname from authors User input= firstname= Hack;man lastname=Johnson Which of the following types of attacks is the user attempting?

  A. XML injection
  B. Command injection
  C. Cross-site scripting
  D. SQL injection
  D. SQL injection

  ---

  The code in the question is SQL code. The attack is a SQL injection attack.

  SQL injection is a code injection technique, used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker). SQL injection must exploit a security vulnerability in an application's software, for example, when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database.