CompTIA RC0-C02 Online Practice Questions and Exam Preparation

CompTIA RC0-C02 Online Questions & Answers

• Question 231:

  Which of the following must be taken into consideration for e-discovery purposes when a legal case is first presented to a company?

  A. Data ownership on all files
  B. Data size on physical disks
  C. Data retention policies on only file servers
  D. Data recovery and storage
  D. Data recovery and storage

• Question 232:

  The Chief Executive Officer (CEO) has asked a security project manager to provide recommendations on the breakout of tasks for the development of a new product. The CEO thinks that by assigning areas of work appropriately the overall security of the product will be increased, because staff will focus on their areas of expertise. Given the below groups and tasks select the BEST list of assignments.

  Groups: Networks, Development, Project Management, Security, Systems Engineering, Testing

  Tasks: Decomposing requirements, Secure coding standards, Code stability, Functional validation, Stakeholder engagement, Secure transport

  A. Systems Engineering: Decomposing requirements Development: Secure coding standards Testing: Code stability Project Management: Stakeholder engagement Security: Secure transport Networks: Functional validation
  B. Systems Engineering: Decomposing requirements Development: Code stability Testing: Functional validation Project Management: Stakeholder engagement Security: Secure coding standards Networks: Secure transport
  C. Systems Engineering: Functional validation Development: Stakeholder engagement Testing: Code stability Project Management: Decomposing requirements Security: Secure coding standards Networks: Secure transport
  D. Systems Engineering: Decomposing requirements Development: Stakeholder engagement Testing: Code stability Project Management: Functional validation Security: Secure coding standards Networks: Secure transport
  B. Systems Engineering: Decomposing requirements Development: Code stability Testing: Functional validation Project Management: Stakeholder engagement Security: Secure coding standards Networks: Secure transport

• Question 233:

  The Chief Executive Officer (CEO) of a corporation purchased the latest mobile device and wants to connect it to the company's internal network. The Chief Information Security Officer (CISO) was told to research and recommend how to secure this device. Which of the following recommendations should be implemented to keep the device from posing a security risk to the company?

  A. A corporate policy to prevent sensitive information from residing on a mobile device and anti-virus software.
  B. Encryption of the non-volatile memory and a corporate policy to prevent sensitive information from residing on a mobile device.
  C. Encryption of the non-volatile memory and a password or PIN to access the device.
  D. A password or PIN to access the device and a corporate policy to prevent sensitive information from residing on a mobile device.
  C. Encryption of the non-volatile memory and a password or PIN to access the device.

• Question 234:

  A recently hired security administrator is advising developers about the secure integration of a legacy in-house application with a new cloud based processing system. The systems must exchange large amounts of fixed format data such as names, addresses, and phone numbers, as well as occasional chunks of data in unpredictable formats. The developers want to construct a new data format and create custom tools to parse and process the data. The security administrator instead suggests that the developers:

  A. Create a custom standard to define the data.
  B. Use well formed standard compliant XML and strict schemas.
  C. Only document the data format in the parsing application code.
  D. Implement a de facto corporate standard for all analyzed data.
  B. Use well formed standard compliant XML and strict schemas.

  ---

  Explanation: To ensure the successful parsing of the data, the XML code containing the data should be well-formed. We can use strict schemas to ensure the correct formatting of the data.

  XML has two main advantages: first, it offers a standard way of structuring data, and, second, we can specify the vocabulary the data uses. We can define the vocabulary (what elements and attributes an XML document can use) using either

  a document type definition (DTD) or the XML Schema language.

  Schemas provide the ability to define an element's type (string, integer, etc.) and much finer constraints (a positive integer, a string starting with an uppercase letter, etc.). DTDs enforce a strict ordering of elements; schemas have a more

  flexible range of options. Finally schemas are written in XML, whereas DTDs have their own syntax. For an application to accept an XML document, it must be both well formed and valid. A document that is not well formed is not really XML

  and doesn't conform to the W3C's stipulations for an XML document. A parser will fail when given that document, even if validation is turned off.

• Question 235:

  A large organization has recently suffered a massive credit card breach. During the months of Incident Response, there were multiple attempts to assign blame for whose fault it was that the incident occurred. In which part of the incident response phase would this be addressed in a controlled and productive manner?

  A. During the Identification Phase
  B. During the Lessons Learned phase
  C. During the Containment Phase
  D. During the Preparation Phase
  B. During the Lessons Learned phase

  ---

  The Lessons Learned phase is the final step in the Incident Response process, when everyone involved reviews what happened and why.

• Question 236:

  An enterprise must ensure that all devices that connect to its networks have been previously approved. The solution must support dual factor mutual authentication with strong identity assurance. In order to reduce costs and administrative overhead, the security architect wants to outsource identity proofing and second factor digital delivery to the third party. Which of the following solutions will address the enterprise requirements?

  A. Implementing federated network access with the third party.
  B. Using a HSM at the network perimeter to handle network device access.
  C. Using a VPN concentrator which supports dual factor via hardware tokens.
  D. Implementing 802.1x with EAP-TTLS across the infrastructure.
  D. Implementing 802.1x with EAP-TTLS across the infrastructure.

  ---

  IEEE 802.1X (also known as Dot1x) is an IEEE Standard for Port-based Network Access Control (PNAC). It is part of the IEEE 802.1 group of networking protocols. It provides an authentication mechanism to devices wishing to attach to a LAN or WLAN.

  802.1X authentication involves three parties: a supplicant, an authenticator, and an authentication server. The supplicant is a client device (such as a laptop) that wishes to attach to the LAN/WLAN - though the term 'supplicant' is also used interchangeably to refer to the software running on the client that provides credentials to the authenticator. The authenticator is a network device, such as an Ethernet switch or wireless access point; and the authentication server is typically a host running software supporting the RADIUS and EAP protocols. The authenticator acts like a security guard to a protected network. The supplicant (i.e., client device) is not allowed access through the authenticator to the protected side of the network until the supplicant's identity has been validated and authorized. An analogy to this is providing a valid visa at the airport's arrival immigration before being allowed to enter the country. With 802.1X port-based authentication, the supplicant provides credentials, such as user name/password or digital certificate, to the authenticator, and the authenticator forwards the credentials to the authentication server for verification. If the authentication server determines the credentials are valid, the supplicant (client device) is allowed to access resources located on the protected side of the network.

  EAP-TTLS (Tunneled Transport Layer Security) is designed to provide authentication that is as strong as EAP-TLS, but it does not require that each user be issued a certificate. Instead, only the authentication servers are issued certificates. User authentication is performed by password, but the password credentials are transported in a securely encrypted tunnel established based upon the server certificates.

• Question 237:

  An IT manager is concerned about the cost of implementing a web filtering solution in an effort to mitigate the risks associated with malware and resulting data leakage. Given that the ARO is twice per year, the ALE resulting from a data leak is $25,000 and the ALE after implementing the web filter is $15,000. The web filtering solution will cost the organization $10,000 per year. Which of the following values is the single loss expectancy of a data leakage event after implementing the web filtering solution?

  A. $0
  B. $7,500
  C. $10,000
  D. $12,500
  E. $15,000
  B. $7,500

  ---

  The annualized loss expectancy (ALE) is the product of the annual rate of occurrence (ARO) and the single loss expectancy (SLE). It is mathematically expressed as: ALE = ARO x SLE

  Single Loss Expectancy (SLE) is mathematically expressed as: Asset value (AV) x Exposure Factor (EF)

  SLE = AV x EF - Thus the Single Loss Expectancy (SLE) = ALE/ARO = $15,000 / 2 = $ 7,500

  References:

  http://www.financeformulas.net/Return_on_Investment.html https://en.wikipedia.org/wiki/Risk_assessment

• Question 238:

  An organization is concerned with potential data loss in the event of a disaster, and created a backup datacenter as a mitigation strategy. The current storage method is a single NAS used by all servers in both datacenters. Which of the following options increases data availability in the event of a datacenter failure?

  A. Replicate NAS changes to the tape backups at the other datacenter.
  B. Ensure each server has two HBAs connected through two routes to the NAS.
  C. Establish deduplication across diverse storage paths.
  D. Establish a SAN that replicates between datacenters.
  D. Establish a SAN that replicates between datacenters.

  ---

  A SAN is a Storage Area Network. It is an alternative to NAS storage. SAN replication is a technology that replicates the data on one SAN to another SAN; in this case, it would replicate the data to a SAN in the backup datacenter. In the event of a disaster, the SAN in the backup datacenter would contain all the data on the original SAN. Array-based replication is an approach to data backup in which compatible storage arrays use built-in software to automatically copy data from one storage array to another. Array- based replication software runs on one or more storage controllers resident in disk storage systems, synchronously or asynchronously replicating data between similar storage array models at the logical unit number (LUN) or volume block level. The term can refer to the creation of local copies of data within the same array as the source data, as well as the creation of remote copies in an array situated off site.

• Question 239:

  A company sales manager received a memo from the company's financial department which stated that the company would not be putting its software products through the same security testing as previous years to reduce the research and development cost by 20 percent for the upcoming year. The memo also stated that the marketing material and service level agreement for each product would remain unchanged. The sales manager has reviewed the sales goals for the upcoming year and identified an increased target across the software products that will be affected by the financial department's change. All software products will continue to go through new development in the coming year. Which of the following should the sales manager do to ensure the company stays out of trouble?

  A. Discuss the issue with the software product's user groups
  B. Consult the company's legal department on practices and law
  C. Contact senior finance management and provide background information
  D. Seek industry outreach for software practices and law
  B. Consult the company's legal department on practices and law

  ---

  To ensure that the company stays out of trouble, the sales manager should enquire about the legal ramifications of the change by consulting with the company's legal department, particularly as the marketing material is not being amended.

• Question 240:

  Company XYZ provides hosting services for hundreds of companies across multiple industries including healthcare, education, and manufacturing. The security architect for company XYZ is reviewing a vendor proposal to reduce company XYZ's hardware costs by combining multiple physical hosts through the use of virtualization technologies. The security architect notes concerns about data separation, confidentiality, regulatory requirements concerning PII, and administrative complexity on the proposal. Which of the following BEST describes the core concerns of the security architect?

  A. Most of company XYZ's customers are willing to accept the risks of unauthorized disclosure and access to information by outside users.
  B. The availability requirements in SLAs with each hosted customer would have to be re- written to account for the transfer of virtual machines between physical platforms for regular maintenance.
  C. Company XYZ could be liable for disclosure of sensitive data from one hosted customer when accessed by a malicious user who has gained access to the virtual machine of another hosted customer.
  D. Not all of company XYZ's customers require the same level of security and the administrative complexity of maintaining multiple security postures on a single hypervisor negates hardware cost savings.
  C. Company XYZ could be liable for disclosure of sensitive data from one hosted customer when accessed by a malicious user who has gained access to the virtual machine of another hosted customer.

  ---

  The hosting company (Company XYZ) is responsible for the data separation of customer data. If a malicious user gained access to a customer's sensitive data, the customer could sue the hosting company for damages. The result of such a lawsuit could be catastrophic for the hosting company in terms of compensation paid to the customer and loss of revenue due to the damaged reputation of the hosting company.