CompTIA RC0-C02 問題集

質問 1：
Customers have recently reported incomplete purchase history and other anomalies while accessing their account history on the web server farm. Upon investigation, it has been determined that there are version mismatches of key e-commerce applications on the production web servers. The development team has direct access to the production servers and is most likely the cause of the different release versions.
Which of the following process level solutions would address this problem?
A. Adjust the firewall ACL to prohibit development from directly accessing the production server farm.
B. Update the vulnerability management plan to address data discrepancy issues.
C. Implement change control practices at the organization level.
D. Change development methodology from strict waterfall to agile.
正解：C
解説: (Topexam メンバーにのみ表示されます)

質問 2：
Since the implementation of IPv6 on the company network, the security administrator has been unable to identify the users associated with certain devices utilizing IPv6 addresses, even when the devices are centrally managed.
En1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500 ether f8:1e:af:ab:10:a3 inet6 fw80::fale:dfff:fee6:9d8%en1 prefixlen 64 scopeid 0x5 inet 192.168.1.14 netmask 0xffffff00 broadcast 192.168.1.255 inet6 2001:200:5:922:1035:dfff:fee6:9dfe prefixlen 64 autoconf inet6 2001:200:5:922:10ab:5e21:aa9a:6393 prefixlen 64 autoconf temporary nd6 options=l<PERFORMNUD> media: autoselect status: active
Given this output, which of the following protocols is in use by the company and what can the system administrator do to positively map users with IPv6 addresses in the future? (Select TWO).
A. The devices use EUl-64 format
B. The administrator must disable IPv6 tunneling
C. The administrator must disable the IPv6 privacy extensions
D. The administrator must disable DHCPv6 option code 1
E. The router IPv6 advertisement has been disabled
F. The administrator must disable the mobile IPv6 router flag
G. The network implements 6to4 tunneling
H. The routers implement NOP
正解：C,H
解説: (Topexam メンバーにのみ表示されます)

質問 3：
A security consultant is conducting a network assessment and wishes to discover any legacy backup
Internet connections the network may have. Where would the consultant find this information and why would it be valuable?
A. This information can be found by querying the network's DNS servers, and is valuable because backup
DNS servers typically allow recursive queries from Internet hosts.
B. This information can be found by calling the regional Internet registry, and is valuable because backup connections typically do not require VPN access to the network.
C. This information can be found by accessing telecom billing records, and is valuable because backup connections typically have much lower latency than primary connections.
D. This information can be found in global routing tables, and is valuable because backup connections typically do not have perimeter protection as strong as the primary connection.
正解：D
解説: (Topexam メンバーにのみ表示されます)

質問 4：
Company A has noticed abnormal behavior targeting their SQL server on the network from a rogue IP address. The company uses the following internal IP address ranges: 192.10.1.0/24 for the corporate site and 192.10.2.0/24 for the remote site. The Telco router interface uses the 192.10.5.0/30 IP range.
Instructions: Click on the simulation button to refer to the Network Diagram for Company A.
Click on Router 1, Router 2, and the Firewall to evaluate and configure each device.
Task 1: Display and examine the logs and status of Router 1, Router 2, and Firewall interfaces.
Task 2: Reconfigure the appropriate devices to prevent the attacks from continuing to target the SQL server and other servers on the corporate network.




正解：
Check the explanation part for complete solution below.
Explanation:

We have traffic coming from two rogue IP addresses: 192.10.3.204 and 192.10.3.254 (both in the
192.10.30.0/24 subnet) going to IPs in the corporate site subnet (192.10.1.0/24) and the remote site subnet (192.10.2.0/24). We need to Deny (block) this traffic at the firewall by ticking the following two checkboxes:


質問 5：
DRAG DROP
IT staff within a company often conduct remote desktop sharing sessions with vendors to troubleshoot vendor product-related issues. Drag and drop the following security controls to match the associated security concern. Options may be used once or not at all.

正解：

Explanation:
Vendor may accidentally or maliciously make changes to the IT system -Allow view-only access. With view-only access, the third party can view the desktop but cannot interact with it. In other words, they cannot control the keyboard or mouse to make any changes.
Desktop sharing traffic may be intercepted by network attackers - Use SSL for remote sessions. SSL
(Secure Sockets Layer) encrypts data in transit between computers. If an attacker intercepted the traffic, the data would be encrypted and therefore unreadable to the attacker.
No guarantees that shoulder surfing attacks are not occurring at the vendor - Identified control gap.
Shoulder surfing is where someone else gains information by looking at your computer screen. This should be identified as a risk. A control gap occurs when there are either insufficient or no actions taken to avoid or mitigate a significant risk.
Vendor may inadvertently see confidential material from the company such as email and I Ms - Limit desktop session to certain windows.
The easiest way to prevent a third party from viewing your emails and IMs is to close the email and IM application windows for the duration of the desktop sharing session.

質問 6：
A new web based application has been developed and deployed in production. A security engineer decides to use an HTTP interceptor for testing the application. Which of the following problems would
MOST likely be uncovered by this tool?
A. The tool could show that input validation was only enabled on the client side
B. The tool could fuzz the application to determine where memory leaks occur
C. The tool could force HTTP methods such as DELETE that the server has denied
D. The tool could enumerate backend SQL database table and column names
正解：A
解説: (Topexam メンバーにのみ表示されます)