[Free] 2018(Jan) EnsurePass Passguide CompTIA RC0-C02 Dumps with VCE and PDF 121-130

2018 Jan CompTIA Official New Released RC0-C02
100% Free Download! 100% Pass Guaranteed!

CompTIA Advanced Security Practitioner (CASP) Recertification Exam for Continuing Education

Question No: 121 – (Topic 2)

A risk manager has decided to use likelihood and consequence to determine the risk of an event occurring to a company asset. Which of the following is a limitation of this approach to risk management?

  1. Subjective and based on an individual#39;s experience.

  2. Requires a high degree of upfront work to gather environment details.

  3. Difficult to differentiate between high, medium, and low risks.

  4. Allows for cost and benefit analysis.

  5. Calculations can be extremely complex to manage.

Answer: A Explanation:

Using likelihood and consequence to determine risk is known as qualitative risk analysis. With qualitative risk analysis, the risk would be evaluated for its probability and impact using a numbered ranking system such as low, medium, and high or perhaps using a 1 to 10 scoring system.

After qualitative analysis has been performed, you can then perform quantitative risk analysis. A Quantitative risk analysis is a further analysis of the highest priority risks during which a numerical or quantitative rating is assigned to the risk.

Qualitative risk analysis is usually quick to perform and no special tools or software is required. However, qualitative risk analysis is subjective and based on the user’s experience.

Question No: 122 – (Topic 2)

A software project manager has been provided with a requirement from the customer to place limits on the types of transactions a given user can initiate without external interaction from another user with elevated privileges. This requirement is BEST described as an implementation of:

  1. an administrative control

  2. dual control

  3. separation of duties

  4. least privilege

  5. collusion

Answer: C Explanation:

Separation of duties requires more than one person to complete a task.

Question No: 123 – (Topic 2)

An organization is selecting a SaaS provider to replace its legacy, in house Customer Resource Management (CRM) application. Which of the following ensures the organization mitigates the risk of managing separate user credentials?

  1. Ensure the SaaS provider supports dual factor authentication.

  2. Ensure the SaaS provider supports encrypted password transmission and storage.

  3. Ensure the SaaS provider supports secure hash file exchange.

  4. Ensure the SaaS provider supports role-based access control.

  5. Ensure the SaaS provider supports directory services federation.

Answer: E Explanation:

A SaaS application that has a federation server within the customer#39;s network that interfaces with the customer#39;s own enterprise user-directory service can provide single sign-on authentication. This federation server has a trust relationship with a corresponding federation server located within the SaaS provider#39;s network.

Single sign-on will mitigate the risk of managing separate user credentials.

Question No: 124 – (Topic 2)

The Chief Executive Officer (CEO) of a company that allows telecommuting has challenged the Chief Security Officer’s (CSO) request to harden the corporate network’s perimeter.

The CEO argues that the company cannot protect its employees at home, so the risk at work is no different. Which of the following BEST explains why this company should proceed with protecting its corporate network boundary?

  1. The corporate network is the only network that is audited by regulators and customers.

  2. The aggregation of employees on a corporate network makes it a more valuable target for attackers.

  3. Home networks are unknown to attackers and less likely to be targeted directly.

  4. Employees are more likely to be using personal computers for general web browsing when they are at home.

Answer: B Explanation:

Data aggregation is any process in which information is gathered and expressed in a summary form, for purposes such as statistical analysis. Data aggregation increases the impact and scale of a security breach. The amount of data aggregation on the corporate network is much more that on an employee’s home network, and is therefore more valuable.

Question No: 125 – (Topic 2)

The senior security administrator wants to redesign the company DMZ to minimize the risks associated with both external and internal threats. The DMZ design must support security in depth, change management and configuration processes, and support incident reconstruction. Which of the following designs BEST supports the given requirements?

  1. A dual firewall DMZ with remote logging where each firewall is managed by a separate administrator.

  2. A single firewall DMZ where each firewall interface is managed by a separate administrator and logging to the cloud.

  3. A SaaS based firewall which logs to the company’s local storage via SSL, and is managed by the change control team.

  4. A virtualized firewall, where each virtual instance is managed by a separate administrator and logging to the same hardware.

Answer: A Explanation:

Security in depth is the concept of creating additional layers of security. The traditional approach of securing the IT infrastructure is no longer enough. Today’s threats are multifaceted and often persistent, and traditional network perimeter security controls cannot effectively mitigate them. Organizations need to implement more effective, multi-level security controls that are embedded with their electronic assets. They need to protect key assets from both external and internal threats. This security in depth approach is meant to sustain attacks even when perimeter and traditional controls have been breached.

In this question, using two firewalls to secure the DMZ from both external and internal attacks is the best approach. Having each firewall managed by a separate administrator will reduce the chance of a configuration error being made on both firewalls. The remote logging will enable incident reconstruction.

Question No: 126 – (Topic 2)

A health service provider is considering the impact of allowing doctors and nurses access to the internal email system from their personal smartphones. The Information Security Officer (ISO) has received a technical document from the security administrator explaining that the current email system is capable of enforcing security policies to personal smartphones, including screen lockout and mandatory PINs. Additionally, the system is able to remotely wipe a phone if reported lost or stolen. Which of the following should the Information Security Officer be MOST concerned with based on this scenario? (Select THREE).

  1. The email system may become unavailable due to overload.

  2. Compliance may not be supported by all smartphones.

  3. Equipment loss, theft, and data leakage.

  4. Smartphone radios can interfere with health equipment.

  5. Data usage cost could significantly increase.

  6. Not all smartphones natively support encryption.

  7. Smartphones may be used as rogue access points.

Answer: B,C,F

Question No: 127 – (Topic 2)

An organization determined that each of its remote sales representatives must use a smartphone for email access. The organization provides the same centrally manageable model to each person. Which of the following mechanisms BEST protects the confidentiality of the resident data?

  1. Require dual factor authentication when connecting to the organization’s email server.

  2. Require each sales representative to establish a PIN to access the smartphone and limit email storage to two weeks.

  3. Require encrypted communications when connecting to the organization’s email server.

  4. Require a PIN and automatic wiping of the smartphone if someone enters a specific number of incorrect PINs.

Answer: D

Question No: 128 – (Topic 2)

Company policy requires that all unsupported operating systems be removed from the network. The security administrator is using a combination of network based tools to identify such systems for the purpose of disconnecting them from the network. Which of the following tools, or outputs from the tools in use, can be used to help the security administrator make an approximate determination of the operating system in use on the local company network? (Select THREE).

  1. Passive banner grabbing

  2. Password cracker



=packet captureamp;cookie=wokdjwalkjcnie61lkasdf2aliser4

  1. 443/tcp open http

  2. dig host.company.com

  3. 09:18:16.262743 IP (tos 0x0, ttl 64, id 9870, offset 0, flags [none], proto TCP (6), length 40) gt; Flags [none], cksum 0x1800 (correct), win 512, length 0

  4. Nmap

Answer: A,F,G Explanation:

Banner grabbing and operating system identification can also be defined as fingerprinting the TCP/IP stack. Banner grabbing is the process of opening a connection and reading the banner or response sent by the application.

The output displayed in option F includes information commonly examined to fingerprint the OS.

Nmap provides features that include host discovery, as well as service and operating system detection.

Question No: 129 – (Topic 2)

A large organization has recently suffered a massive credit card breach. During the months of Incident Response, there were multiple attempts to assign blame for whose fault it was that the incident occurred. In which part of the incident response phase would this be

addressed in a controlled and productive manner?

  1. During the Identification Phase

  2. During the Lessons Learned phase

  3. During the Containment Phase

  4. During the Preparation Phase

Answer: B Explanation:

The Lessons Learned phase is the final step in the Incident Response process, when everyone involved reviews what happened and why.

Question No: 130 – (Topic 2)

A data breach has occurred at Company A and as a result, the Chief Information Officer (CIO) has resigned. The CIO#39;s laptop, cell phone and PC were all wiped of data per company policy. A month later, prosecutors in litigation with Company A suspect the CIO knew about the data breach long before it was discovered and have issued a subpoena requesting all the CIO#39;s email from the last 12 months. The corporate retention policy recommends keeping data for no longer than 90 days. Which of the following should occur?

  1. Restore the CIO#39;s email from an email server backup and provide the last 90 days from the date of the subpoena request.

  2. Inform the litigators that the CIOs information has been deleted as per corporate policy.

  3. Restore the CIO#39;s email from an email server backup and provide the last 90 days from the date of the CIO resignation.

  4. Restore the CIO#39;s email from an email server backup and provide whatever is available up to the last 12 months from the subpoena date.

Answer: D

100% Free Download!
Download Free Demo:RC0-C02 Demo PDF
100% Pass Guaranteed!
Download 2018 EnsurePass RC0-C02 Full Exam PDF and VCE

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2018 EnsurePass IT Certification PDF and VCE

You must be logged in to post a comment.

Proudly powered by WordPress   Premium Style Theme by www.gopiplus.com