[Free] 2018(June) Dumps4cert CompTIA RC0-C02 Dumps with VCE and PDF Download 201-210

By | July 9, 2018

Dumps4cert.com : Latest Dumps with PDF and VCE Files
2018 May CompTIA Official New Released RC0-C02
100% Free Download! 100% Pass Guaranteed!

CompTIA Advanced Security Practitioner (CASP) Recertification Exam for Continuing Education

Question No: 201 – (Topic 4)

A small retail company recently deployed a new point of sale (POS) system to all 67 stores.

The core of the POS is an extranet site, accessible only from retail stores and the corporate office over a split-tunnel VPN. An additional split-tunnel VPN provides bi-directional connectivity back to the main office, which provides voice connectivity for store VoIP phones. Each store offers guest wireless functionality, as well as employee wireless. Only the staff wireless network has access to the POS VPN. Recently, stores are reporting poor response times when accessing the POS application from store computers as well as degraded voice quality when making phone calls. Upon investigation, it is determined that three store PCs are hosting malware, which is generating excessive network traffic. After malware removal, the information security department is asked to review the configuration and suggest changes to prevent this from happening again. Which of the following denotes the BEST way to mitigate future malware risk?

  1. Deploy new perimeter firewalls at all stores with UTM functionality.

  2. Change antivirus vendors at the store and the corporate office.

  3. Move to a VDI solution that runs offsite from the same data center that hosts the new POS solution.

  4. Deploy a proxy server with content filtering at the corporate office and route all traffic through it.

Answer: A Explanation:

A perimeter firewall is located between the local network and the Internet where it can screen network traffic flowing in and out of the organization. A firewall with unified threat management (UTM) functionalities includes anti-malware capabilities.

Question No: 202 – (Topic 4)

A finance manager says that the company needs to ensure that the new system can “replay” data, up to the minute, for every exchange being tracked by the investment departments. The finance manager also states that the company’s transactions need to be tracked against this data for a period of five years for compliance. How would a security engineer BEST interpret the finance manager’s needs?

  1. Compliance standards

  2. User requirements

  3. Data elements

  4. Data storage

  5. Acceptance testing

  6. Information digest

  7. System requirements

Answer: B Explanation:

User requirements are used to specify what the USER expects an application or system to do.

In this question, the finance manager has stated what he wants the system to do. Therefore, the answer to this question is ‘user requirements’.

Question No: 203 – (Topic 4)

During a recent audit of servers, a company discovered that a network administrator, who required remote access, had deployed an unauthorized remote access application that communicated over common ports already allowed through the firewall. A network scan showed that this remote access application had already been installed on one third of the servers in the company. Which of the following is the MOST appropriate action that the company should take to provide a more appropriate solution?

  1. Implement an IPS to block the application on the network

  2. Implement the remote application out to the rest of the servers

  3. Implement SSL VPN with SAML standards for federation

  4. Implement an ACL on the firewall with NAT for remote access

Answer: C Explanation:

A Secure Sockets Layer (SSL) virtual private network (VPN) would provide the network administrator who requires remote access a secure and reliable method of accessing the system over the Internet. Security Assertion Markup Language (SAML) standards for federation will provide cross-web service authentication and authorization.

Question No: 204 – (Topic 4)

A project manager working for a large city government is required to plan and build a WAN, which will be required to host official business and public access. It is also anticipated that the city’s emergency and first response communication systems will be required to operate across the same network. The project manager has experience with enterprise IT projects, but feels this project has an increased complexity as a result of the mixed business / public use and the critical infrastructure it will provide. Which of the following should the project manager release to the public, academia, and private industry to ensure the city provides

due care in considering all project factors prior to building its new WAN?

  1. NDA

  2. RFI

  3. RFP

  4. RFQ

Answer: B Explanation:

A request for information (RFI) seeks information from suppliers for a specific purpose. One big difference is that companies and suppliers are not obligated to respond.

Question No: 205 – (Topic 4)

Customer Need:

“We need the system to produce a series of numbers with no discernible mathematical progression for use by our Java based, PKI-enabled, customer facing website.”

Which of the following BEST restates the customer need?

  1. The system shall use a pseudo-random number generator seeded the same every time.

  2. The system shall generate a pseudo-random number upon invocation by the existing Java program.

  3. The system shall generate a truly random number based upon user PKI certificates.

  4. The system shall implement a pseudo-random number generator for use by corporate customers.

Answer: B

Question No: 206 – (Topic 4)

A security services company is scoping a proposal with a client. They want to perform a general security audit of their environment within a two week period and consequently have the following requirements:

Requirement 1 – Ensure their server infrastructure operating systems are at their latest patch levels

Requirement 2 – Test the behavior between the application and database Requirement 3 – Ensure that customer data cannot be exfiltrated

Which of the following is the BEST solution to meet the above requirements?

  1. Penetration test, perform social engineering and run a vulnerability scanner

  2. Perform dynamic code analysis, penetration test and run a vulnerability scanner

  3. Conduct network analysis, dynamic code analysis, and static code analysis

  4. Run a protocol analyzer perform static code analysis and vulnerability assessment

Answer: B Explanation:

Requirement 1: To ensure their server infrastructure operating systems are at their latest patch levels, we can run a vulnerability scanner. A vulnerability scanner is software designed to assess computers, computer systems, networks or applications for weaknesses. This includes ensuring the latest patches are installed.

Requirement 2: To test the behavior between the application and database, we can perform dynamic code analysis. Dynamic analysis is the testing and evaluation of a program by executing data in real-time. The objective is to find errors in a program while it is running, rather than by repeatedly examining the code offline.

Requirement 3: To ensure that customer data cannot be exfiltrated, we can run a penetration test. A penetration test is used to test for vulnerabilities to exploit to gain access to systems. If a malicious user can access a system, the user can exfiltrate the data.

Question No: 207 – (Topic 4)

A member of the software development team has requested advice from the security team to implement a new secure lab for testing malware. Which of the following is the NEXT step that the security team should take?

  1. Purchase new hardware to keep the malware isolated.

  2. Develop a policy to outline what will be required in the secure lab.

  3. Construct a series of VMs to host the malware environment.

  4. Create a proposal and present it to management for approval.

Answer: D


Before we can create a solution, we need to motivate why the solution needs to be created and plan the best implementation with in the company’s business operations. We therefore need to create a proposal that explains the intended implementation and allows for the company to budget for it.

Question No: 208 – (Topic 4)

A corporation has expanded for the first time by integrating several newly acquired businesses. Which of the following are the FIRST tasks that the security team should undertake? (Select TWO).

  1. Remove acquired companies Internet access.

  2. Federate identity management systems.

  3. Install firewalls between the businesses.

  4. Re-image all end user computers to a standard image.

  5. Develop interconnection policy.

  6. Conduct a risk analysis of each acquired company’s networks.

Answer: E,F

Question No: 209 – (Topic 4)

A Security Administrator has some concerns about the confidentiality of data when using SOAP. Which of the following BEST describes the Security Administrator’s concerns?

  1. The SOAP header is not encrypted and allows intermediaries to view the header data. The body can be partially or completely encrypted.

  2. The SOAP protocol supports weak hashing of header information. As a result the header and body can easily be deciphered by brute force tools.

  3. The SOAP protocol can be easily tampered with, even though the header is encrypted.

  4. The SOAP protocol does not support body or header encryption which allows assertions to be viewed in clear text by intermediaries.

Answer: A

Question No: 210 – (Topic 4)

A team of security engineers has applied regulatory and corporate guidance to the design of a corporate network. The engineers have generated an SRTM based on their work and a thorough analysis of the complete set of functional and performance requirements in the network specification. Which of the following BEST describes the purpose of an SRTM in this scenario?

  1. To ensure the security of the network is documented prior to customer delivery

  2. To document the source of all functional requirements applicable to the network

  3. To facilitate the creation of performance testing metrics and test plans

  4. To allow certifiers to verify the network meets applicable security requirements

Answer: D

100% Dumps4cert Free Download!
Download Free Demo:RC0-C02 Demo PDF
100% Dumps4cert Pass Guaranteed!
RC0-C02 Dumps

Dumps4cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.