Network Defense and Countermeasures (NDC) braindumps free download

Free SC0-402 Demo Download

just4cert offers free demo for SCP certification SC0-402 (Network Defense and Countermeasures (NDC)). You can check out the interface, question quality and usability of our practice exams before you decide to buy it. We are the only one site can offer demo for almost all products.

Download SC0-402 PDF Demo

Why choose just4cert SC0-402 braindumps

Quality and Value for the SC0-402 Exam
100% Guarantee to Pass Your SC0-402 Exam
Downloadable, Interactive SC0-402 Testing engines
Verified Answers Researched by Industry Experts
Drag and Drop questions as experienced in the Actual Exams
Practice Test Questions accompanied by exhibits
Our Practice Test Questions are backed by our 100% MONEY BACK GUARANTEE.

SC0-402 free demo:

　
　
Exam : SCP SC0-402
Title : Network Defense and Countermeasures (NDC)

1. You are reviewing your companys IPChains Firewall and see the command (minus the quotes) ?! 10.10.10.216?as part of a rule, what does this mean?
A. Traffic destined for host 10.10.10.216 is exempt from filtering
B. Traffic originating from host 10.10.10.216 is exempt from filtering
C. Any host except 10.10.10.216
D. Only host 10.10.10.216
E. Traffic destined for 10.10.10.216 gets sent to the input filter.
F. Traffic originating from 10.10.10.216 gets sent to the input filter
Answer: C

2. Which of the following defines the security policy to be used for securing communications between the VPN Client and Server?
A. Encapsulating Delimiters
B. Security Authentications
C. Encapsulating Security Payload
D. Security Associations
E. Authentication Header
Answer: D

3. What step in the process of Intrusion Detection as shown in the exhibit would determine if given alerts were part of a bigger intrusion, or would help discover infrequent attacks?
A. 5
B. 9
C. 12
D. 10
E. 4
Answer: C

4. You are examining a packet from an unknown host that was trying to ping one of your protected servers and notice that the packets it sent had an IPLen of 20 byes and DgmLen set to 60 bytes.
What type of operating system should you believe this packet came from?
A. Linux
B. SCO
C. Windows
D. Mac OSX
E. Netware
Answer: C

5. Recently, you have seen an increase in intrusion attempts and in network traffic. You decide to use Snort to run a packet capture and analyze the traffic that is present. Looking at the example, what type of traffic did Snort capture in this log file?
A. Trojan Horse Scan
B. Back Orifice Scan
C. NetBus Scan
D. Port Scan
E. Ping Sweep
Answer: B

6. To manage the risk analysis of your organization you must first identify the method of analysis to use. Which of the following organizations defines the current standards of risk analysis methodologies?
A. NIST
B. CERT
C. F-ICRC
D. NBS
E. NSA
Answer: A

7. You are configuring your new IDS machine, where you have recently installed Snort. While you are working with this machine, you wish to create some basic rules to test the ability to log traffic as you desire. Which of the following Snort rules will log any tcp traffic from any host other than 172.16.40.50 using any port, to any host in the 10.0.10.0/24 network using any port?
A. log udp ! 172.16.40.50/32 any -> 10.0.10.0/24 any
B. log tcp ! 172.16.40.50/32 any -> 10.0.10.0/24 any
C. log udp ! 172.16.40.50/32 any <> 10.0.10.0/24 any
D. log tcp ! 172.16.40.50/32 any <> 10.0.10.0/24 any
E. log tcp ! 172.16.40.50/32 any <- 10.0.10.0/24 any
Answer: B

8. You have found a user in your organization who has managed to gain access to a system that this user was not granted the right to use. This user has just provided you with a working example of which of the following?
A. Intrusion
B. Misuse
C. Intrusion detection
D. Misuse detection
E. Anomaly detection
Answer: A

9. Choose the best 3 responses
You have just installed a new firewall and explained the benefits to your CEO.
Next you are asked what some of the limitations of the firewall are. Which of the following are issues where a firewall cannot help to secure the network?
A. Poor Security Policy
B. Increased ability to enforce policies
C. End node virus control
D. Increased ability to enforce policies
E. Social Engineering
Answer: ACE

10. Choose the best 3 responses
You are creating the User Account section of your organizational security policy. From the following options, select the questions to use for the formation of this section?
A. Are users allowed to make copies of any operating system files (including, but not limited to /etc/passwd or the SAM)?
B. Who in the organization has the right to approve the request for new user accounts?
C. Are users allowed to have multiple accounts on a computer?
D. Are users allowed to share their user account with coworkers?
E. Are users required to use password-protected screensavers?
F. Are users allowed to modify files they do not own, but have write abilities?
Answer: BCD

11. Choose the best 2 responses
You have been chosen to manage the new security system that is to be implemented next month in your network. You are determining the type of access control to use. What are the two types of Access Control that may be implemented in a network?
A. Regulatory Access Control
B. Mandatory Access Control
C. Discretionary Access Control
D. Centralized Access Control
E. Distributed Access Control
Answer: BC

12. After a meeting between the IT department leaders and a security consultant, they decide to implement a new IDS in your network. You are later asked to explain to your team the type of IDS that is going to be implemented. Which of the following best describes the centralized design of a Host-Based IDS?
A. In a Centralized design, sensors (also called agents) are placed on each key host throughout the network analyzing the network traffic for intrusion indicators. Once an incident is identified the sensor notifies the command console.
B. In a Centralized design, the agents is on the single command console as the one that performs the analysis. There is a significant advantage to this method. The intrusion data can be monitored in real-time.
C. In a Centralized design, the IDS uses what are known as agents (also called sensors). These agents are in fact small programs running on the hosts that are programmed to detect network traffic intrusions. They communicate with the command console, or a central computer controlling the IDS.
D. In a Centralized design, sensors are installed in key positions throughout the network, and they all report to the command console. The sensors in this case, are full detection engines that have the ability to sniff network packets, analyze for known signatures, and notify the console with an alert if an intrusion is detected.
E. In a Centralized design, the data is gathered and sent from the host to a centralized location. There is no significant performance drop on the hosts because the agents simply gather information and send them elsewhere for analysis. However, due to the nature of the design, there is no possibility of real-time detection and response.
Answer: E

Enterprise Security Implementation (ESI) braindumps free download

Free SC0-501 Demo Download

Just4cert offers free demo for SCP SCP Certification SC0-501 (Enterprise Security Implementation (ESI)). You can check out the interface, question quality and usability of our practice exams before you decide to buy it. We are the only one site can offer demo for almost all products.

Free SC0-501 pdf demo download!

SC0-501 exam Exam Description

It is well known that SC0-501 test is the hot exam of SCP certification. just4cert offer you all the Q&A of the SC0-501 real test . It is the examination of the perfect combination and it will help you pass SC0-501 exam at the first time!

　
　
Exam : SCP SC0-501
Title : Enterprise SecurityImplementation

1. What is the name of the option in Windows to hide, or append, a second file to a main file?
A.The Hidden Bit
B.Dynamic Link Libraries
C.NTFS Streams
D.File Associations
E.Hidden Server Management
Answer: C

2. If you capture an 802.11 frame, and the ToDS bit is set to zero and the FromDS bit is set to zero, what type of WLAN is this frame a part of?
A.Mesh
B.Broadcast
C.Infrastructure
D.Hierarchical
E.Ad Hoc
Answer: E

3. When Windows places a file on a FAT 16 partition, what does it look for, in HEX, to know that a file can be placed in that cluster?
A.0000
B.FFFF
C.0001
D.000F
E.1111
Answer: A

4. Which of the following can be protected by a patent?
A.A new invention
B.A new product
C.A new process
D.A new name
E.An old product made in a new way
Answer: ABCE

5. Which of the following is not a category of Intellectual Property?
A.Patents
B.Trademarks
C.Copyrights
D.Manufacturing Standards
E.Trade Secrets
Answer: D

Why choose just4cert SC0-501 braindumps

Quality and Value for the SC0-501 Exam
100% Guarantee to Pass Your SC0-501 Exam
Downloadable, Interactive SC0-501 Testing engines
Verified Answers Researched by Industry Experts
Drag and Drop questions as experienced in the Actual Exams
Practice Test Questions accompanied by exhibits
Our Practice Test Questions are backed by our 100% MONEY BACK GUARANTEE.

Just4cert SC0-501 Exam Features

The Solution Exam braindumps free download

Free SC0-502 Demo Download

Just4cert offers free demo for SCP SCP Certification SC0-502 (The Solution Exam). You can check out the interface, question quality and usability of our practice exams before you decide to buy it. We are the only one site can offer demo for almost all products.

Free SC0-502 pdf demo download!

SC0-502 exam Exam Description

It is well known that SC0-502 test is the hot exam of SCP certification. just4cert offer you all the Q&A of the SC0-502 real test . It is the examination of the perfect combination and it will help you pass SC0-502 exam at the first time!

　
　
Exam : SCP SC0-502
Title : The Solution Exam

1. Now that you have MegaCorp somewhat under control, you are getting ready to go home for the night. You have made good progress on the network recently, and things seem to be going smoothly. On your way out, you stop by the CEO’s office and say good night. You are told that you will be meeting in the morning, so try to get in a few minutes early.
The next morning, you get to the office 20 minutes earlier than normal, and the CEO stops by your office, "Thanks for coming in a bit early. No problem really, I just wanted to discuss with you a current need we have with the network."
"OK, go right ahead." You know the network pretty well by now, and are ready for whatever is thrown your way.
"We are hiring 5 new salespeople, and they will all be working from home or on the road. I want to be sure that the network stays safe, and that they can get access no matter where they are."
"Not a problem," you reply. "I’ll get the plan for this done right away."
"Thanks a lot, if you have any questions for me, just let me know."
You are relieved that there was not a major problem and do some background work for integrating the new remote users. After talking with the CEO more, you find out that the users will be working from there home nearly all the time, with very little access from on the road locations.
The remote users are all using Windows 2000 Professional, and will be part of the domain. The CEO has purchased all the remote users brand new Compaq laptops, just like the one used in the CEO’s office, and which the CEO takes home each night; complete with DVDCD-burner drives, built-in WNICs, 17" LCD widescreen displays, oversized hard drives, a gig of memory, and fast processing. I wish I was on the road to get one of those,?you think.
You start planning and decide that you will implement a new VPN Server next to the Web and FTP Server. You are going to assign the remote users IP Addresses: 10.10.60.100~10.10.60.105, and will configure the systems to run Windows 2000 Professional.
Based on this information, and your knowledge of the MegaCorp network up to this point, choose the best solution for the secure remote user needs:}
A. You begin with configuring the VPN server, which is running Windows 2000 Server. You create five new accounts on that system, granting each of them the Allow Virtual Private Connections right in Active Directory Users and Computers. You then configure the range of IP Addresses to provide to the clients as: 10.10.60.100 through 10.10.60.105. Next, you configure five IPSec Tunnel endpoints on the server, each to use L2TP as the protocol.
Then, you configure the clients. On each system, you configure a shortcut on the desktop to use to connect to the VPN. The shortcut is configured to create an L2TP IPSec tunnel to the VPN server. The connection itself is configured to exchange keys with the user’s ISP to create a tunnel between the user’s ISP endpoint and the MegaCorp VPN Server.
B. To start the project, you first work on the laptops you have been given. On each laptop, you configure the system to make a single Internet connection to the user’s ISP. Next, you configure a shortcut on the desktop for the VPN connection. You design the connection to use L2TP, with port filtering on outbound UDP 500 and UDP 1701. When a user double-clicks the desktop icon you have it configured to make an automatic tunnel to the VPN server.
On the VPN server, you configure the system to use L2TP with port filtering on inbound UDP 500 and UDP 1701. You create a static pool of assigned IP Address reservations for the five remote clients. You configure automatic redirection on the VPN server in the routing and remote access MMC, so once the client has connected to the VPN server, he or she will automatically be redirected to the inside network, with all resources available in his or her Network Neighborhood.
C. You configure the VPN clients first, by installing the VPN High Encryption Service Pack. With this installed, you configure the clients to use RSA, with 1024-bit keys. You configure a shortcut on the desktop that automatically uses the privatepublic key pair to communicate with the VPN Server, regardless of where the user is locally connected.
On the VPN Server, you also install the VPN High Encryption Service Pack, and configure 1024-bit RSA encryption. You create five new user accounts, and grant them all remote access rights, using Active Directory Sites and Services. You configure the VPN service to send the server’s public key to the remote users upon the request to configure the tunnel. Once the request is made, the VPN server will build the tunnel, from the server side, to the client.
D. You decide to start the configuration on the VPN clients. You create a shortcut on the desktop to connect to the VPN Server. Your design is such that the user will simply double-click the shortcut and the client will make the VPN connection to the server, using PPTP. You do not configure any filters on the VPN client systems.
On the VPN Server, you first configure routing and remote access for the new accounts and allow them to have Dial-In access. You then configure a static IP Address pool for the five remote users. Next, you configure the remote access policy to grant remote access, and you implement the following PPTP filtering:
Inbound Protocol 47 (GRE) allowed
Inbound TCP source port 0, destination port 1723 allowed
Inbound TCP source port 520, destination port 520 allowed
Outbound Protocol 47 (GRE) allowed
Outbound TCP source port 1723, destination port 0 allowed
Outbound TCP source port 520, destination port 520 allowed
E. You choose to configure the VPN server first, by installing the VPN High Encryption Service Pack and the HISECVPN.INF built-in security template through the Security Configuration and Analysis Snap-In. Once the Service pack and template are installed, you configure five user accounts and a static pool of IP Addresses for each account.
You then configure the PPTP service on the VPN server, without using inbound or outbound filters ?due to the protection of the Service Pack. You grant each user the right to dial into the server remotely, and move on to the laptops.
On each laptop, you install the VPN High Encryption Service Pack, to bring the security level of the laptops up to the same level as the VPN server. You then configure a shortcut on each desktop that controls the direct transport VPN connection from the client to the server.
Answer: D

2. Build a small test pilot program, to test the hierarchy, and integration with the existing network.
6. Implement the CA hierarchy in the executive office, and get all users acclimated to the system.
7. Implement the CA hierarchy in each other campus building in Testbed, and get all users acclimated to the system.
8. One at a time, implement the CA hierarchy in each remote office; again getting all users acclimated to the system.
9. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
10. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
B. You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps:
1. Draft a Certification Practice Statement (CPS) to define what users will be allowed to do with their certificates, and a Certificate Policy (CP) to define the technology used to ensure the users are able to use their certificates as per the CPS.
2. Draft a CPF based on your own guidelines, including physical and technology controls.
3. Design the system, outside of the executive office, to be a full hierarchy, with the Root CA for the hierarchy located in the executive building. Every remote office will have a subordinate CA, and every other building on the campus in Testbed will have a subordinate CA.
4. In the executive building, you design the system to be a mesh CA structure, with one CA per floor of the building.
5. Design the hierarchy with each remote office and building having it’s own enrollment CA.
6. Build a small test pilot program, to test the hierarchy, and integration with the existing network.
7. Implement the CA hierarchy in the executive office, and get all users acclimated to the system.
8. Implement the CA hierarchy in each other campus building in Testbed, and get all users acclimated to the system.
9. One at a time, implement the CA hierarchy in each remote office; again getting all users acclimated to the system.
10. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
11. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
C. You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps:
1. Draft a Certificate Policy (CP) document to define what users will be allowed to do with their certificates, and a Certification Practice Statement (CPS) document to define the technology used to ensure the users are able to use their certificates as per the CPS.
2. Draft a Certificate Practices Framework (CPF) document based on RFC 2527, including every primary component.
3. Design the system to be a full hierarchy, with the Root CA located in the executive building. Every remote office will have a subordinate CA, and every other building on the campus in Testbed will have a subordinate CA.
4. Design the hierarchy with each remote office and building having it’s own enrollment CA.
5. Build a small test pilot program, to test the hierarchy, and integration with the existing network.
6. Implement the CA hierarchy in the executive office, and get all users acclimated to the system.
7. Implement the CA hierarchy in each other campus building in Testbed, and get all users acclimated to the system.
8. One at a time, implement the CA hierarchy in each remote office; again getting all users acclimated to the system.
9. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
10. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
D. You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps:
1. Draft a Certificate Policy (CP) document to define what users will be allowed to do with their certificates, and a Certification Practice Statement (CPS) document to define the technology used to ensure the users are able to use their certificates as per the CPS.
2. Draft a Certificate Practices Framework (CPF) document based on RFC 2527, including every primary component.
3. Design the system to be a full mesh, with the Root CA located in the executive building.
4. Design the mesh with each remote office and building having it’s own Root CA.
5. Build a small test pilot program, to test the hierarchy, and integration with the existing network.
6. Implement the CA mesh in the executive office, and get all users acclimated to the system.
7. Implement the CA mesh in each other campus building in Testbed, and get all users acclimated to the system.
8. One at a time, implement the CA mesh in each remote office; again getting all users acclimated to the system.
9. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
10. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
E. You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps:
1. Draft a Certification Practice Statement (CPS) to define what users will be allowed to do with their certificates, and a Certificate Policy (CP) to define the technology used to ensure the users are able to use their certificates as per the CPS.
2. Draft a CPF based on your own guidelines, including physical and technology controls.
3. Design the system to be a full mesh, with the Root CA located in the executive building.
4. Design the mesh with each remote office and building having it’s own Root CA.
5. Build a small test pilot program, to test the hierarchy, and integration with the existing network.
6. Implement the CA mesh in the executive office, and get all users acclimated to the system.
7. Implement the CA mesh in each other campus building in Testbed, and get all users acclimated to the system.
8. One at a time, implement the CA mesh in each remote office; again getting all users acclimated to the system.
9. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
10. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
Answer: C

3. GlobalCorp is a company that makes state of the art aircraft for commercial and government use. Recently GlobalCorp has been working on the next generation of low orbit space vehicles, again for both commercial and governmental markets.
GlobalCorp has corporate headquarters in Testbed, Nevada, USA. Testbed is a small town, with a population of less than 50,000 people. GlobalCorp is the largest company in town, where most families have at least one family member working there.
The corporate office in Testbed has 4,000 total employees, on a 40-acre campus environment. The largest buildings are the manufacturing plants, which are right next to the Research and Development labs. The manufacturing plants employee approximately 1,000 people and the R&D labs employ 500 people. There is one executive building, where approximately 500 people work. The rest of the employees work in Marketing, Accounting, Press and Investor Relations, and so on. The entire complex has a vast underground complex of tunnels that connect each building.
All critical functions are run from the Testbed office, with remote offices around the world. The remote offices are involved in marketing and sales of GlobalCorp products. These offices also perform maintenance on the GlobalCorp aircraft and will occasionally perform R&D and on-site manufacturing.
There are 5 remote offices, located in: New York, California, Japan, India, and England. Each of the remote offices has a dedicated T3 line to the GlobalCorp HQ, and all network traffic is routed through the Testbed office ?the remote offices do not have direct Internet connections.
You had been working for two years in the New York office, and have been interviewing for the lead security architect position in Testbed. The lead security architect reports directly to the Chief Security Officer (CSO), who calls you to let you know that you got the job. You are to report to Testbed in one month, just in time for the annual meeting, and in the meantime you review the overview of the GlobalCorp network.
Your first day in GlobalCorp Testbed, you get your office setup, move your things in place, and about the time you turn on your laptop, there is a knock on your door. It is Blue, the Chief Security Officer, who informs you that there is a meeting that you need to attend in a half an hour.
With your laptop in hand, you come to the meeting, and are introduced to everyone. Blue begins the meeting with a discussion on the current state of security in GlobalCorp.
"For several years now, we have constantly been spending more and more money on our network defense, and I feel confident that we are currently well defended." Blue, puts a picture on the wall projecting the image of the network, and then continues, "We have firewalls at each critical point, we have separate Internet access for our public systems, and all traffic is routed through our controlled access points. So, with all this, you might be wondering why I have concern."
At this point a few people seem to nod in agreement. For years, GlobalCorp has been at the forefront of perimeter defense and security. Most in the meeting are not aware that there is much else that could be done.
Blue continues, "Some of you know this, for the rest it is new news: MassiveCorp is moving their offices to the town right next to us here. Now, as you all know, MassiveCorp has been trying to build their orbital systems up to our standards for years and have never been able to do so. So, from a security point of view, I am concerned."
This is news to most people, Green, the Vice President of Research asks, "We have the best in firewalls, we have the best in you and your systems, what are you suggesting?"
Blue responds, "I suggest trust. Not with MassiveCorp, but in our own systems. We must build trusted networks. We must migrate our network from one that is well-defended to one that is well-defended and one that allows us to trust all the network traffic."
The meeting continues for some time, with Blue leading the discussion on a whole new set of technologies currently not used in the network. After some time, it is agreed upon that GlobalCorp will migrate to a trusted networking environment.
The following week, Blue informs you that you will be working directly together on the development of the planning and design of the trusted network. The network is going to run a full PKI, with all clients and servers in the network using digital certificates. You are grateful that in the past two years, Blue has had all the systems changed to be running only Windows 2000, both server and professional systems, running Active Directory. You think the consistent platform will make the PKI roll out easier.
The entire GlobalCorp network is running Active Directory, with the domain structure as in the following list:
Testbed.globalcorp.org
Newyork.globalcorp.org
California.globalcorp.org
Japan.globalcorp.org
India.globalcorp.org
England.globalcorp.org
Although you will be working in the Testbed office, the plan you develop will need to include the entire GlobalCorp organization. Based on this information, select the solution that describes the best plan for the new trusted network of GlobalCorp:}
A. You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps:
1. Draft a Certification Practice Statement (CPS) to define what users will be allowed to do with their certificates, and a Certificate Policy (CP) to define the technology used to ensure the users are able to use their certificates as per the CPS.
2. Draft a CPF based on your own guidelines, including physical and technology controls.
3. Design the system to be a full hierarchy, with the Root CA located in the executive building. Every remote office will have a subordinate CA, and every other building on the campus in Testbed will have a subordinate CA.
4. Design the hierarchy with each remote office and building having it’s own enrollment CA.
5. Build a small test pilot program, to test the hierarchy, and integration with the existing network.
6. Implement the CA hierarchy in the executive office, and get all users acclimated to the system.
7. Implement the CA hierarchy in each other campus building in Testbed, and get all users acclimated to the system.
8. One at a time, implement the CA hierarchy in each remote office; again getting all users acclimated to the system.
9. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
10. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
B. You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps:
1. Draft a Certification Practice Statement (CPS) to define what users will be allowed to do with their certificates, and a Certificate Policy (CP) to define the technology used to ensure the users are able to use their certificates as per the CPS.
2. Draft a CPF based on your own guidelines, including physical and technology controls.
3. Design the system, outside of the executive office, to be a full hierarchy, with the Root CA for the hierarchy located in the executive building. Every remote office will have a subordinate CA, and every other building on the campus in Testbed will have a subordinate CA.
4. In the executive building, you design the system to be a mesh CA structure, with one CA per floor of the building.
5. Design the hierarchy with each remote office and building having it’s own enrollment CA.
6. Build a small test pilot program, to test the hierarchy, and integration with the existing network.
7. Implement the CA hierarchy in the executive office, and get all users acclimated to the system.
8. Implement the CA hierarchy in each other campus building in Testbed, and get all users acclimated to the system.
9. One at a time, implement the CA hierarchy in each remote office; again getting all users acclimated to the system.
10. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
11. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
C. You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps:
1. Draft a Certificate Policy (CP) document to define what users will be allowed to do with their certificates, and a Certification Practice Statement (CPS) document to define the technology used to ensure the users are able to use their certificates as per the CPS.
2. Draft a Certificate Practices Framework (CPF) document based on RFC 2527, including every primary component.
3. Design the system to be a full hierarchy, with the Root CA located in the executive building. Every remote office will have a subordinate CA, and every other building on the campus in Testbed will have a subordinate CA.
4. Design the hierarchy with each remote office and building having it’s own enrollment CA.
5. Build a small test pilot program, to test the hierarchy, and integration with the existing network.
6. Implement the CA hierarchy in the executive office, and get all users acclimated to the system.
7. Implement the CA hierarchy in each other campus building in Testbed, and get all users acclimated to the system.
8. One at a time, implement the CA hierarchy in each remote office; again getting all users acclimated to the system.
9. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
10. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
D. You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps:
1. Draft a Certificate Policy (CP) document to define what users will be allowed to do with their certificates, and a Certification Practice Statement (CPS) document to define the technology used to ensure the users are able to use their certificates as per the CPS.
2. Draft a Certificate Practices Framework (CPF) document based on RFC 2527, including every primary component.
3. Design the system to be a full mesh, with the Root CA located in the executive building.
4. Design the mesh with each remote office and building having it’s own Root CA.
5. Build a small test pilot program, to test the hierarchy, and integration with the existing network.
6. Implement the CA mesh in the executive office, and get all users acclimated to the system.
7. Implement the CA mesh in each other campus building in Testbed, and get all users acclimated to the system.
8. One at a time, implement the CA mesh in each remote office; again getting all users acclimated to the system.
9. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
10. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
E. You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps:
1. Draft a Certification Practice Statement (CPS) to define what users will be allowed to do with their certificates, and a Certificate Policy (CP) to define the technology used to ensure the users are able to use their certificates as per the CPS.
2. Draft a CPF based on your own guidelines, including physical and technology controls.
3. Design the system to be a full mesh, with the Root CA located in the executive building.
4. Design the mesh with each remote office and building having it’s own Root CA.
5. Build a small test pilot program, to test the hierarchy, and integration with the existing network.
6. Implement the CA mesh in the executive office, and get all users acclimated to the system.
7. Implement the CA mesh in each other campus building in Testbed, and get all users acclimated to the system.
8. One at a time, implement the CA mesh in each remote office; again getting all users acclimated to the system.
9. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
10. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
Answer: C

4. It has been quite some time since you were called in to address the network and security needs of MegaCorp. You feel good in what you have accomplished so far. You have been able to get MegaCorp to deal with their Security Policy issue, you have secured the router, added a firewall, added intrusion detection, hardened the Operating Systems, and more.
One thing you have not done however, is run active testing against the network from the outside. This next level of testing is the final step, you decide, in wrapping up this first stage of the new MegaCorp network and security system. You setup a meeting with the CEO to discuss.
"We have only one significant issue left to deal with here at MegaCorp," you begin. "We need some really solid testing of our network and our security systems."
"Sounds fine to me, don’t you do that all the time anyway? I mean, why meet about this?"
"Well, in this case, I’d like to ask to bring in outside help. Folks who specialize in this sort of thing. I can do some of it, but it is not my specialty, and the outside look in will be better and more independent from an outside team."
"What does that kind of thing cost, how long will it take?"
"It will cost a bit of money, it won’t be free, and with a network of our size, I think it can be done pretty quick. Once this is done and wrapped up, I will be resigning as the full time security and network pro here. I need to get back to my consulting company full time. Remember, this was not to be a permanent deal. I can help you with the interview, and this is the perfect time to wrap up that transition."
"All right, fair enough. Get me your initial project estimates, and then I can make a more complete decision. And, I’ll get HR on hiring a new person right away."
Later that afternoon you talk to the CEO and determine a budget for the testing. Once you get back to your office, you are calling different firms and consultants, and eventually you find a consulting group that you will work with.
A few days later you meet with the group in their office, and you describe what you are looking for, and that their contact and person to report to is you. They ask what is off limits, and your response is only that they cannot do anything illegal, to which they agree and point out is written in their agreement as well.
With this outside consulting group and your knowledge of the network and company, review and select the solution that will best provide for a complete test of the security of MegaCorp.}
A. The consulting group has identified the steps it will follow in testing the network. You have asked to be kept up to date, and given an approximate schedule of events. You intend to follow along with the test, with weekly reports.
The first thing the consultants will do is dumpster diving and physical surveillance, looking for clues as to user information and other secret data that should not be outside of the network. Once they have identified several targets through the dumpster diving, they will run scans to match up and identify the workstations for those users.
After identifying the user workstations, they will run vulnerability checks on the systems, to find holes, and if a hole is found they have been given permission to exploit the hole and gain access of the system.
They will attempt to gain access to the firewall and router remotely, via password guessing, and will test the response of the network to Denial of Service attacks. Finally, they will call into MegaCorp to see what information they can learn via social engineering.
B. The consulting group has identified the steps it will follow in testing the network. You have asked to be kept up to date, and given an approximate schedule of events. You intend to follow along with the test, with weekly reports.
The consultants will first run remote network surveillance to identify hosts, followed by port scans and both passive and active fingerprinting. They will then run vulnerability scanners on the identified systems, and attempt to exploit any found vulnerabilities. They will next scan and test the router and firewall, followed by testing of the IDS rules.
They will then perform physical surveillance and dumpster diving to learn additional information. This will be followed by password sniffing and cracking. Finally, they will call into MegaCorp to see what information they can learn via social engineering.
C. The consulting group has identified the steps it will follow in testing the network. You have asked to be kept up to date, and given an approximate schedule of events. You intend to follow along with the test, with weekly reports.
The consultants surprise you with their initial strategy. They intend to spend nearly 100% of their efforts over the first week on social engineering and other physical techniques, using little to no technology. They have gained access to the building as a maintenance crew, and will be coming into the office every night when employees are wrapping up for the day.
All of their testing will be done through physical contact and informal questioning of the employees. Once they finish that stage, they will run short and direct vulnerability scanners on the systems that they feel will present weakness.
D. The consulting group has identified the steps it will follow in testing the network. You have asked to be kept up to date, and given an approximate schedule of events. You intend to follow along with the test, with weekly reports.
The consultants have decided on a direct strategy. They will work inside the MegaCorp office, with the group introducing themselves to the employees. They will directly interview each employee, and perform extensive physical security checks of the network.
They will review and provide analysis on the security policy, and follow that with electronic testing. They will run a single very robust vulnerability scanner on every single client and server in the network, and document the findings of the scan.
E. The consulting group has identified the steps it will follow in testing the network. You have asked to be kept up to date, and given an approximate schedule of events. You intend to follow along with the test, with weekly reports.
The consultants will start the process with remote network surveillance, checking to see what systems and services are available remotely. They will run both passive and active fingerprinting on any identified system. They will run customized vulnerability scanners on the identified systems, and follow that through with exploits, including new zero-day exploits they have written themselves.
They will next run scans on the router, firewall, and intrusion detection, looking to identify operating systems and configurations of these devices. Once identified, they will run customized scripts to gain access to these devices. Once they complete the testing on the systems, they will dumpster dive to identify any leaked information.
Answer: B

5. for three years you have worked with MegaCorp doing occasional network and security consulting. MegaCorp is a small business that provides real estate listings and data to realtors in several of the surrounding states. The company is open for business Monday through Friday from 9 am to 6 pm, closed all evenings and weekends. Your work there has largely consisted of advice and planning, and you have been frequently disappointed by the lack of execution and follow through from the full time staff.
On Tuesday, you received a call from MegaCorp’s HR director, "Hello, I’d like to inform you that Red (the full time senior network administrator) is no longer with us, and we would like to know if you are interested in working with us full time."
You currently have no other main clients, so you reply, "Sure, when do you need me to get going?"
"Today," comes the fast and direct response. Too fast, you think.
"What is the urgency, why can’t this wait until tomorrow?"
"Red was let go, and he was not happy about it. We are worried that he might have done something to our network on the way out."
"OK, let me get some things ready, and I’ll be over there shortly."
You knew this would be messy when you came in, but you did have some advantage in that you already knew the network. You had recommended many changes in the past, none of which would be implemented by Red. While pulling together your laptop and other tools, you grab your notes which have an overview of the network:
MegaCorp network notes: Single Internet access point, T1, connected to MegaCorp Cisco router. Router has E1 to a private web and ftp server and E0 to the LAN switch. LAN switch has four servers, four printers, and 100 client machines. All the machines are running Windows 2000. Currently, they are having their primary web site and email hosted by an ISP in Illinois.
When you get to MegaCorp, the HR Director and the CEO, both of whom you already know, greet you. The CEO informs you that Red was let go due to difficult personality conflicts, among other reasons, and the termination was not cordial. You are to sign the proper employment papers, and get right on the job. You are given the rest of the day to get setup and running, but the company is quite concerned about the security of their network. Rightly so, you think, If these guys had implemented even half of my recommendations this would sure be easier.?You get your equipment setup in your new oversized office space, and get started. For the time you are working here, your IP Address is 10.10.50.23 with a mask of 16.
One of your first tasks is to examine the router’s configuration. You console into the router, issue a show running-config command, and get the following output:
MegaOne#show running-config
Building configuration?
Current configuration:
!
version 12.1
service udp-small-servers
service tcp-small-servers
!
hostname MegaOne
!
enable secret 5 $1$7BSK3$H394yewhJ45JAFEWU73747.
enable password clever
!
no ip name-server
no ip domain-lookup
ip routing
!
interface Ethernet0
no shutdown
ip address 2.3.57.50 255.255.255.0
no ip directed-broadcast
!
interface Ethernet1
no shutdown
ip 10.10.40.101 255.255.0.0
no ip directed-broadcast
!
interface Serial0
no shutdown
ip 1.20.30.23 255.255.255.0
no ip directed-broadcast
clockrate 1024000
bandwidth 1024
encapsulation hdlc
!
ip route 0.0.0.0 0.0.0.0 1.20.30.45
!
line console 0
exec-timeout 0 0
transport input all
line vty 0 4
password remote
login
!
end
After analysis of the network, you recommend that the router have a new configuration. Your goal is to make the router become part of your layered defense, and to be a system configured to help secure the network.
You talk to the CEO to get an idea of what the goals of the router should be in the new configuration. All your conversations are to go through the CEO; this is whom you also are to report to.
"OK, I suggest that the employees be strictly restricted to only the services that they must access on the Internet." You begin.
"I can understand that, but we have always had an open policy. I like the employees to feel comfortable, and not feel like we are watching over them all the time. Please leave the connection open so they can get to whatever they need to get to. We can always reevaluate this in an ongoing basis."
"OK, if you insist, but for the record I am opposed to that policy."
"Noted," responds the CEO, somewhat bluntly.
"All right, let’s see, the private web and ftp server have to be accessed by the Internet, restricted to the accounts on the server. We will continue to use the Illinois ISP to host our main web site and to host our email. What else, is there anything else that needs to be accessed from the Internet?"
"No, I think that’s it. We have a pretty simple network, we do everything in house."
"All right, we need to get a plan in place as well right away for a security policy. Can we set something up for tomorrow?" you ask.
"Let me see, I’ll get back to you later." With that the CEO leaves and you get to work.
Based on the information you have from MegaCorp; knowing that the router must be an integral part of the security of the organization, select the best solution to the organization’s router problem:}
A. You backup the current router config to a temp location on your laptop. Friday night, you come in to build the new router configuration. Using your knowledge of the network, and your conversation with the CEO, you build and implement the following router configuration:
MegaOne#configure terminal
MegaOne(config)#no cdp run
MegaOne(config)#no ip source-route
MegaOne(config)#no ip finger
MegaOne(config)#access-list 175 permit tcp any 2.3.57.60 0.0.0.0 eq 80
MegaOne(config)#access-list 175 permit tcp any 2.3.57.60 0.0.0.0 eq 20
MegaOne(config)#access-list 175 permit tcp any 2.3.57.60 0.0.0.0 eq 21
MegaOne(config)#access-list 175 permit tcp any 10.10.0.0 0.0.255.255 established
MegaOne(config)#access-list 175 deny ip 0.0.0.0 255.255.255.255 any
MegaOne(config)#access-list 175 deny ip 10.0.0.0 0.255.255.255 any
MegaOne(config)#access-list 175 deny ip 127.0.0.0 0.255.255.255 any
MegaOne(config)#access-list 175 deny ip 172.16.0.0 0.0.255.255 any
MegaOne(config)#access-list 175 deny ip 192.168.0.0 0.0.255.255 any
MegaOne(config)#access-list 175 permit ip any 10.10.0.0 0.0.255.255
MegaOne(config)#access-list 175 permit udp any 10.10.0.0 0.0.255.255
MegaOne(config)#access-list 175 permit icmp any 10.10.0.0 0.0.255.255
MegaOne(config)#interface serial 0
MegaOne(config-if)#ip access-group 175 in
MegaOne(config-if)#no ip directed broadcast
MegaOne(config-if)#no ip unreachables
MegaOne(config-if)#^Z
MegaOne#
B. You backup the current router config to a temp location on your laptop. Sunday night, you come in to build the new router configuration. Using your knowledge of the network, and your conversation with the CEO, you build and implement the following router configuration:
MegaOne#configure terminal
MegaOne(config)#access-list 175 permit tcp any 2.3.57.60 0.0.0.0 eq 80
MegaOne(config)#access-list 175 permit tcp any 2.3.57.60 0.0.0.0 eq 20
MegaOne(config)#access-list 175 permit tcp any 2.3.57.60 0.0.0.0 eq 21
MegaOne(config)#access-list 175 permit tcp any 10.10.0.0 0.0.255.255 established
MegaOne(config)#access-list 175 permit ip any 10.10.0.0 0.0.255.255
MegaOne(config)#access-list 175 permit udp any 10.10.0.0 0.0.255.255
MegaOne(config)#access-list 175 permit icmp any 10.10.0.0 0.0.255.255
MegaOne(config)#interface Ethernet 0
MegaOne(config-if)#ip access-group 175 in
MegaOne(config-if)#no cdp enable
MegaOne(config)#interface Ethernet 1
MegaOne(config-if)#ip access-group 175 in
MegaOne(config-if)#no cdp enable
MegaOne(config-if)#^Z
MegaOne#
C. You backup the current router config to a temp location on your laptop. Early Monday morning, you come in to build the new router configuration. Using your knowledge of the network, and your conversation with the CEO, you build and implement the following router configuration:
MegaOne#configure terminal
MegaOne(config)#access-list 175 permit tcp any 2.3.57.60 0.0.0.0 eq 80
MegaOne(config)#access-list 175 permit tcp any 2.3.57.60 0.0.0.0 eq 20
MegaOne(config)#access-list 175 permit tcp any 2.3.57.60 0.0.0.0 eq 21
MegaOne(config)#access-list 175 permit tcp any 10.10.0.0 0.0.255.255 established
MegaOne(config)#access-list 175 permit ip any 10.10.0.0 0.0.255.255
MegaOne(config)#access-list 175 permit udp any 10.10.0.0 0.0.255.255
MegaOne(config)#access-list 175 permit icmp any 10.10.0.0 0.0.255.255
MegaOne(config)#interface Serial 0
MegaOne(config-if)#ip access-group 175 in
MegaOne(config-if)#no cdp enable
MegaOne(config-if)#no ip directed broadcast
MegaOne(config-if)#no ip unreachables
MegaOne(config-if)#^Z
MegaOne#
D. As soon as the office closes Friday, you get to work on the new router configuration. Using your knowledge of the network, and your conversation with the CEO, you build and implement the following router configuration:
MegaOne#configure terminal
MegaOne(config)#access-list 175 permit tcp any 2.3.57.60 0.0.0.0 eq 80
MegaOne(config)#access-list 175 permit tcp any 2.3.57.60 0.0.0.0 eq 20
MegaOne(config)#access-list 175 permit tcp any 2.3.57.60 0.0.0.0 eq 21
MegaOne(config)#access-list 175 permit tcp any 10.10.0.0 0.0.255.255 established
MegaOne(config)#access-list 175 permit ip any 10.10.0.0 0.0.255.255
MegaOne(config)#access-list 175 permit udp any 10.10.0.0 0.0.255.255
MegaOne(config)#access-list 175 permit icmp any 10.10.0.0 0.0.255.255
MegaOne(config)#interface Ethernet 0
MegaOne(config-if)#ip access-group 175 in
MegaOne(config)#interface Ethernet 1
MegaOne(config-if)#ip access-group 175 in
MegaOne(config-if)#^Z
MegaOne#
E. With the office closed, you decide to build the new router configuration on Saturday. Using your knowledge of the network, and your conversation with the CEO, you build and implement the following router configuration:
MegaOne#configure terminal
MegaOne(config)#no cdp run
MegaOne(config)#access-list 175 permit tcp any 2.3.57.60 0.0.0.0 eq 80
MegaOne(config)#access-list 175 permit tcp any 2.3.57.60 0.0.0.0 eq 20
MegaOne(config)#access-list 175 permit tcp any 2.3.57.60 0.0.0.0 eq 21
MegaOne(config)#access-list 175 permit tcp any 10.10.0.0 0.0.255.255 established
MegaOne(config)#access-list 175 permit ip any 10.10.0.0 0.0.255.255
MegaOne(config)#access-list 175 permit udp any 10.10.0.0 0.0.255.255
MegaOne(config)#access-list 175 permit icmp any 10.10.0.0 0.0.255.255
MegaOne(config)#access-list 175 deny ip 0.0.0.0 255.255.255.255 any
MegaOne(config)#access-list 175 deny ip 10.0.0.0 0.255.255.255 any
MegaOne(config)#access-list 175 deny ip 127.0.0.0 0.255.255.255 any
MegaOne(config)#access-list 175 deny ip 172.16.0.0 0.0.255.255 any
MegaOne(config)#access-list 175 deny ip 192.168.0.0 0.0.255.255 any
MegaOne(config)#no ip source-route
MegaOne(config)#no ip finger
MegaOne(config)#interface serial 0
MegaOne(config-if)#ip access-group 175 in
MegaOne(config-if)#no ip directed broadcast
MegaOne(config-if)#no ip unreachables
MegaOne(config-if)#^Z
MegaOne#
Answer: A

Why choose just4cert SC0-502 braindumps

Quality and Value for the SC0-502 Exam
100% Guarantee to Pass Your SC0-502 Exam
Downloadable, Interactive SC0-502 Testing engines
Verified Answers Researched by Industry Experts
Drag and Drop questions as experienced in the Actual Exams
Practice Test Questions accompanied by exhibits
Our Practice Test Questions are backed by our 100% MONEY BACK GUARANTEE.

Just4cert SC0-502 Exam Features

Tactical Perimeter Defense braindumps free download

Free SC0-451 Demo Download

Just4cert offers free demo for SCP SCP Certification SC0-451 (Tactical Perimeter Defense). You can check out the interface, question quality and usability of our practice exams before you decide to buy it. We are the only one site can offer demo for almost all products.

Free SC0-451 pdf demo download!

SC0-451 exam Exam Description

It is well known that SC0-451 test is the hot exam of SCP certification. just4cert offer you all the Q&A of the SC0-451 real test . It is the examination of the perfect combination and it will help you pass SC0-451 exam at the first time!

　
　
Exam : SCP SC0-451
Title : Tactical Perimeter Defense

1. In order to perform promiscuous mode captures using the Wireshark capture tool on a Windows
Server 2003 machine, what must first be installed?
A. IPv4 stack
B. IPv6 stack
C. WinPcap
D. Nothing, it will capture by default
E. At least two network adapters
Answer: C

2. If you capture an 802.11 frame, and the ToDS bit is set to zero and the FromDS bit is set to zero, what type of WLAN is this frame a part of?
A. Mesh
B. Broadcast
C. Infrastructure
D. Hierarchical
E. Ad Hoc
Answer: E

3. You have implemented an IPSec policy, using only AH. You are analyzing your network traffic in Network Monitor, which of the following statements are true about your network traffic?
A. You will not be able to view the data in the packets, as it is encrypted.
B. You will not be able to identify the upper layer protocol.
C. You will be able to view the unencrypted data in the packets.
D. You will be able to identify the encryption algorithm in use.
E. You will not be able to view the packet header.
Answer: C

4. You are configuring the rules on your firewall, and need to take into consideration that some clients in the network are using automatic addressing. What is the IP address range reserved for internal use for APIPA in Microsoft networks?
A. 169.254.0.0 /4
B. 169.254.0.0 /16
C. 169.254.0.0 /8
D. 169.254.0.0 /0
E. 168.255.0.0 /16
Answer: B

5. The exhibit represents a simple routed network. Node 7 is a Windows 2000 Professional machine that establishes a TCP communication with Node 10, a Windows 2003 Server. The routers are Cisco 2500 series running IOS 12.
While working at Node 10, you run a packet capture. Packets received by Node 10, and sent from Node 7 will reveal which of the following combination of source IP and source Physical addresses:
<Missing>
A. Source IP address 10.0.10.115, Source Physical address for Node 7
B. Source IP address 50.0.50.1, Source Physical address for Node 7
C. Source IP address for Router D’s Int E0, Source Physical address for Node 7
D. Source IP address 10.0.10.115, Source Physical address Router D’s Int E0
E. Source IP addresses for both Nodes 7 and Router D’s Int E0, Source Physical address for both Nodes 7 and Router D’s Int E0.
Answer: D

Why choose just4cert SC0-451 braindumps

Quality and Value for the SC0-451 Exam
100% Guarantee to Pass Your SC0-451 Exam
Downloadable, Interactive SC0-451 Testing engines
Verified Answers Researched by Industry Experts
Drag and Drop questions as experienced in the Actual Exams
Practice Test Questions accompanied by exhibits
Our Practice Test Questions are backed by our 100% MONEY BACK GUARANTEE.

Just4cert SC0-451 Exam Features

Strategic Infrastructure Security braindumps free download

Free SC0-471 Demo Download

Just4cert offers free demo for SCP SCP Certification SC0-471 (Strategic Infrastructure Security). You can check out the interface, question quality and usability of our practice exams before you decide to buy it. We are the only one site can offer demo for almost all products.

Free SC0-471 pdf demo download!

SC0-471 exam Exam Description

It is well known that SC0-471 test is the hot exam of SCP certification. just4cert offer you all the Q&A of the SC0-471 real test . It is the examination of the perfect combination and it will help you pass SC0-471 exam at the first time!

　
　
Exam : SCP SC0-471
Title : Strategic Infrastructure Security

1. You are aware of the significance and security risk that Social Engineering plays on your company. Of the following Scenarios, select those that, just as described, represent potentially dangerous Social Engineering:
A. A writer from a local college newspapers calls and speaks to a network administrator. On the call the writer requests an interview about the current trends in technology and offers to invite the administrator to speak at a seminar.
B. An anonymous caller calls and wishes to speak with the receptionist. On the call the caller asks the receptionist the normal business hours that the organization is open to the public.
C. An anonymous caller calls and wishes to speak with the purchaser of IT hardware and software. On the call the caller lists several new products that the purchaser may be interested in evaluating. The caller asks for a time to come and visit to demonstrate the new products.
D. An email, sent by the Vice President of Sales and Marketing, is received by the Help Desk asking to reset the password of the VP of Sales and Marketing.
E. An email is received by the Chief Security Officer (CSO) about a possible upgrade coming from the ISP to a different brand of router. The CSO is asked for the current network’s configuration data and the emailer discusses the method, plan, and expected dates for the rollover to the new equipment.
Answer: DE

2. As per the guidelines in the ISO Security Policy standard, what is the purpose of the section on Physical and Environmental Security?
A. The objectives of this section are to avoid breaches of any criminal or civil law, statutory, regulatory or contractual obligations and of any security requirements, and to ensure compliance of systems with organizational security policies and standards.
B. The objectives of this section are to prevent unauthorized access, damage and interference to business premises and information; to prevent loss, damage or compromise of assets and interruption to business activities; to prevent compromise or theft of information and information processing facilities.
C. The objectives of this section are to provide management direction and support for information security.
D. The objectives of this section are to maintain appropriate protection of corporate assets and to ensure that information assets receive an appropriate level of protection.
E. The objectives of this section are to control access to information, to prevent unauthorized access to information systems, to ensure the protection of networked services, and to prevent unauthorized computer access.
Answer: B

3. During the review of the security logs you notice some unusual traffic. It seems that a user has connected to your Web site ten times in the last week, and each time has visited every single page on the site. You are concerned this may be leading up to some sort of attack. What is this user most likely getting ready to do?
A. Mirror the entire web site.
B. Download entire DNS entries.
C. Scan all ports on a web server.
D. Perform a Distributed Denial of Service attack through the Web server.
E. Allow users to log on to the Internet without an ISP.
Answer: A

4. During a one week investigation into the security of your network you work on identifying the information that is leaked to the Internet, either directly or indirectly. One thing you decide to evaluate is the information stored in the Whois lookup of your organizational website. Of the following, what pieces of information can be identified via this method?
A. Registrar
B. Mailing Address
C. Contact Name
D. Record Update
E. Network Addresses (Private)
Answer: ABCD

5. In the process of public key cryptography, which of the following is true?
A. Only the public key is used to encrypt and decrypt
B. Only the private key can encrypt and only the public key can decrypt
C. Only the public key can encrypt and only the private key can decrypt
D. The private key is used to encrypt and decrypt
E. If the public key encrypts, then only the private key can decrypt
Answer: E

Why choose just4cert SC0-471 braindumps

Quality and Value for the SC0-471 Exam
100% Guarantee to Pass Your SC0-471 Exam
Downloadable, Interactive SC0-471 Testing engines
Verified Answers Researched by Industry Experts
Drag and Drop questions as experienced in the Actual Exams
Practice Test Questions accompanied by exhibits
Our Practice Test Questions are backed by our 100% MONEY BACK GUARANTEE.

Just4cert SC0-471 Exam Features

Network Defense and Countermeasures (NDC) braindumps free download

Free SC0-402 Demo Download

Just4cert offers free demo for SCP SCP Certification SC0-402 (Network Defense and Countermeasures (NDC)). You can check out the interface, question quality and usability of our practice exams before you decide to buy it. We are the only one site can offer demo for almost all products.

Free SC0-402 pdf demo download!

SC0-402 exam Exam Description

It is well known that SC0-402 test is the hot exam of SCP certification. just4cert offer you all the Q&A of the SC0-402 real test . It is the examination of the perfect combination and it will help you pass SC0-402 exam at the first time!

　
　
Exam : SCP SC0-402
Title : Network Defense and Countermeasures (NDC)

1. You are configuring your new IDS machine, where you have recently installed Snort. While you are working with this machine, you wish to create some basic rules to test the ability to log traffic as you desire. Which of the following Snort rules will log any tcp traffic from any host other than 172.16.40.50 using any port, to any host in the 10.0.10.0/24 network using any port?
A. log udp ! 172.16.40.50/32 any -> 10.0.10.0/24 any
B. log tcp ! 172.16.40.50/32 any -> 10.0.10.0/24 any
C. log udp ! 172.16.40.50/32 any <> 10.0.10.0/24 any
D. log tcp ! 172.16.40.50/32 any <> 10.0.10.0/24 any
E. log tcp ! 172.16.40.50/32 any <- 10.0.10.0/24 any
Answer: B

2. What step in the process of Intrusion Detection as shown in the exhibit would determine if given alerts were part of a bigger intrusion, or would help discover infrequent attacks?
A. 5
B. 9
C. 12
D. 10
E. 4
Answer: C

3. You have found a user in your organization who has managed to gain access to a system that this user was not granted the right to use. This user has just provided you with a working example of which of the following?
A. Intrusion
B. Misuse
C. Intrusion detection
D. Misuse detection
E. Anomaly detection
Answer: A

4. You are examining a packet from an unknown host that was trying to ping one of your protected servers and notice that the packets it sent had an IPLen of 20 byes and DgmLen set to 60 bytes.
What type of operating system should you believe this packet came from?
A. Linux
B. SCO
C. Windows
D. Mac OSX
E. Netware
Answer: C

5. Choose the best 3 responses
You are creating the User Account section of your organizational security policy. From the following options, select the questions to use for the formation of this section?
A. Are users allowed to make copies of any operating system files (including, but not limited to /etc/passwd or the SAM)?
B. Who in the organization has the right to approve the request for new user accounts?
C. Are users allowed to have multiple accounts on a computer?
D. Are users allowed to share their user account with coworkers?
E. Are users required to use password-protected screensavers?
F. Are users allowed to modify files they do not own, but have write abilities?
Answer: BCD

Why choose just4cert SC0-402 braindumps

Quality and Value for the SC0-402 Exam
100% Guarantee to Pass Your SC0-402 Exam
Downloadable, Interactive SC0-402 Testing engines
Verified Answers Researched by Industry Experts
Drag and Drop questions as experienced in the Actual Exams
Practice Test Questions accompanied by exhibits
Our Practice Test Questions are backed by our 100% MONEY BACK GUARANTEE.

Just4cert SC0-402 Exam Features

Hardening the Infrastructure (HTI) braindumps free download

Free SC0-411 Demo Download

Just4cert offers free demo for SCP SCP Certification SC0-411 (Hardening the Infrastructure (HTI)). You can check out the interface, question quality and usability of our practice exams before you decide to buy it. We are the only one site can offer demo for almost all products.

Free SC0-411 pdf demo download!

SC0-411 exam Exam Description

It is well known that SC0-411 test is the hot exam of SCP certification. just4cert offer you all the Q&A of the SC0-411 real test . It is the examination of the perfect combination and it will help you pass SC0-411 exam at the first time!

　
　
Exam : SCP SC0-411
Title : Hardening the Infrastructure (HTI)

1. You have recently installed an Apache Web server on a Red Hat Linux machine. When you return from lunch, you find that a colleague has made a few configuration changes. One thing you notice is a .htpasswd file. What is the function of this file?
A. It is a copy of the /etc/passwd file for Web access
B. It is a copy of the etc/shadow file for Web access
C. It is a listing of all anonymous users to the Web server
D. It is a listing of http users and passwords for authentication
E. It is a database file that can be pulled remotely via a web interface to identify currently logged in users.
Answer: D

2. In order to perform promiscuous mode captures using the Ethereal capture tool on a Windows 2000 machine, what must first be installed?
A. IPv4 stack
B. IPv6 stack
C. WinPcap
D. Nothing, it will capture by default
E. At least two network adapters
Answer: C

3. Select the best 3 answers
The exhibit shows a router with three interfaces E0, E1 and S0. Interfaces E0 and E1 are connected to internal networks 192.168.10.0 and 192.168.20.0 respectively and interface S0 is connected to the Internet.
The objective is to allow two hosts, 192.168.20.16 and 192.168.10.7 access to the Internet while all other hosts are to be denied Internet access. All hosts on network 192.168.10.0 and 192.168.20.0 must be allowed to access resources on both internal networks. From the following, select all the access list statements that are required to make this possible.
A. access-list 53 permit 192.168.20.16 0.0.0.0
B. access-list 80 permit 192.168.20.16 0.0.0.0
C. access-list 53 deny 0.0.0.0 255.255.255.255
D. access-list 80 permit 192.168.10.7 0.0.0.0
E. int S0, ip access-group 53 out
F. int S0, ip access-group 80 out
Answer: BDF

4. Select the best 2 answers
You are configuring the Access Lists for your new Cisco Router. The following are the commands that are entered into the router for the list configuration.
Based on this configuration, and using the exhibit, select the answers that identify what the list will accomplish.
A. Permit network 10.10.10.0 to access NNTP on the Internet
B. Permit network 10.10.10.0 to access NNTP on network 10.10.11.0
C. Permit network 10.10.10.0 to access NNTP on network 10.10.12.0
D. Deny network 10.10.10.0 to access Internet WWW sites
E. Permit network 10.10.10.0 to access Internet WWW sites
Answer: AE

5. Select the best 2 answers
If an attacker uses a program that sends thousands of email messages to every user of the network, some of them with over 50MB attachments. What are the possible consequences to the email server in the network?
A. Server hard disk can fill to capacity
B. Client hard disks can fill to capacity
C. Server can completely crash
D. Network bandwidth can be used up
E. Clients cannot receive new email messages
Answer: AC

Why choose just4cert SC0-411 braindumps

Quality and Value for the SC0-411 Exam
100% Guarantee to Pass Your SC0-411 Exam
Downloadable, Interactive SC0-411 Testing engines
Verified Answers Researched by Industry Experts
Drag and Drop questions as experienced in the Actual Exams
Practice Test Questions accompanied by exhibits
Our Practice Test Questions are backed by our 100% MONEY BACK GUARANTEE.

Just4cert SC0-411 Exam Features

Tactical Perimeter Defense braindumps free download

Free SC0-451 Demo Download

just4cert offers free demo for SCP certification SC0-451 (Tactical Perimeter Defense). You can check out the interface, question quality and usability of our practice exams before you decide to buy it. We are the only one site can offer demo for almost all products.

Download SC0-451 PDF Demo

Why choose just4cert SC0-451 braindumps

Quality and Value for the SC0-451 Exam
100% Guarantee to Pass Your SC0-451 Exam
Downloadable, Interactive SC0-451 Testing engines
Verified Answers Researched by Industry Experts
Drag and Drop questions as experienced in the Actual Exams
Practice Test Questions accompanied by exhibits
Our Practice Test Questions are backed by our 100% MONEY BACK GUARANTEE.

SC0-451 free demo:

　
　
Exam : SCP SC0-451
Title : Tactical Perimeter Defense

1. If you capture an 802.11 frame, and the ToDS bit is set to zero and the FromDS bit is set to zero, what type of WLAN is this frame a part of?
A. Mesh
B. Broadcast
C. Infrastructure
D. Hierarchical
E. Ad Hoc
Answer: E

2. You are configuring the rules on your firewall, and need to take into consideration that some clients in the network are using automatic addressing. What is the IP address range reserved for internal use for APIPA in Microsoft networks?
A. 169.254.0.0 /4
B. 169.254.0.0 /16
C. 169.254.0.0 /8
D. 169.254.0.0 /0
E. 168.255.0.0 /16
Answer: B

3. You have just installed a new Intrusion Detection System in your network. You are concerned that there are functions this system will not be able to perform. What is a reason an IDS cannot manage hardware failures?
A. The IDS can only manage RAID 5 failures.
B. The IDS cannot be programmed to receive SNMP alert messages.
C. The IDS cannot be programmed to receive SNMP trap messages.
D. The IDS cannot be programmed to respond to hardware failures.
E. The IDS can only inform you that an event happened.
Answer: E

4. For the new Snort rules you are building, it will be required to have Snort examine inside the content of the packet. Which keyword is used to tell Snort to ignore a defined number of bytes before looking inside the packet for a content match?
A. Depth
B. Offset
C. Nocase
D. Flow_Control
E. Classtype
Answer: B

5. At a policy meeting you have been given the task of creating the firewall policy. What are the two basic positions you can take when creating the policy?
A. To deny all traffic and permit only that which is required.
B. To permit only IP traffic and filter TCP traffic
C. To permit only TCP traffic and filter IP traffic
D. To permit all traffic and deny that which is required.
E. To include your internal IP address as blocked from incoming to prevent spoofing.
Answer: AD

6. In order to perform promiscuous mode captures using the Wireshark capture tool on a Windows
Server 2003 machine, what must first be installed?
A. IPv4 stack
B. IPv6 stack
C. WinPcap
D. Nothing, it will capture by default
E. At least two network adapters
Answer: C

7. You are planning on implementing a token-based authentication system in your network. The network currently is spread out over four floors of your building. There are plans to add three branch offices. During your research you are analyzing the different types of systems. Which of the following are the two common systems token-based authentication uses?
A. Challenge/Response
B. Random-code
C. Time-based
D. Challenge/Handshake
E. Password-Synch
Answer: AC

8. You have implemented an IPSec policy, using only AH. You are analyzing your network traffic in Network Monitor, which of the following statements are true about your network traffic?
A. You will not be able to view the data in the packets, as it is encrypted.
B. You will not be able to identify the upper layer protocol.
C. You will be able to view the unencrypted data in the packets.
D. You will be able to identify the encryption algorithm in use.
E. You will not be able to view the packet header.
Answer: C

9. The exhibit represents a simple routed network. Node 7 is a Windows 2000 Professional machine that establishes a TCP communication with Node 10, a Windows 2003 Server. The routers are Cisco 2500 series running IOS 12.
While working at Node 10, you run a packet capture. Packets received by Node 10, and sent from Node 7 will reveal which of the following combination of source IP and source Physical addresses:
<Missing>
A. Source IP address 10.0.10.115, Source Physical address for Node 7
B. Source IP address 50.0.50.1, Source Physical address for Node 7
C. Source IP address for Router D’s Int E0, Source Physical address for Node 7
D. Source IP address 10.0.10.115, Source Physical address Router D’s Int E0
E. Source IP addresses for both Nodes 7 and Router D’s Int E0, Source Physical address for both Nodes 7 and Router D’s Int E0.
Answer: D

10. During your review of the logs of your Cisco router, you see the following line. What is the meaning of this line?
%SYS-5-CONFIG_I: Configured from console by vty1 (172.16.10.1)
A. A normal, but noteworthy event
B. An informative message
C. A warning condition has occurred
D. A debugging message
E. An error condition has occurred
Answer: A

11. You have recently taken over the security of a mid-sized network. You are reviewing the current configuration of the IPTables firewall, and notice the following rule:
ipchains -A input -p TCP -d 0.0.0.0/0 12345 -j DENY
What is the function of this rule?
A. This rule for the output chain states that all incoming packets from any host to port 12345 are to be denied.
B. This rule for the input chain states that all incoming packets from any host to port 12345 are to be denied.
C. This rule for the input chain states that any TCP traffic from any address destined for any IP address and to port 12345 is to be denied.
D. This rule for the output chain states that any TCP traffic from any address destined for any IP address and to port 12345 is to be denied.
E. This rule for the input chain states that all TCP packets inbound from any network destined to any network is to be denied for ports 1, 2, 3, 4, and 5.
Answer: C

12. There are several options available to you for your new wireless networking technologies, and you are examining how different systems function. What transmission system uses short bursts combined together as a channel?
A. Frequency Hopping Spread Spectrum (FHSS)
B. Direct Sequence Spread Spectrum (DSSS)
C. Lamar Anthell Transmission (LAT)
D. Digital Band Hopping (DBH)
E. Digital Channel Hopping (DCH)
Answer: A

The Solution Exam braindumps free download

Free SC0-502 Demo Download

just4cert offers free demo for SCP certification SC0-502 (The Solution Exam). You can check out the interface, question quality and usability of our practice exams before you decide to buy it. We are the only one site can offer demo for almost all products.

Download SC0-502 PDF Demo

Why choose just4cert SC0-502 braindumps

Quality and Value for the SC0-502 Exam
100% Guarantee to Pass Your SC0-502 Exam
Downloadable, Interactive SC0-502 Testing engines
Verified Answers Researched by Industry Experts
Drag and Drop questions as experienced in the Actual Exams
Practice Test Questions accompanied by exhibits
Our Practice Test Questions are backed by our 100% MONEY BACK GUARANTEE.

SC0-502 free demo:

　
　
Exam : SCP SC0-502
Title : The Solution Exam

1. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
B. You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps:
1. Draft a Certification Practice Statement (CPS) to define what users will be allowed to do with their certificates, and a Certificate Policy (CP) to define the technology used to ensure the users are able to use their certificates as per the CPS.
2. Draft a CPF based on your own guidelines, including physical and technology controls.
3. Design the system, outside of the executive office, to be a full hierarchy, with the Root CA for the hierarchy located in the executive building. Every remote office will have a subordinate CA, and every other building on the campus in Testbed will have a subordinate CA.
4. In the executive building, you design the system to be a mesh CA structure, with one CA per floor of the building.
5. Design the hierarchy with each remote office and building having it’s own enrollment CA.
6. Build a small test pilot program, to test the hierarchy, and integration with the existing network.
7. Implement the CA hierarchy in the executive office, and get all users acclimated to the system.
8. Implement the CA hierarchy in each other campus building in Testbed, and get all users acclimated to the system.
9. One at a time, implement the CA hierarchy in each remote office; again getting all users acclimated to the system.
10. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
11. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
C. You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps:
1. Draft a Certificate Policy (CP) document to define what users will be allowed to do with their certificates, and a Certification Practice Statement (CPS) document to define the technology used to ensure the users are able to use their certificates as per the CPS.
2. Draft a Certificate Practices Framework (CPF) document based on RFC 2527, including every primary component.
3. Design the system to be a full hierarchy, with the Root CA located in the executive building. Every remote office will have a subordinate CA, and every other building on the campus in Testbed will have a subordinate CA.
4. Design the hierarchy with each remote office and building having it’s own enrollment CA.
5. Build a small test pilot program, to test the hierarchy, and integration with the existing network.
6. Implement the CA hierarchy in the executive office, and get all users acclimated to the system.
7. Implement the CA hierarchy in each other campus building in Testbed, and get all users acclimated to the system.
8. One at a time, implement the CA hierarchy in each remote office; again getting all users acclimated to the system.
9. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
10. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
D. You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps:
1. Draft a Certificate Policy (CP) document to define what users will be allowed to do with their certificates, and a Certification Practice Statement (CPS) document to define the technology used to ensure the users are able to use their certificates as per the CPS.
2. Draft a Certificate Practices Framework (CPF) document based on RFC 2527, including every primary component.
3. Design the system to be a full mesh, with the Root CA located in the executive building.
4. Design the mesh with each remote office and building having it’s own Root CA.
5. Build a small test pilot program, to test the hierarchy, and integration with the existing network.
6. Implement the CA mesh in the executive office, and get all users acclimated to the system.
7. Implement the CA mesh in each other campus building in Testbed, and get all users acclimated to the system.
8. One at a time, implement the CA mesh in each remote office; again getting all users acclimated to the system.
9. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
10. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
E. You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps:
1. Draft a Certification Practice Statement (CPS) to define what users will be allowed to do with their certificates, and a Certificate Policy (CP) to define the technology used to ensure the users are able to use their certificates as per the CPS.
2. Draft a CPF based on your own guidelines, including physical and technology controls.
3. Design the system to be a full mesh, with the Root CA located in the executive building.
4. Design the mesh with each remote office and building having it’s own Root CA.
5. Build a small test pilot program, to test the hierarchy, and integration with the existing network.
6. Implement the CA mesh in the executive office, and get all users acclimated to the system.
7. Implement the CA mesh in each other campus building in Testbed, and get all users acclimated to the system.
8. One at a time, implement the CA mesh in each remote office; again getting all users acclimated to the system.
9. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
10. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
Answer: C

2. Implement the CA hierarchy in each other campus building in Testbed, and get all users acclimated to the system.
8. One at a time, implement the CA hierarchy in each remote office; again getting all users acclimated to the system.
9. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
10. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
B. You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps:
1. Draft a Certification Practice Statement (CPS) to define what users will be allowed to do with their certificates, and a Certificate Policy (CP) to define the technology used to ensure the users are able to use their certificates as per the CPS.
2. Draft a CPF based on your own guidelines, including physical and technology controls.
3. Design the system, outside of the executive office, to be a full hierarchy, with the Root CA for the hierarchy located in the executive building. Every remote office will have a subordinate CA, and every other building on the campus in Testbed will have a subordinate CA.
4. In the executive building, you design the system to be a mesh CA structure, with one CA per floor of the building.
5. Design the hierarchy with each remote office and building having it’s own enrollment CA.
6. Build a small test pilot program, to test the hierarchy, and integration with the existing network.
7. Implement the CA hierarchy in the executive office, and get all users acclimated to the system.
8. Implement the CA hierarchy in each other campus building in Testbed, and get all users acclimated to the system.
9. One at a time, implement the CA hierarchy in each remote office; again getting all users acclimated to the system.
10. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
11. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
C. You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps:
1. Draft a Certificate Policy (CP) document to define what users will be allowed to do with their certificates, and a Certification Practice Statement (CPS) document to define the technology used to ensure the users are able to use their certificates as per the CPS.
2. Draft a Certificate Practices Framework (CPF) document based on RFC 2527, including every primary component.
3. Design the system to be a full hierarchy, with the Root CA located in the executive building. Every remote office will have a subordinate CA, and every other building on the campus in Testbed will have a subordinate CA.
4. Design the hierarchy with each remote office and building having it’s own enrollment CA.
5. Build a small test pilot program, to test the hierarchy, and integration with the existing network.
6. Implement the CA hierarchy in the executive office, and get all users acclimated to the system.
7. Implement the CA hierarchy in each other campus building in Testbed, and get all users acclimated to the system.
8. One at a time, implement the CA hierarchy in each remote office; again getting all users acclimated to the system.
9. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
10. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
D. You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps:
1. Draft a Certificate Policy (CP) document to define what users will be allowed to do with their certificates, and a Certification Practice Statement (CPS) document to define the technology used to ensure the users are able to use their certificates as per the CPS.
2. Draft a Certificate Practices Framework (CPF) document based on RFC 2527, including every primary component.
3. Design the system to be a full mesh, with the Root CA located in the executive building.
4. Design the mesh with each remote office and building having it’s own Root CA.
5. Build a small test pilot program, to test the hierarchy, and integration with the existing network.
6. Implement the CA mesh in the executive office, and get all users acclimated to the system.
7. Implement the CA mesh in each other campus building in Testbed, and get all users acclimated to the system.
8. One at a time, implement the CA mesh in each remote office; again getting all users acclimated to the system.
9. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
10. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
E. You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps:
1. Draft a Certification Practice Statement (CPS) to define what users will be allowed to do with their certificates, and a Certificate Policy (CP) to define the technology used to ensure the users are able to use their certificates as per the CPS.
2. Draft a CPF based on your own guidelines, including physical and technology controls.
3. Design the system to be a full mesh, with the Root CA located in the executive building.
4. Design the mesh with each remote office and building having it’s own Root CA.
5. Build a small test pilot program, to test the hierarchy, and integration with the existing network.
6. Implement the CA mesh in the executive office, and get all users acclimated to the system.
7. Implement the CA mesh in each other campus building in Testbed, and get all users acclimated to the system.
8. One at a time, implement the CA mesh in each remote office; again getting all users acclimated to the system.
9. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
10. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
Answer: C

3. Now that you have MegaCorp somewhat under control, you are getting ready to go home for the night. You have made good progress on the network recently, and things seem to be going smoothly. On your way out, you stop by the CEO’s office and say good night. You are told that you will be meeting in the morning, so try to get in a few minutes early.
The next morning, you get to the office 20 minutes earlier than normal, and the CEO stops by your office, "Thanks for coming in a bit early. No problem really, I just wanted to discuss with you a current need we have with the network."
"OK, go right ahead." You know the network pretty well by now, and are ready for whatever is thrown your way.
"We are hiring 5 new salespeople, and they will all be working from home or on the road. I want to be sure that the network stays safe, and that they can get access no matter where they are."
"Not a problem," you reply. "I’ll get the plan for this done right away."
"Thanks a lot, if you have any questions for me, just let me know."
You are relieved that there was not a major problem and do some background work for integrating the new remote users. After talking with the CEO more, you find out that the users will be working from there home nearly all the time, with very little access from on the road locations.
The remote users are all using Windows 2000 Professional, and will be part of the domain. The CEO has purchased all the remote users brand new Compaq laptops, just like the one used in the CEO’s office, and which the CEO takes home each night; complete with DVDCD-burner drives, built-in WNICs, 17" LCD widescreen displays, oversized hard drives, a gig of memory, and fast processing. I wish I was on the road to get one of those,?you think.
You start planning and decide that you will implement a new VPN Server next to the Web and FTP Server. You are going to assign the remote users IP Addresses: 10.10.60.100~10.10.60.105, and will configure the systems to run Windows 2000 Professional.
Based on this information, and your knowledge of the MegaCorp network up to this point, choose the best solution for the secure remote user needs:}
A. You begin with configuring the VPN server, which is running Windows 2000 Server. You create five new accounts on that system, granting each of them the Allow Virtual Private Connections right in Active Directory Users and Computers. You then configure the range of IP Addresses to provide to the clients as: 10.10.60.100 through 10.10.60.105. Next, you configure five IPSec Tunnel endpoints on the server, each to use L2TP as the protocol.
Then, you configure the clients. On each system, you configure a shortcut on the desktop to use to connect to the VPN. The shortcut is configured to create an L2TP IPSec tunnel to the VPN server. The connection itself is configured to exchange keys with the user’s ISP to create a tunnel between the user’s ISP endpoint and the MegaCorp VPN Server.
B. To start the project, you first work on the laptops you have been given. On each laptop, you configure the system to make a single Internet connection to the user’s ISP. Next, you configure a shortcut on the desktop for the VPN connection. You design the connection to use L2TP, with port filtering on outbound UDP 500 and UDP 1701. When a user double-clicks the desktop icon you have it configured to make an automatic tunnel to the VPN server.
On the VPN server, you configure the system to use L2TP with port filtering on inbound UDP 500 and UDP 1701. You create a static pool of assigned IP Address reservations for the five remote clients. You configure automatic redirection on the VPN server in the routing and remote access MMC, so once the client has connected to the VPN server, he or she will automatically be redirected to the inside network, with all resources available in his or her Network Neighborhood.
C. You configure the VPN clients first, by installing the VPN High Encryption Service Pack. With this installed, you configure the clients to use RSA, with 1024-bit keys. You configure a shortcut on the desktop that automatically uses the privatepublic key pair to communicate with the VPN Server, regardless of where the user is locally connected.
On the VPN Server, you also install the VPN High Encryption Service Pack, and configure 1024-bit RSA encryption. You create five new user accounts, and grant them all remote access rights, using Active Directory Sites and Services. You configure the VPN service to send the server’s public key to the remote users upon the request to configure the tunnel. Once the request is made, the VPN server will build the tunnel, from the server side, to the client.
D. You decide to start the configuration on the VPN clients. You create a shortcut on the desktop to connect to the VPN Server. Your design is such that the user will simply double-click the shortcut and the client will make the VPN connection to the server, using PPTP. You do not configure any filters on the VPN client systems.
On the VPN Server, you first configure routing and remote access for the new accounts and allow them to have Dial-In access. You then configure a static IP Address pool for the five remote users. Next, you configure the remote access policy to grant remote access, and you implement the following PPTP filtering:
Inbound Protocol 47 (GRE) allowed
Inbound TCP source port 0, destination port 1723 allowed
Inbound TCP source port 520, destination port 520 allowed
Outbound Protocol 47 (GRE) allowed
Outbound TCP source port 1723, destination port 0 allowed
Outbound TCP source port 520, destination port 520 allowed
E. You choose to configure the VPN server first, by installing the VPN High Encryption Service Pack and the HISECVPN.INF built-in security template through the Security Configuration and Analysis Snap-In. Once the Service pack and template are installed, you configure five user accounts and a static pool of IP Addresses for each account.
You then configure the PPTP service on the VPN server, without using inbound or outbound filters ?due to the protection of the Service Pack. You grant each user the right to dial into the server remotely, and move on to the laptops.
On each laptop, you install the VPN High Encryption Service Pack, to bring the security level of the laptops up to the same level as the VPN server. You then configure a shortcut on each desktop that controls the direct transport VPN connection from the client to the server.
Answer: D

4. Implement the CA hierarchy in the executive office, and get all users acclimated to the system.
7. Implement the CA hierarchy in each other campus building in Testbed, and get all users acclimated to the system.
8. One at a time, implement the CA hierarchy in each remote office; again getting all users acclimated to the system.
9. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
10. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
B. You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps:
1. Draft a Certification Practice Statement (CPS) to define what users will be allowed to do with their certificates, and a Certificate Policy (CP) to define the technology used to ensure the users are able to use their certificates as per the CPS.
2. Draft a CPF based on your own guidelines, including physical and technology controls.
3. Design the system, outside of the executive office, to be a full hierarchy, with the Root CA for the hierarchy located in the executive building. Every remote office will have a subordinate CA, and every other building on the campus in Testbed will have a subordinate CA.
4. In the executive building, you design the system to be a mesh CA structure, with one CA per floor of the building.
5. Design the hierarchy with each remote office and building having it’s own enrollment CA.
6. Build a small test pilot program, to test the hierarchy, and integration with the existing network.
7. Implement the CA hierarchy in the executive office, and get all users acclimated to the system.
8. Implement the CA hierarchy in each other campus building in Testbed, and get all users acclimated to the system.
9. One at a time, implement the CA hierarchy in each remote office; again getting all users acclimated to the system.
10. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
11. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
C. You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps:
1. Draft a Certificate Policy (CP) document to define what users will be allowed to do with their certificates, and a Certification Practice Statement (CPS) document to define the technology used to ensure the users are able to use their certificates as per the CPS.
2. Draft a Certificate Practices Framework (CPF) document based on RFC 2527, including every primary component.
3. Design the system to be a full hierarchy, with the Root CA located in the executive building. Every remote office will have a subordinate CA, and every other building on the campus in Testbed will have a subordinate CA.
4. Design the hierarchy with each remote office and building having it’s own enrollment CA.
5. Build a small test pilot program, to test the hierarchy, and integration with the existing network.
6. Implement the CA hierarchy in the executive office, and get all users acclimated to the system.
7. Implement the CA hierarchy in each other campus building in Testbed, and get all users acclimated to the system.
8. One at a time, implement the CA hierarchy in each remote office; again getting all users acclimated to the system.
9. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
10. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
D. You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps:
1. Draft a Certificate Policy (CP) document to define what users will be allowed to do with their certificates, and a Certification Practice Statement (CPS) document to define the technology used to ensure the users are able to use their certificates as per the CPS.
2. Draft a Certificate Practices Framework (CPF) document based on RFC 2527, including every primary component.
3. Design the system to be a full mesh, with the Root CA located in the executive building.
4. Design the mesh with each remote office and building having it’s own Root CA.
5. Build a small test pilot program, to test the hierarchy, and integration with the existing network.
6. Implement the CA mesh in the executive office, and get all users acclimated to the system.
7. Implement the CA mesh in each other campus building in Testbed, and get all users acclimated to the system.
8. One at a time, implement the CA mesh in each remote office; again getting all users acclimated to the system.
9. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
10. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
E. You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps:
1. Draft a Certification Practice Statement (CPS) to define what users will be allowed to do with their certificates, and a Certificate Policy (CP) to define the technology used to ensure the users are able to use their certificates as per the CPS.
2. Draft a CPF based on your own guidelines, including physical and technology controls.
3. Design the system to be a full mesh, with the Root CA located in the executive building.
4. Design the mesh with each remote office and building having it’s own Root CA.
5. Build a small test pilot program, to test the hierarchy, and integration with the existing network.
6. Implement the CA mesh in the executive office, and get all users acclimated to the system.
7. Implement the CA mesh in each other campus building in Testbed, and get all users acclimated to the system.
8. One at a time, implement the CA mesh in each remote office; again getting all users acclimated to the system.
9. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
10. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
Answer: C

5. One at a time, implement the CA hierarchy in each remote office; again getting all users acclimated to the system.
9. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
10. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
B. You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps:
1. Draft a Certification Practice Statement (CPS) to define what users will be allowed to do with their certificates, and a Certificate Policy (CP) to define the technology used to ensure the users are able to use their certificates as per the CPS.
2. Draft a CPF based on your own guidelines, including physical and technology controls.
3. Design the system, outside of the executive office, to be a full hierarchy, with the Root CA for the hierarchy located in the executive building. Every remote office will have a subordinate CA, and every other building on the campus in Testbed will have a subordinate CA.
4. In the executive building, you design the system to be a mesh CA structure, with one CA per floor of the building.
5. Design the hierarchy with each remote office and building having it’s own enrollment CA.
6. Build a small test pilot program, to test the hierarchy, and integration with the existing network.
7. Implement the CA hierarchy in the executive office, and get all users acclimated to the system.
8. Implement the CA hierarchy in each other campus building in Testbed, and get all users acclimated to the system.
9. One at a time, implement the CA hierarchy in each remote office; again getting all users acclimated to the system.
10. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
11. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
C. You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps:
1. Draft a Certificate Policy (CP) document to define what users will be allowed to do with their certificates, and a Certification Practice Statement (CPS) document to define the technology used to ensure the users are able to use their certificates as per the CPS.
2. Draft a Certificate Practices Framework (CPF) document based on RFC 2527, including every primary component.
3. Design the system to be a full hierarchy, with the Root CA located in the executive building. Every remote office will have a subordinate CA, and every other building on the campus in Testbed will have a subordinate CA.
4. Design the hierarchy with each remote office and building having it’s own enrollment CA.
5. Build a small test pilot program, to test the hierarchy, and integration with the existing network.
6. Implement the CA hierarchy in the executive office, and get all users acclimated to the system.
7. Implement the CA hierarchy in each other campus building in Testbed, and get all users acclimated to the system.
8. One at a time, implement the CA hierarchy in each remote office; again getting all users acclimated to the system.
9. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
10. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
D. You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps:
1. Draft a Certificate Policy (CP) document to define what users will be allowed to do with their certificates, and a Certification Practice Statement (CPS) document to define the technology used to ensure the users are able to use their certificates as per the CPS.
2. Draft a Certificate Practices Framework (CPF) document based on RFC 2527, including every primary component.
3. Design the system to be a full mesh, with the Root CA located in the executive building.
4. Design the mesh with each remote office and building having it’s own Root CA.
5. Build a small test pilot program, to test the hierarchy, and integration with the existing network.
6. Implement the CA mesh in the executive office, and get all users acclimated to the system.
7. Implement the CA mesh in each other campus building in Testbed, and get all users acclimated to the system.
8. One at a time, implement the CA mesh in each remote office; again getting all users acclimated to the system.
9. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
10. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
E. You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps:
1. Draft a Certification Practice Statement (CPS) to define what users will be allowed to do with their certificates, and a Certificate Policy (CP) to define the technology used to ensure the users are able to use their certificates as per the CPS.
2. Draft a CPF based on your own guidelines, including physical and technology controls.
3. Design the system to be a full mesh, with the Root CA located in the executive building.
4. Design the mesh with each remote office and building having it’s own Root CA.
5. Build a small test pilot program, to test the hierarchy, and integration with the existing network.
6. Implement the CA mesh in the executive office, and get all users acclimated to the system.
7. Implement the CA mesh in each other campus building in Testbed, and get all users acclimated to the system.
8. One at a time, implement the CA mesh in each remote office; again getting all users acclimated to the system.
9. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
10. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
Answer: C

6. It has been quite some time since you were called in to address the network and security needs of MegaCorp. You feel good in what you have accomplished so far. You have been able to get MegaCorp to deal with their Security Policy issue, you have secured the router, added a firewall, added intrusion detection, hardened the Operating Systems, and more.
One thing you have not done however, is run active testing against the network from the outside. This next level of testing is the final step, you decide, in wrapping up this first stage of the new MegaCorp network and security system. You setup a meeting with the CEO to discuss.
"We have only one significant issue left to deal with here at MegaCorp," you begin. "We need some really solid testing of our network and our security systems."
"Sounds fine to me, don’t you do that all the time anyway? I mean, why meet about this?"
"Well, in this case, I’d like to ask to bring in outside help. Folks who specialize in this sort of thing. I can do some of it, but it is not my specialty, and the outside look in will be better and more independent from an outside team."
"What does that kind of thing cost, how long will it take?"
"It will cost a bit of money, it won’t be free, and with a network of our size, I think it can be done pretty quick. Once this is done and wrapped up, I will be resigning as the full time security and network pro here. I need to get back to my consulting company full time. Remember, this was not to be a permanent deal. I can help you with the interview, and this is the perfect time to wrap up that transition."
"All right, fair enough. Get me your initial project estimates, and then I can make a more complete decision. And, I’ll get HR on hiring a new person right away."
Later that afternoon you talk to the CEO and determine a budget for the testing. Once you get back to your office, you are calling different firms and consultants, and eventually you find a consulting group that you will work with.
A few days later you meet with the group in their office, and you describe what you are looking for, and that their contact and person to report to is you. They ask what is off limits, and your response is only that they cannot do anything illegal, to which they agree and point out is written in their agreement as well.
With this outside consulting group and your knowledge of the network and company, review and select the solution that will best provide for a complete test of the security of MegaCorp.}
A. The consulting group has identified the steps it will follow in testing the network. You have asked to be kept up to date, and given an approximate schedule of events. You intend to follow along with the test, with weekly reports.
The first thing the consultants will do is dumpster diving and physical surveillance, looking for clues as to user information and other secret data that should not be outside of the network. Once they have identified several targets through the dumpster diving, they will run scans to match up and identify the workstations for those users.
After identifying the user workstations, they will run vulnerability checks on the systems, to find holes, and if a hole is found they have been given permission to exploit the hole and gain access of the system.
They will attempt to gain access to the firewall and router remotely, via password guessing, and will test the response of the network to Denial of Service attacks. Finally, they will call into MegaCorp to see what information they can learn via social engineering.
B. The consulting group has identified the steps it will follow in testing the network. You have asked to be kept up to date, and given an approximate schedule of events. You intend to follow along with the test, with weekly reports.
The consultants will first run remote network surveillance to identify hosts, followed by port scans and both passive and active fingerprinting. They will then run vulnerability scanners on the identified systems, and attempt to exploit any found vulnerabilities. They will next scan and test the router and firewall, followed by testing of the IDS rules.
They will then perform physical surveillance and dumpster diving to learn additional information. This will be followed by password sniffing and cracking. Finally, they will call into MegaCorp to see what information they can learn via social engineering.
C. The consulting group has identified the steps it will follow in testing the network. You have asked to be kept up to date, and given an approximate schedule of events. You intend to follow along with the test, with weekly reports.
The consultants surprise you with their initial strategy. They intend to spend nearly 100% of their efforts over the first week on social engineering and other physical techniques, using little to no technology. They have gained access to the building as a maintenance crew, and will be coming into the office every night when employees are wrapping up for the day.
All of their testing will be done through physical contact and informal questioning of the employees. Once they finish that stage, they will run short and direct vulnerability scanners on the systems that they feel will present weakness.
D. The consulting group has identified the steps it will follow in testing the network. You have asked to be kept up to date, and given an approximate schedule of events. You intend to follow along with the test, with weekly reports.
The consultants have decided on a direct strategy. They will work inside the MegaCorp office, with the group introducing themselves to the employees. They will directly interview each employee, and perform extensive physical security checks of the network.
They will review and provide analysis on the security policy, and follow that with electronic testing. They will run a single very robust vulnerability scanner on every single client and server in the network, and document the findings of the scan.
E. The consulting group has identified the steps it will follow in testing the network. You have asked to be kept up to date, and given an approximate schedule of events. You intend to follow along with the test, with weekly reports.
The consultants will start the process with remote network surveillance, checking to see what systems and services are available remotely. They will run both passive and active fingerprinting on any identified system. They will run customized vulnerability scanners on the identified systems, and follow that through with exploits, including new zero-day exploits they have written themselves.
They will next run scans on the router, firewall, and intrusion detection, looking to identify operating systems and configurations of these devices. Once identified, they will run customized scripts to gain access to these devices. Once they complete the testing on the systems, they will dumpster dive to identify any leaked information.
Answer: B

7. for three years you have worked with MegaCorp doing occasional network and security consulting. MegaCorp is a small business that provides real estate listings and data to realtors in several of the surrounding states. The company is open for business Monday through Friday from 9 am to 6 pm, closed all evenings and weekends. Your work there has largely consisted of advice and planning, and you have been frequently disappointed by the lack of execution and follow through from the full time staff.
On Tuesday, you received a call from MegaCorp’s HR director, "Hello, I’d like to inform you that Red (the full time senior network administrator) is no longer with us, and we would like to know if you are interested in working with us full time."
You currently have no other main clients, so you reply, "Sure, when do you need me to get going?"
"Today," comes the fast and direct response. Too fast, you think.
"What is the urgency, why can’t this wait until tomorrow?"
"Red was let go, and he was not happy about it. We are worried that he might have done something to our network on the way out."
"OK, let me get some things ready, and I’ll be over there shortly."
You knew this would be messy when you came in, but you did have some advantage in that you already knew the network. You had recommended many changes in the past, none of which would be implemented by Red. While pulling together your laptop and other tools, you grab your notes which have an overview of the network:
MegaCorp network notes: Single Internet access point, T1, connected to MegaCorp Cisco router. Router has E1 to a private web and ftp server and E0 to the LAN switch. LAN switch has four servers, four printers, and 100 client machines. All the machines are running Windows 2000. Currently, they are having their primary web site and email hosted by an ISP in Illinois.
When you get to MegaCorp, the HR Director and the CEO, both of whom you already know, greet you. The CEO informs you that Red was let go due to difficult personality conflicts, among other reasons, and the termination was not cordial. You are to sign the proper employment papers, and get right on the job. You are given the rest of the day to get setup and running, but the company is quite concerned about the security of their network. Rightly so, you think, If these guys had implemented even half of my recommendations this would sure be easier.?You get your equipment setup in your new oversized office space, and get started. For the time you are working here, your IP Address is 10.10.50.23 with a mask of 16.
One of your first tasks is to examine the router’s configuration. You console into the router, issue a show running-config command, and get the following output:
MegaOne#show running-config
Building configuration?
Current configuration:
!
version 12.1
service udp-small-servers
service tcp-small-servers
!
hostname MegaOne
!
enable secret 5 $1$7BSK3$H394yewhJ45JAFEWU73747.
enable password clever
!
no ip name-server
no ip domain-lookup
ip routing
!
interface Ethernet0
no shutdown
ip address 2.3.57.50 255.255.255.0
no ip directed-broadcast
!
interface Ethernet1
no shutdown
ip 10.10.40.101 255.255.0.0
no ip directed-broadcast
!
interface Serial0
no shutdown
ip 1.20.30.23 255.255.255.0
no ip directed-broadcast
clockrate 1024000
bandwidth 1024
encapsulation hdlc
!
ip route 0.0.0.0 0.0.0.0 1.20.30.45
!
line console 0
exec-timeout 0 0
transport input all
line vty 0 4
password remote
login
!
end
After analysis of the network, you recommend that the router have a new configuration. Your goal is to make the router become part of your layered defense, and to be a system configured to help secure the network.
You talk to the CEO to get an idea of what the goals of the router should be in the new configuration. All your conversations are to go through the CEO; this is whom you also are to report to.
"OK, I suggest that the employees be strictly restricted to only the services that they must access on the Internet." You begin.
"I can understand that, but we have always had an open policy. I like the employees to feel comfortable, and not feel like we are watching over them all the time. Please leave the connection open so they can get to whatever they need to get to. We can always reevaluate this in an ongoing basis."
"OK, if you insist, but for the record I am opposed to that policy."
"Noted," responds the CEO, somewhat bluntly.
"All right, let’s see, the private web and ftp server have to be accessed by the Internet, restricted to the accounts on the server. We will continue to use the Illinois ISP to host our main web site and to host our email. What else, is there anything else that needs to be accessed from the Internet?"
"No, I think that’s it. We have a pretty simple network, we do everything in house."
"All right, we need to get a plan in place as well right away for a security policy. Can we set something up for tomorrow?" you ask.
"Let me see, I’ll get back to you later." With that the CEO leaves and you get to work.
Based on the information you have from MegaCorp; knowing that the router must be an integral part of the security of the organization, select the best solution to the organization’s router problem:}
A. You backup the current router config to a temp location on your laptop. Friday night, you come in to build the new router configuration. Using your knowledge of the network, and your conversation with the CEO, you build and implement the following router configuration:
MegaOne#configure terminal
MegaOne(config)#no cdp run
MegaOne(config)#no ip source-route
MegaOne(config)#no ip finger
MegaOne(config)#access-list 175 permit tcp any 2.3.57.60 0.0.0.0 eq 80
MegaOne(config)#access-list 175 permit tcp any 2.3.57.60 0.0.0.0 eq 20
MegaOne(config)#access-list 175 permit tcp any 2.3.57.60 0.0.0.0 eq 21
MegaOne(config)#access-list 175 permit tcp any 10.10.0.0 0.0.255.255 established
MegaOne(config)#access-list 175 deny ip 0.0.0.0 255.255.255.255 any
MegaOne(config)#access-list 175 deny ip 10.0.0.0 0.255.255.255 any
MegaOne(config)#access-list 175 deny ip 127.0.0.0 0.255.255.255 any
MegaOne(config)#access-list 175 deny ip 172.16.0.0 0.0.255.255 any
MegaOne(config)#access-list 175 deny ip 192.168.0.0 0.0.255.255 any
MegaOne(config)#access-list 175 permit ip any 10.10.0.0 0.0.255.255
MegaOne(config)#access-list 175 permit udp any 10.10.0.0 0.0.255.255
MegaOne(config)#access-list 175 permit icmp any 10.10.0.0 0.0.255.255
MegaOne(config)#interface serial 0
MegaOne(config-if)#ip access-group 175 in
MegaOne(config-if)#no ip directed broadcast
MegaOne(config-if)#no ip unreachables
MegaOne(config-if)#^Z
MegaOne#
B. You backup the current router config to a temp location on your laptop. Sunday night, you come in to build the new router configuration. Using your knowledge of the network, and your conversation with the CEO, you build and implement the following router configuration:
MegaOne#configure terminal
MegaOne(config)#access-list 175 permit tcp any 2.3.57.60 0.0.0.0 eq 80
MegaOne(config)#access-list 175 permit tcp any 2.3.57.60 0.0.0.0 eq 20
MegaOne(config)#access-list 175 permit tcp any 2.3.57.60 0.0.0.0 eq 21
MegaOne(config)#access-list 175 permit tcp any 10.10.0.0 0.0.255.255 established
MegaOne(config)#access-list 175 permit ip any 10.10.0.0 0.0.255.255
MegaOne(config)#access-list 175 permit udp any 10.10.0.0 0.0.255.255
MegaOne(config)#access-list 175 permit icmp any 10.10.0.0 0.0.255.255
MegaOne(config)#interface Ethernet 0
MegaOne(config-if)#ip access-group 175 in
MegaOne(config-if)#no cdp enable
MegaOne(config)#interface Ethernet 1
MegaOne(config-if)#ip access-group 175 in
MegaOne(config-if)#no cdp enable
MegaOne(config-if)#^Z
MegaOne#
C. You backup the current router config to a temp location on your laptop. Early Monday morning, you come in to build the new router configuration. Using your knowledge of the network, and your conversation with the CEO, you build and implement the following router configuration:
MegaOne#configure terminal
MegaOne(config)#access-list 175 permit tcp any 2.3.57.60 0.0.0.0 eq 80
MegaOne(config)#access-list 175 permit tcp any 2.3.57.60 0.0.0.0 eq 20
MegaOne(config)#access-list 175 permit tcp any 2.3.57.60 0.0.0.0 eq 21
MegaOne(config)#access-list 175 permit tcp any 10.10.0.0 0.0.255.255 established
MegaOne(config)#access-list 175 permit ip any 10.10.0.0 0.0.255.255
MegaOne(config)#access-list 175 permit udp any 10.10.0.0 0.0.255.255
MegaOne(config)#access-list 175 permit icmp any 10.10.0.0 0.0.255.255
MegaOne(config)#interface Serial 0
MegaOne(config-if)#ip access-group 175 in
MegaOne(config-if)#no cdp enable
MegaOne(config-if)#no ip directed broadcast
MegaOne(config-if)#no ip unreachables
MegaOne(config-if)#^Z
MegaOne#
D. As soon as the office closes Friday, you get to work on the new router configuration. Using your knowledge of the network, and your conversation with the CEO, you build and implement the following router configuration:
MegaOne#configure terminal
MegaOne(config)#access-list 175 permit tcp any 2.3.57.60 0.0.0.0 eq 80
MegaOne(config)#access-list 175 permit tcp any 2.3.57.60 0.0.0.0 eq 20
MegaOne(config)#access-list 175 permit tcp any 2.3.57.60 0.0.0.0 eq 21
MegaOne(config)#access-list 175 permit tcp any 10.10.0.0 0.0.255.255 established
MegaOne(config)#access-list 175 permit ip any 10.10.0.0 0.0.255.255
MegaOne(config)#access-list 175 permit udp any 10.10.0.0 0.0.255.255
MegaOne(config)#access-list 175 permit icmp any 10.10.0.0 0.0.255.255
MegaOne(config)#interface Ethernet 0
MegaOne(config-if)#ip access-group 175 in
MegaOne(config)#interface Ethernet 1
MegaOne(config-if)#ip access-group 175 in
MegaOne(config-if)#^Z
MegaOne#
E. With the office closed, you decide to build the new router configuration on Saturday. Using your knowledge of the network, and your conversation with the CEO, you build and implement the following router configuration:
MegaOne#configure terminal
MegaOne(config)#no cdp run
MegaOne(config)#access-list 175 permit tcp any 2.3.57.60 0.0.0.0 eq 80
MegaOne(config)#access-list 175 permit tcp any 2.3.57.60 0.0.0.0 eq 20
MegaOne(config)#access-list 175 permit tcp any 2.3.57.60 0.0.0.0 eq 21
MegaOne(config)#access-list 175 permit tcp any 10.10.0.0 0.0.255.255 established
MegaOne(config)#access-list 175 permit ip any 10.10.0.0 0.0.255.255
MegaOne(config)#access-list 175 permit udp any 10.10.0.0 0.0.255.255
MegaOne(config)#access-list 175 permit icmp any 10.10.0.0 0.0.255.255
MegaOne(config)#access-list 175 deny ip 0.0.0.0 255.255.255.255 any
MegaOne(config)#access-list 175 deny ip 10.0.0.0 0.255.255.255 any
MegaOne(config)#access-list 175 deny ip 127.0.0.0 0.255.255.255 any
MegaOne(config)#access-list 175 deny ip 172.16.0.0 0.0.255.255 any
MegaOne(config)#access-list 175 deny ip 192.168.0.0 0.0.255.255 any
MegaOne(config)#no ip source-route
MegaOne(config)#no ip finger
MegaOne(config)#interface serial 0
MegaOne(config-if)#ip access-group 175 in
MegaOne(config-if)#no ip directed broadcast
MegaOne(config-if)#no ip unreachables
MegaOne(config-if)#^Z
MegaOne#
Answer: A

8. Build a small test pilot program, to test the hierarchy, and integration with the existing network.
6. Implement the CA hierarchy in the executive office, and get all users acclimated to the system.
7. Implement the CA hierarchy in each other campus building in Testbed, and get all users acclimated to the system.
8. One at a time, implement the CA hierarchy in each remote office; again getting all users acclimated to the system.
9. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
10. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
B. You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps:
1. Draft a Certification Practice Statement (CPS) to define what users will be allowed to do with their certificates, and a Certificate Policy (CP) to define the technology used to ensure the users are able to use their certificates as per the CPS.
2. Draft a CPF based on your own guidelines, including physical and technology controls.
3. Design the system, outside of the executive office, to be a full hierarchy, with the Root CA for the hierarchy located in the executive building. Every remote office will have a subordinate CA, and every other building on the campus in Testbed will have a subordinate CA.
4. In the executive building, you design the system to be a mesh CA structure, with one CA per floor of the building.
5. Design the hierarchy with each remote office and building having it’s own enrollment CA.
6. Build a small test pilot program, to test the hierarchy, and integration with the existing network.
7. Implement the CA hierarchy in the executive office, and get all users acclimated to the system.
8. Implement the CA hierarchy in each other campus building in Testbed, and get all users acclimated to the system.
9. One at a time, implement the CA hierarchy in each remote office; again getting all users acclimated to the system.
10. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
11. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
C. You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps:
1. Draft a Certificate Policy (CP) document to define what users will be allowed to do with their certificates, and a Certification Practice Statement (CPS) document to define the technology used to ensure the users are able to use their certificates as per the CPS.
2. Draft a Certificate Practices Framework (CPF) document based on RFC 2527, including every primary component.
3. Design the system to be a full hierarchy, with the Root CA located in the executive building. Every remote office will have a subordinate CA, and every other building on the campus in Testbed will have a subordinate CA.
4. Design the hierarchy with each remote office and building having it’s own enrollment CA.
5. Build a small test pilot program, to test the hierarchy, and integration with the existing network.
6. Implement the CA hierarchy in the executive office, and get all users acclimated to the system.
7. Implement the CA hierarchy in each other campus building in Testbed, and get all users acclimated to the system.
8. One at a time, implement the CA hierarchy in each remote office; again getting all users acclimated to the system.
9. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
10. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
D. You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps:
1. Draft a Certificate Policy (CP) document to define what users will be allowed to do with their certificates, and a Certification Practice Statement (CPS) document to define the technology used to ensure the users are able to use their certificates as per the CPS.
2. Draft a Certificate Practices Framework (CPF) document based on RFC 2527, including every primary component.
3. Design the system to be a full mesh, with the Root CA located in the executive building.
4. Design the mesh with each remote office and building having it’s own Root CA.
5. Build a small test pilot program, to test the hierarchy, and integration with the existing network.
6. Implement the CA mesh in the executive office, and get all users acclimated to the system.
7. Implement the CA mesh in each other campus building in Testbed, and get all users acclimated to the system.
8. One at a time, implement the CA mesh in each remote office; again getting all users acclimated to the system.
9. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
10. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
E. You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps:
1. Draft a Certification Practice Statement (CPS) to define what users will be allowed to do with their certificates, and a Certificate Policy (CP) to define the technology used to ensure the users are able to use their certificates as per the CPS.
2. Draft a CPF based on your own guidelines, including physical and technology controls.
3. Design the system to be a full mesh, with the Root CA located in the executive building.
4. Design the mesh with each remote office and building having it’s own Root CA.
5. Build a small test pilot program, to test the hierarchy, and integration with the existing network.
6. Implement the CA mesh in the executive office, and get all users acclimated to the system.
7. Implement the CA mesh in each other campus building in Testbed, and get all users acclimated to the system.
8. One at a time, implement the CA mesh in each remote office; again getting all users acclimated to the system.
9. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
10. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
Answer: C

9. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
C. You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps:
1. Draft a Certificate Policy (CP) document to define what users will be allowed to do with their certificates, and a Certification Practice Statement (CPS) document to define the technology used to ensure the users are able to use their certificates as per the CPS.
2. Draft a Certificate Practices Framework (CPF) document based on RFC 2527, including every primary component.
3. Design the system to be a full hierarchy, with the Root CA located in the executive building. Every remote office will have a subordinate CA, and every other building on the campus in Testbed will have a subordinate CA.
4. Design the hierarchy with each remote office and building having it’s own enrollment CA.
5. Build a small test pilot program, to test the hierarchy, and integration with the existing network.
6. Implement the CA hierarchy in the executive office, and get all users acclimated to the system.
7. Implement the CA hierarchy in each other campus building in Testbed, and get all users acclimated to the system.
8. One at a time, implement the CA hierarchy in each remote office; again getting all users acclimated to the system.
9. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
10. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
D. You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps:
1. Draft a Certificate Policy (CP) document to define what users will be allowed to do with their certificates, and a Certification Practice Statement (CPS) document to define the technology used to ensure the users are able to use their certificates as per the CPS.
2. Draft a Certificate Practices Framework (CPF) document based on RFC 2527, including every primary component.
3. Design the system to be a full mesh, with the Root CA located in the executive building.
4. Design the mesh with each remote office and building having it’s own Root CA.
5. Build a small test pilot program, to test the hierarchy, and integration with the existing network.
6. Implement the CA mesh in the executive office, and get all users acclimated to the system.
7. Implement the CA mesh in each other campus building in Testbed, and get all users acclimated to the system.
8. One at a time, implement the CA mesh in each remote office; again getting all users acclimated to the system.
9. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
10. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
E. You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps:
1. Draft a Certification Practice Statement (CPS) to define what users will be allowed to do with their certificates, and a Certificate Policy (CP) to define the technology used to ensure the users are able to use their certificates as per the CPS.
2. Draft a CPF based on your own guidelines, including physical and technology controls.
3. Design the system to be a full mesh, with the Root CA located in the executive building.
4. Design the mesh with each remote office and building having it’s own Root CA.
5. Build a small test pilot program, to test the hierarchy, and integration with the existing network.
6. Implement the CA mesh in the executive office, and get all users acclimated to the system.
7. Implement the CA mesh in each other campus building in Testbed, and get all users acclimated to the system.
8. One at a time, implement the CA mesh in each remote office; again getting all users acclimated to the system.
9. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network.
10. Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.
Answer: C

10. GlobalCorp is a company that makes state of the art aircraft for commercial and government use. Recently GlobalCorp has been working on the next generation of low orbit space vehicles, again for both commercial and governmental markets.
GlobalCorp has corporate headquarters in Testbed, Nevada, USA. Testbed is a small town, with a population of less than 50,000 people. GlobalCorp is the largest company in town, where most families have at least one family member working there.
The corporate office in Testbed has 4,000 total employees, on a 40-acre campus environment. The largest buildings are the manufacturing plants, which are right next to the Research and Development labs. The manufacturing plants employee approximately 1,000 people and the R&D labs employ 500 people. There is one executive building, where approximately 500 people work. The rest of the employees work in Marketing, Accounting, Press and Investor Relations, and so on. The entire complex has a vast underground complex of tunnels that connect each building.
All critical functions are run from the Testbed office, with remote offices around the world. The remote offices are involved in marketing and sales of GlobalCorp products. These offices also perform maintenance on the GlobalCorp aircraft and will occasionally perform R&D and on-site manufacturing.
There are 5 remote offices, located in: New York, California, Japan, India, and England. Each of the remote offices has a dedicated T3 line to the GlobalCorp HQ, and all network traffic is routed through the Testbed office ?the remote offices do not have direct Internet connections.
You had been working for two years in the New York office, and have been interviewing for the lead security architect position in Testbed. The lead security architect reports directly to the Chief Security Officer (CSO), who calls you to let you know that

Strategic Infrastructure Security braindumps free download

Free SC0-471 Demo Download

just4cert offers free demo for SCP certification SC0-471 (Strategic Infrastructure Security). You can check out the interface, question quality and usability of our practice exams before you decide to buy it. We are the only one site can offer demo for almost all products.

Download SC0-471 PDF Demo

Why choose just4cert SC0-471 braindumps

Quality and Value for the SC0-471 Exam
100% Guarantee to Pass Your SC0-471 Exam
Downloadable, Interactive SC0-471 Testing engines
Verified Answers Researched by Industry Experts
Drag and Drop questions as experienced in the Actual Exams
Practice Test Questions accompanied by exhibits
Our Practice Test Questions are backed by our 100% MONEY BACK GUARANTEE.

SC0-471 free demo:

　
　
Exam : SCP SC0-471
Title : Strategic Infrastructure Security

1. What type of cipher is used by an algorithm that encrypts data one bit at a time?
A. 64-bit encryption Cipher
B. Block Cipher
C. Stream Cipher
D. Diffuse Cipher
E. Split Cipher
Answer: C

2. What encryption algorithm was selected to replace DES?
A. RC5
B. IDEA
C. AES
D. Blowfish
E. RSA
Answer: C

3. You have just become the senior security professional in your office. After you have taken a complete inventory of the network and resources, you begin to work on planning for a successful security implementation in the network. You are aware of the many tools provided for securing Windows 2003 machines in your network. What is the function of Secedit.exe?
A. This tool is used to set the NTFS security permissions on objects in the domain.
B. This tool is used to create an initial security database for the domain.
C. This tool is used to analyze a large number of computers in a domain-based infrastructure.
D. This tool provides an analysis of the local system NTFS security.
E. This tool provides a single point of management where security options can be applied to a local computer or can be imported to a GPO.
Answer: C

4. As per the guidelines in the ISO Security Policy standard, what is the purpose of the section on Physical and Environmental Security?
A. The objectives of this section are to avoid breaches of any criminal or civil law, statutory, regulatory or contractual obligations and of any security requirements, and to ensure compliance of systems with organizational security policies and standards.
B. The objectives of this section are to prevent unauthorized access, damage and interference to business premises and information; to prevent loss, damage or compromise of assets and interruption to business activities; to prevent compromise or theft of information and information processing facilities.
C. The objectives of this section are to provide management direction and support for information security.
D. The objectives of this section are to maintain appropriate protection of corporate assets and to ensure that information assets receive an appropriate level of protection.
E. The objectives of this section are to control access to information, to prevent unauthorized access to information systems, to ensure the protection of networked services, and to prevent unauthorized computer access.
Answer: B

5. If you wish to change the permissions of a parent directory in your Linux system, and want the permissions to be changed on the files and subdirectories in the parent directory to be the same, what switch must you use?
A. -G
B. -R
C. -P
D. -S
E. -F
Answer: B

6. You are aware of the significance and security risk that Social Engineering plays on your company. Of the following Scenarios, select those that, just as described, represent potentially dangerous Social Engineering:
A. A writer from a local college newspapers calls and speaks to a network administrator. On the call the writer requests an interview about the current trends in technology and offers to invite the administrator to speak at a seminar.
B. An anonymous caller calls and wishes to speak with the receptionist. On the call the caller asks the receptionist the normal business hours that the organization is open to the public.
C. An anonymous caller calls and wishes to speak with the purchaser of IT hardware and software. On the call the caller lists several new products that the purchaser may be interested in evaluating. The caller asks for a time to come and visit to demonstrate the new products.
D. An email, sent by the Vice President of Sales and Marketing, is received by the Help Desk asking to reset the password of the VP of Sales and Marketing.
E. An email is received by the Chief Security Officer (CSO) about a possible upgrade coming from the ISP to a different brand of router. The CSO is asked for the current network’s configuration data and the emailer discusses the method, plan, and expected dates for the rollover to the new equipment.
Answer: DE

7. In the process of public key cryptography, which of the following is true?
A. Only the public key is used to encrypt and decrypt
B. Only the private key can encrypt and only the public key can decrypt
C. Only the public key can encrypt and only the private key can decrypt
D. The private key is used to encrypt and decrypt
E. If the public key encrypts, then only the private key can decrypt
Answer: E

8. During a one week investigation into the security of your network you work on identifying the information that is leaked to the Internet, either directly or indirectly. One thing you decide to evaluate is the information stored in the Whois lookup of your organizational website. Of the following, what pieces of information can be identified via this method?
A. Registrar
B. Mailing Address
C. Contact Name
D. Record Update
E. Network Addresses (Private)
Answer: ABCD

9. Which one of the following is an incorrect mod equation?
A. 9 mod 3 = 0
B. 40 mod 10 = 0
C. 40 mod 9 = 4
D. (6-1) mod 3 = 0
E. (2+4) mod 5 = 1
Answer: D

10. To increase the security of your network and systems, it has been decided that EFS will be implemented in the appropriate situations. Two users are working on a common file, and often email this file back and forth between each other. Is this a situation where the use of EFS will create effective security, and why (or why not)?
A. No, the security will remain the same since both users will share the same key for encryption.
B. Yes, since the file will be using two keys for encryption the security will increase.
C. No, the security will remain the same since both users will share the same key for decryption.
D. Yes, since the file will be using two keys for decryption the security will increase.
E. No, EFS cannot be used for files that are shared between users.
Answer: E

11. You are working with some new RPM files on your Linux system. You know there are several options when dealing with RPM files. Which of the following answers lists proper RPM commands, with the correct description of the command?
A. rpm -q <package name> This command performs software verification.
B. rpm -e <package name> This command removes the software.
C. rpm -v <package name> This command performs software verification.
D. rpm -r <package name> This command removes the software.
E. rpm -i <package name> This command installs the software.
F. rpm -in <package name> This command installs the software.
Answer: ABE

12. During the review of the security logs you notice some unusual traffic. It seems that a user has connected to your Web site ten times in the last week, and each time has visited every single page on the site. You are concerned this may be leading up to some sort of attack. What is this user most likely getting ready to do?
A. Mirror the entire web site.
B. Download entire DNS entries.
C. Scan all ports on a web server.
D. Perform a Distributed Denial of Service attack through the Web server.
E. Allow users to log on to the Internet without an ISP.
Answer: A