無料問題集SC0-502 資格取得
質問 1:
Blue thanks you for your plan and design and took it into consideration. You are then informed that Blue has gone ahead and made a new plan, which will incorporate some of your suggestions, but is going to build the network a bit differently. In Testbed and in each remote office there will be a single self-sufficient CA hierarchy, one that is designed to directly integrate with the existing network. Blue mentions that the hierarchy is only to go two-levels deep, you are not to make an extensive hierarchy in any location. This means a distinct CA hierarchy in six locations, inclusive of the Testbed headquarters.
Using this information, choose the solution that will provide for the proper rollout of the Certificate Authorities in the network.}
A. In each location, you recommend the following steps:In each location, you recommend the following steps: 1.Harden a system to function as the Root CA1.Harden a system to function as the Root CA 2.Harden a system to function as the Registration Authority 3.Configure CATool on the Root CA 4.Configure CATool on the Registration Authority, as a subordinate to the Root CA 5.Configure users for the CAs 6.Configure each Root CA to trust each other Root CA via cross certification 7.Test the CA hierarchy 8.Have the local administrative staff inform and train each user how to connect to the Registration Authority through their browser and request a certificate
B. In each location, you recommend the following steps: 1.Harden a system to function as the Root CA 2.Harden a system to function as the Registration Authority 3.Configure CATool on the Root CA 4.Configure CATool on the Registration Authority, as a subordinate to the Root CA 5.Once the Subordinate CA is active, take the Root CA offline 6.Configure users for the CAs 7.Configure each Root CA to trust each other Root CA via cross certification 8.Test the CA hierarchy 9.Have the local administrative staff inform and train each user how to connect to the Registration Authority through their browser and request a certificate
C. In each location, you recommend the following steps: 1.Harden a system to function as the Root CA 2.Harden a system to function as a Registration Authority 3.Configure a Windows Enterprise Root CA 4.Configure each Enterprise Root CA to trust each other Enterprise Root CA via cross certification 5.Configure a Windows Stand-Alone Subordinate Enrollment Authority to function as the Registration Authority 6.Once the Stand-Alone Subordinate is installed, take the Enterprise Root CA offline 7.Test the CA hierarchy 8.Have the local administrative staff inform and train each user how to connect to the Registration Authority through their browser and request a certificate
D. In each location, you recommend the following steps: 1.Harden a system to function as the Root CA 2.Harden a system to function as the Registration Authority 3.Configure a Windows Enterprise Root CA 4.Configure each Enterprise Root CA to trust each other Enterprise Root CA via cross certification 5.Configure a Windows Registration Authority, as a subordinate to the Enterprise Root CA 6.Test the CA hierarchy 7.Have the local administrative staff inform and train each user how to connect to the Registration Authority through their browser and request a certificate
E. In each location, you recommend the following steps: 1.Harden a system to function as the Root CA 2.Harden a system to function as the Registration Authority 3.Configure a Windows Enterprise Root CA 4.Configure each Enterprise Root CA to trust each other Enterprise Root CA via cross certification 5.Configure a Windows Enterprise Registration Authority, as a subordinate to the Enterprise Root CA 6.Once the Subordinate CA is active, take the Enterprise Root CA offline 7.Test the CA hierarchy 8.Have the local administrative staff inform and train each user how to connect to the Registration Authority through their browser and request a certificate
正解:D
質問 2:
You are well along your way to getting the MegaCorp security up to what you consider an acceptable level. You feel the security is now solid enough that you can go ahead and some new tests and perform analysis on the network.
You plug in your laptop and fire up Snort to see the traffic coming into the network. You plug in on the outside of the router, to see the unfiltered traffic that the network must deal with. In full promiscuous mode, you collect data for an hour, to filter through it later. Since you captured quite a bit of data, you filter out a few specific lines to analyze.
10\27-23:48:42.126886 0:D0:9:7E:E5:E9 -> 0:D0:9:7F:C:9B type:0x800 len:0x3C
10.0.10.237 -> 10.0.10.234 ICMP TTL:128 TOS:0x0 ID:1185 IpLen:20 DgmLen:36
Type:8 Code:0 ID:3 Seq:289 ECHO =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 10\27-23:48:42.137906 0:D0:9:7E:E5:E9 -> 0:2:B3:2D:1:4A type:0x800 len:0x3C
10.0.10.237 -> 10.0.10.235 ICMP TTL:128 TOS:0x0 ID:1186 IpLen:20 DgmLen:36 Type:8 Code:0 ID:3 Seq:290 ECHO =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 10\27-23:48:42.148642 0:D0:9:7E:E5:E9 -> 0:D0:9:7E:F9:DB type:0x800 len:0x3C
10.0.10.237 -> 10.0.10.236 ICMP TTL:128 TOS:0x0 ID:1187 IpLen:20 DgmLen:36 Type:8 Code:0 ID:3 Seq:291 ECHO =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 10\27-23:48:42.167031 0:D0:9:7E:E5:E9 -> 0:D0:9:68:87:2C type:0x800 len:0x3C
10.0.10.237 -> 10.0.10.238 ICMP TTL:128 TOS:0x0 ID:1190 IpLen:20 DgmLen:36
Type:8 Code:0 ID:3 Seq:292 ECHO =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 10\27-23:48:42.177247 0:D0:9:7E:E5:E9 -> 0:D0:9:69:48:E3 type:0x800 len:0x3C
10.0.10.237 -> 10.0.10.239 ICMP TTL:128 TOS:0x0 ID:1191 IpLen:20 DgmLen:36 Type:8 Code:0 ID:3 Seq:293 ECHO
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 10\28-19:09:07.387953 0:D0:9:7E:F9:DB -> 0:2:B3:2D:1:4A type:0x800 len:0x3C 10.0.10.236:57228 -> 10.0.10.235:1 TCP TTL:44 TOS:0x0 ID:24652 IpLen:20 DgmLen:40 ******** Seq: 0x0 Ack: 0x0 Win: 0x400 TcpLen: 20 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 10\28-19:09:07.320917 0:D0:9:7E:F9:DB -> 0:2:B3:2D:1:4A type:0x800 len:0x3C 10.0.10.236:57228 -> 10.0.10.235:2 TCP TTL:44 TOS:0x0 ID:52330 IpLen:20 DgmLen:40 ******** Seq: 0x0 Ack: 0x0 Win: 0x400 TcpLen: 20 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 10\28-19:09:07.377933 0:D0:9:7E:F9:DB -> 0:2:B3:2D:1:4A type:0x800 len:0x3C 10.0.10.236:57228 -> 10.0.10.235:3 TCP TTL:44 TOS:0x0 ID:10807 IpLen:20 DgmLen:40 ******** Seq: 0x0 Ack: 0x0 Win: 0x400 TcpLen: 20 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 10\28-19:09:07.328200 0:D0:9:7E:F9:DB -> 0:2:B3:2D:1:4A type:0x800 len:0x3C 10.0.10.236:57228 -> 10.0.10.235:4 TCP TTL:44 TOS:0x0 ID:40192 IpLen:20 DgmLen:40 ******* Seq: 0x0 Ack: 0x0 Win: 0x400 TcpLen: 20 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 10\28-19:09:07.363859 0:D0:9:7E:F9:DB -> 0:2:B3:2D:1:4A type:0x800 len:0x3C 10.0.10.236:57228 -> 10.0.10.235:5 TCP TTL:44 TOS:0x0 ID:20497 IpLen:20 DgmLen:40 ******** Seq: 0x0 Ack: 0x0 Win: 0x400 TcpLen: 20 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 10\28-19:09:07.391163 0:D0:9:7E:F9:DB -> 0:2:B3:2D:1:4A type:0x800 len:0x3C 10.0.10.236:57228 -> 10.0.10.235:6 TCP TTL:44 TOS:0x0 ID:30756 IpLen:20 DgmLen:40 ******** Seq: 0x0 Ack: 0x0 Win: 0x400 TcpLen: 20 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 10\28-19:09:07.300794 0:D0:9:7E:F9:DB -> 0:2:B3:2D:1:4A type:0x800 len:0x3C 10.0.10.236:57228 -> 10.0.10.235:7 TCP TTL:44 TOS:0x0 ID:3946 IpLen:20 DgmLen:40 ******** Seq: 0x0 Ack: 0x0 Win: 0x400 TcpLen: 20 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 10\28-01:52:16.979681 0:D0:9:7E:E5:E9 -> 0:D0:9:7F:C:9B type:0x800 len:0x3E 10.0.10.237:1674 -> 10.0.10.234:31337 TCP TTL:128 TOS:0x0 ID:5277 IpLen:20 DgmLen:48 ******S* Seq: 0x3F2FE2CC Ack: 0x0 Win: 0x4000 TcpLen: 28 TCP Options (4) => MSS: 1460 NOP NOP SackOK =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 10\28-01:52:16.999652 0:D0:9:7E:E5:E9 -> 0:2:B3:2D:1:4A type:0x800 len:0x3E 10.0.10.237:1675 -> 10.0.10.235:31337 TCP TTL:128 TOS:0x0 ID:5278 IpLen:20 DgmLen:48 ******S* Seq: 0x3F30DB1F Ack: 0x0 Win: 0x4000 TcpLen: 28 TCP Options (4) => MSS: 1460 NOP NOP SackOK =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 10\28-01:52:17.019680 0:D0:9:7E:E5:E9 -> 0:D0:9:7E:F9:DB type:0x800 len:0x3E 10.0.10.237:1676 -> 10.0.10.236:31337 TCP TTL:128 TOS:0x0 ID:5279 IpLen:20 DgmLen:48 ******S* Seq: 0x3F3183AE Ack: 0x0 Win: 0x4000 TcpLen: 28 TCP Options (4) => MSS: 1460 NOP NOP SackOK =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 10\28-01:52:17.059669 0:D0:9:7E:E5:E9 -> 0:D0:9:68:87:2C type:0x800 len:0x3E 10.0.10.237:1678 -> 10.0.10.238:31337 TCP TTL:128 TOS:0x0 ID:5282 IpLen:20 DgmLen:48 ******S* Seq: 0x3F332EC2 Ack: 0x0 Win: 0x4000 TcpLen: 28 TCP Options (4) => MSS: 1460 NOP NOP SackOK =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 10\28-01:52:17.079821 0:D0:9:7E:E5:E9 -> 0:D0:9:69:48:E3 type:0x800 len:0x3E 10.0.10.237:1679 -> 10.0.10.239:31337 TCP TTL:128 TOS:0x0 ID:5283 IpLen:20 DgmLen:48 ******S* Seq: 0x3F3436FA Ack: 0x0 Win: 0x4000 TcpLen: 28 TCP Options (4) => MSS: 1460 NOP NOP SackOK =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 10\28-01:45:18.733562 0:D0:9:7E:E5:E9 -> 0:D0:9:7F:C:9B type:0x800 len:0x3E 10.0.10.237:1646 -> 10.0.10.234:12345 TCP TTL:128 TOS:0x0 ID:4974 IpLen:20 DgmLen:48 ******S* Seq: 0x38E326F7 Ack: 0x0 Win: 0x4000 TcpLen: 28 TCP Options (4) => MSS: 1460 NOP NOP SackOK =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 10\28-01:45:18.753691 0:D0:9:7E:E5:E9 -> 0:2:B3:2D:1:4A type:0x800 len:0x3E 10.0.10.237:1647 -> 10.0.10.235:12345 TCP TTL:128 TOS:0x0 ID:4975 IpLen:20 DgmLen:48 ******S* Seq: 0x38E3D2D0 Ack: 0x0 Win: 0x4000 TcpLen: 28 TCP Options (4) => MSS: 1460 NOP NOP SackOK =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 10\28-01:45:18.773781 0:D0:9:7E:E5:E9 -> 0:D0:9:7E:F9:DB type:0x800 len:0x3E 10.0.10.237:1648 -> 10.0.10.236:12345 TCP TTL:128 TOS:0x0 ID:4976 IpLen:20 DgmLen:48 ******S* Seq: 0x38E4CF5C Ack: 0x0 Win: 0x4000 TcpLen: 28 TCP Options (4) => MSS: 1460 NOP NOP SackOK =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 10\28-01:45:18.813837 0:D0:9:7E:E5:E9 -> 0:D0:9:68:87:2C type:0x800 len:0x3E 10.0.10.237:1650 -> 10.0.10.238:12345 TCP TTL:128 TOS:0x0 ID:4979 IpLen:20 DgmLen:48 ******S* Seq: 0x38E692B6 Ack: 0x0 Win: 0x4000 TcpLen: 28 TCP Options (4) => MSS: 1460 NOP NOP SackOK =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 10\28-01:45:18.833772 0:D0:9:7E:E5:E9 -> 0:D0:9:69:48:E3 type:0x800 len:0x3E 10.0.10.237:1651 -> 10.0.10.239:12345 TCP TTL:128 TOS:0x0 ID:4980 IpLen:20 DgmLen:48 ******S* Seq: 0x38E7211C Ack: 0x0 Win: 0x4000 TcpLen: 28 TCP Options (4) => MSS: 1460 NOP NOP SackOK =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
Looking at the types of traffic that are hitting your network, what types of attacks are you dealing with, and what is the best solution for mitigating those attacks?}
A. There is a clear pattern of attack, starting with general reconnaissance to see which systems are up and running to respond to attack inquiries. Next, the attacks show port scans, looking specifically for open ports on a unique host, and then moving to searching out NetBus and SubSeven servers.
To mitigate these attacks, you do not recommend any new technology. You feel that your firewall, IDS, and routers will properly address these types of attacks.
B. Looking at the traffic, you are unable to identify any pattern of attack. You see normal legitimate traffic, the type of which you see every day. The traffic that you have captured provides you no clues as to the current attacks against your network, and as such you make no recommendations to mitigate.
C. There is a clear attack pattern, where the attacker first is checking to see which hosts will reply to sequential packets, followed by vulnerability checking for the IPLen:20 server vulnerability.
To mitigate these attacks, you recommend reconfiguring the access control lists on the routers, specifically to address the IPLen:20 attack, and to address the sequential packet attack. You recommend that with the router configuration change, the threats will be properly addressed.
D. There is a clear pattern of attack, starting with the attacker looking for hosts that will respond to the ID:3 vulnerability. Once identified, the attacker runs a second set of scans, looking for hosts that are vulnerable to a TOS:0x0 attack, and finally running a scan to check for hosts that are vulnerable to the MSS: 1460 NOP attack.
To mitigate these attacks, you recommend implementing a new firewall on the outside of the router, designed with rules to specifically stop these attacks, allowing the rest of the traffic through to your router and the rest of your perimeter defense.
E. There is a clear attack pattern, where the attacker is looking for packets that are formed with a TTL of 128, followed by a TTL of 44. Finally, the attacker is looking to exploit the NOP SackOK vulnerability.
To mitigate these attacks, you recommend implementing a new firewall on the outside of the router, designed with rules to specifically stop these attacks, allowing the rest of the traffic through to your router and the rest of your perimeter defense.
正解:A
質問 3:
By now, you are feeling confident that the security of the MegaCorp network is getting under control. You are aware that there are still several critical areas that you must deal with, and today you are addressing one of those areas. You have been able to take care of the router, firewall, security policy, and intrusion detection, now you are concerned with some of the hosts in the network.
Since the organization is not very large, you are the only person working in the IT end of the company. It will be up to you to directly work on the systems throughout the network. You make a quick chart of the systems you know should be in the MegaCorp network:
Server0001, 10.10.20.101, Windows 2000 Server
Server0010, 10.10.20.102, Windows 2000 Server
Server0011, 10.10.20.103, Windows 2000 Server
Server0100, 10.10.20.104, Linux (Red Hat 8.0)
User systems, 10.10.100.100~10.10.100.200, Windows 2000 Professional
The addressing that you recommended months ago is in place, and it follows a distinct logical pattern, you are hoping that no new systems are hidden in the network somewhere.
In the company, you have been granted domain administrator rights, and no other user is authorized to have administrator, root, supervisor, or otherwise privileged level of access. All the Windows systems are to belong to one windows domain called SCNA.edu. Users are no longer allowed to install unauthorized applications, and are all to use the file servers for storage. Although they have the ability to do so, users are not supposed to store any work data on their local systems.
The servers are located in a server cabinet that is inside your office, so you decide to start working there. Using your knowledge of MegaCorp select the best solution for hardening the MegaCorp operating systems:}
A. The first thing you decide to do is plug your laptop into the server room, and run a full Nessus scan on the entire network, specifically looking for every backdoor vulnerability that the application can check. This takes some time to compile, but you eventually end up with a list of issues to address on each machine.
You move on to the Linux server, and run a fast Tripwire check on the system to look for any additional vulnerabilities. Once that check is done, you install SSH so that all access by every user will be encrypted to the server, and you run Bastille to lock down the system.
At the Windows systems, you address any issues found during the Nessus scan, you ensure that each system is updated with the latest patches, and you ensure that the systems are all functioning as fully secure and functional file servers to the network by implementing the HISECWEB.INF template in the Security Configuration and Analysis Snap-In.
Finally, you work on each desktop machine by removing any vulnerabilities listed in the scan report. You remove a few pieces of unauthorized hardware and many unauthorized applications.
B. The first thing you do is to run a Nessus scan against all the servers in the room, noting the findings of the scans. You then begin on the servers by running some tests on the Linux server. First, you run Tripwire on the entire system to ensure that there are no rogue Root accounts, and the test is positive. Second, you ensure that there are no unauthorized objects available through the network, and third you lock the system down with Bastille.
You then work on the Windows servers. You run a check to ensure there are no unauthorized administrator accounts, and there are not. You create a custom security template and implement the template on each server using the Security Configuration and Analysis Snap-In, and you ensure that each system is updated with the latest patches.
Finally, you analyze the user desktops. You go one by one through the network checking for added user accounts, and you find some. You remove these unauthorized accounts and check for software and applications. Again, you find some applications that are not allowed and you remove them. You check the systems for hardware changes, and address the issues that you find.
C. You being by running a Nessus scan from your office laptop on the systems in the network, first the servers, then the user workstations. After the scans are complete, you store the reports on your laptop, and you take your laptop to the server room.
In the server room, you begin on the Windows servers. You implement a custom security template on each server using the Security Configuration and Analysis Snap-In, remove any unauthorized accounts, ensure that each system is updated with the latest patches, and ensure that the permissions on each shared object are as per policy.
You then work on the Linux server, by addressing each point identified in the Nessus scan. You then lock the system with Bastille, ensure that each system is updated with the latest patches, and run a quick Tripwire scan to create a baseline for the system.
You take your laptop with you as you go throughout the network to each user workstation, ensure that each system is updated with the latest patches, and you take care of each issue you found on the machines. There are a few systems that you find with unauthorized applications and you remove those applications.
D. You start the job by running some analysis on the Windows servers. You do this using the Security Configuration and Analysis Snap-In, and you ensure that each system is updated with the latest patches. You find several user accounts that have been given local administrator access, and you remove these accounts. You next use the Secedit tool to implement local encryption on the shared hard drive to secure the local files for the network users.
You then work on the Linux server. To your surprise there are no unauthorized root accounts, nor any unauthorized shares. You ensure that the permissions are correct on the shared objects, and run Bastille to lock down the server.
You then work on the client machines. Before you physically sit at each machine, you run a Nessus scan from your office. Bringing the results with you, you go to each machine and address any issues as identified in the Nessus scan, remove any unauthorized applications
E. You begin by running a Nessus scan on each computer in the network, using the \hotfix switch to create a full report. The report identifies every vulnerability on each system and lists the specific changes you must make to each system to fix any found vulnerabilities.
You take the report to the server room and start with the Linux server. On the server, you run through the steps as outlined in the Nessus report, and end by locking the system using Bastille.
Then, you move to the Windows systems, again following the steps of the Nessus report, and ending by using the Security Configuration and Analysis Snap-In to implement the Gold Standard template on every server.
Finally, you proceed to each user workstation. At each user machine, you follow each step for each system, based on your report. Once you have addressed all the vulnerabilities in the systems, you run a quick Secedit scan on each system to ensure that they are all locked down and that proper encryption is configured.
正解:C
質問 4:
You got the router configured just as you wish, and it is time to get the team together for a meeting. You have the advantage of knowing several of these people for quite some time through your contracting, but this will be your first full meeting with them.
The next day, you sit down with the CEO, HR Director, and other management people in MegaCorp. You wish for the meeting to be as short as possible, so in this initial meeting, you open with a short summary and project what you feel is a serious problem with the company.
"Thanks for coming. I will try to keep this as brief as possible. As you all know, Red was let go under difficult circumstances, and for the last week I have been working non-stop to get the network and security under control here. Very good progress has been made, but we are missing a fundamental component. There is no security policy here at MegaCorp." To this, you see some heads nod in agreement, others have no reaction whatsoever, and a few people let go disappointing sighs.
"I agree that we need a security policy," adds the HR Director, "as long as it doesn't become too restrictive."
"Policies are only used to document the posture of the organization, and to provide some guidance in the direction of the network and, in this case, the security of the network." You add, "Without a written policy, how is any employee supposed to know what is acceptable, what is not acceptable, and so on."
"Our employees have common sense, we do not want the company to become overly regulated," says a middle manager who you have not spoken with before.
"Common sense is great, the more the employees have, and the easier it is to implement the policies. But, there is no guarantee for the human element. A simple review of what just took place with Red is a quick reminder of this." With that comment, the middle manager relaxed a bit, and hesitantly agreed.
"So, what I would like to do is to lead the development of the policy here, and work with each of you to get it implemented. In the next few days, I will be requesting a bit of your time, so we can talk one on one about your needs and issues surrounding the policy."
The next week, you meet with the management team, and you have a list of questions for them, designed to help you in drafting the security policy. You have decided to break up the creation of the policy into pieces, spending shorter blocks of time on the policy. This allows the management to be able to keep most of their days open for running the company.
During the meeting, you focus solely on the Acceptable Use statement for the users of the network. You ask the following questions to the group, and the consensus answer (after taking your suggestions into account) is listed after each question.
1.Are users allowed to share user accounts? No.
2.Are users allowed to install software without approval? No. Approval must come through you, or the current Chief Security Officer (CSO).
3.Are users allowed to copy software for archive or other purpose? No, archives can only be made by the network administration staff.
4.Are users allowed to read and\or copy files that they do not own, but have access to? Yes.
5.Are users allowed to make copies of any operating system files (such as the Windows directory or the SAM file)? No.
6.Are users allowed to modify files they do not own, but for which they have write abilities? Yes, if they have write abilities, they are allowed to modify the file.
Using the provided information from the meeting, you draft the Acceptable Use Statement. The statement reads as follows:
This Acceptable Use Statement document covers MegaCorp, networks, computers, and computing resources. Network, computer, and computing resources are defined as physical personal computers, server systems, routers, switches, and network cabling. Also included in the definition are software (media) elements such as floppy disks, CD-ROMs (including writeable and re-writeable), DVD-ROMs, and tape backup systems. A user is defined as the individual account with authorization to access MegaCorp, resources. All users of the MegaCorp network are expected to conduct themselves in a respectful and legal manner.
The MegaCorp, general computing systems are unclassified systems. As such, top-level secret information is not to be processed or stored on any general unclassified computer system.
Individual users are responsible for the proper storage of their personal data on their workstations. For assistance on proper storage, users are instructed to contact the Security staff of MegaCorp.
In the event that a user has identified a security breech, weakness, or system misuse in a MegaCorp, system, they are required to contact the on-duty Security staff immediately. Users are to use a completed MegaCorp-TPS Report for their notice to the Security staff. Initial contact with the Security staff about the incident might be conducted via email or telephone.
Individual users are not granted access to systems and resources they have not been given explicit authority to access. In the event access to a resource is required, and access has not been granted, the user is to make a request to the on-duty Security staff.
Individual users shall not make unauthorized copies of copyrighted software, except as permitted by law or by the owner of the copyright.
Individual users are not permitted to make copies of system configuration files for their own, unauthorized personal use or to provide to other people or users for unauthorized uses.
Individual users are not permitted to share, loan, or otherwise allow access to a MegaCorp resource via the user assigned account.
Individual users are not permitted to engage in any online or offline activity with the intent or harass other users; degrade the performance of any MegaCorp, system or resource; impede the ability of an authorized user to access an authorized resource; or attempt to gain access to an unauthorized resource.
Electronic mail resources are for authorized use only. Messages that might be deemed fraudulent, harassing, or obscene shall not be sent from, to, or stored on MegaCorp, systems.
Individual users are not permitted to download, install, or run any unauthorized programs or utilities, including those which reveal weaknesses in the security of a system. This includes, but is not limited to network sniffing tools and password cracking utilities.
Users who are found to be in violation of this policy will be reported to the on-duty Security staff and the MegaCorp CEO. The CEO will determine if the violation will result in the loss of MegaCorp, network privileges. In he event the violation warrants, the CEO may press civil or criminal charges against the user.
I have read and understand the MegaCorp, Acceptable Use Statement, and agree to abide by it.
With this information, and your knowledge of MegaCorp, choose the answer that will provide the best solution for implementing the Acceptable Use statement policy needs of MegaCorp:}
A. After the review of the policy it is decided that some of the bullet points in the document need to be changed. You make the requested changes, and the team reviews the document once more.
"It all looks good to me now," says a manager in the meeting.
"OK, how should we present this to the employees?" you ask.
"I could take a copy to each employee and discuss it with them," offers the HR director.
"No, that would be too time-consuming. That not a good use of your time," responds the CEO.
"We need to get this done, obviously. What is our most cost-effective way of doing this?"
"Well, I could post the policy on our intranet site, and we could have the employees go and
download it themselves. During lunch, perhaps?" you suggest.
"That sounds good, let take that approach," the CEO answers."
Later that day, you create a quick intranet site, called MegaCorp policy and documents. You draft
a quick email, which will be sent to all the employees in the company:
"Dear _____,
At MegaCorp we have just finished work on a security policy that will clearly define the use of the
computers and other issues. This document will answer the questions that many of you have had
recently on what you are allowed to do with the computer and when online.
At your earliest convenience, please connect to the new site I have linked here, to download and
read the new policy. Thanks and have a great day.
-MegaCorp Security Staff."
You verify the site is working, send the email out to all the employees, and go home for the day.
B. You present the draft statement to the team at the next meeting. There is some discussion as to the wording in the clause regarding the internal TPS Report. Some in the group feel the TPS Report will be to tedious to use, others think with a distributed memo about the Report, everything will be fine. After further discussion all agree on the wording of the policy.
The employees meet with the HR director over the next week, and are all presented with a copy of
the policy and discuss how to it is to be implemented. There is some resistance, some of the
employees are not happy about having a new procedure to follow.
While walking back to your office, you see the CEO, and motion that you have a quick question,
"How does the new policy seem to be going with HR?" you ask.
"So far so good, there are a few folks not that happy, but I think wel be fine."
"Ie got to get over there tomorrow to sign mine, when are you meeting with HR?"
"Me Ie got too much going on right now. I have to oversee everything; whatever happens and
goes on here has to go through me anyway. I don't have time to bother with that myself, I just
wanted to be sure we had something legally binding to protect us and to assist the employees."
"Fair enough. Listen, I need to talk with you soon about our firewall situation," you reply.
"OK, stop by anytime. You know my door is always open."
You walk away, and are pretty happy with how things are going here. You know you have more
work to do, but so far your suggestions are being taken well and appreciated.
C. You present the current draft to the team at the next meeting. There is some discussion now on the language of the different clauses, and it seems that no one can agree on the points. What you thought was close to being done, now seems to be at risk of never getting done.
As the meeting escalates, and opinions start to get louder, the CEO interrupts the group, "Enough.
We are a small group, we have enough in common, we know what we need out of this. We will
bring in three contractors who specialize in policy writing.
Wel give them our thoughts, they will work with our tireless Security Guru, and get this thing
done."
You are not all that thrilled about three consultants coming down on your territory, but realize the
frustration of the CEO. You agree, "That fine by me. Il meet with them, and we will draft the
document."
There is other business on the agenda for the meeting, but it is not related to you, so you excuse
yourself and go back to your office.
After working with the three consultants for a month, you have the document, approved by
MegaCorp. You organize a company wide meeting, where the consultants describe the policy and
what it is for to all the employees. The employees are told where they can find the policy to review for themselves, and after a question and answer session everyone gets back to their work.
D. Once the meeting ends, you make the changes that were discussed during the meeting. They are not too extensive, but you make them and present the document to the team again on Friday. Now that you have made the changes, the policy is accepted, and the discussion moves towards getting every employee to sign and agree to the policy.
"Well, it's Friday afternoon. Everyone needs their paychecks today." Comments the HR director. "Good point, let just print out 100 of these, and tell everyone to sign them in order to get their
check." Agrees one of the" managers.
After some discussion, it is agreed that this will be the fastest way to get all the employees to sign
the policy document. The meeting wraps up around 2:00, and the printing and stapling of the
policy documents ends around 4:00.
Over the next hour, the HD director, with the help of the manager, hand our checks, making all the
employees sign the document in order to get their check. You think to yourself that the efficiency
of a small operation like this is nice to see in action. You go to get your check, sign your
document, and are actually able to end your day at 5:00pm on a Friday.
E. You present the draft statement to the team at the next meeting. There is some discussion as to the wording in the clause regarding the internal TPS Report. Some in the group feel the TPS Report will be to tedious to use, others think with a distributed memo about the Report, everything will be fine. After further discussion all agree on the wording of the policy.
The team finishes the discussion, and the meeting ends with approval of the document. Once the document is approved, you move the discussion towards getting everyone in the company aware of and agreeing to it. "I suggest that we tie it into our paychecks, and have the document go through HR." "We could do that, I guess. I can present the document to all the employees over the rest of the month." the HR Director responds. Following that, the CEO brings up that there is going to be a company dinner next month, and that at the dinner the CEO will declare the policy in place, and that "As all of us become comfortable with this, we all should appreciate this step forward for our company."
The next day, you post the policy on the company intranet site, so everyone has an electronic copy to go with their copy from the HR meeting. Once that is done, you move on to your next project.
正解:E
SCP SC0-502 認定試験の出題範囲:
| トピック | 出題範囲 |
|---|
| トピック 1 | - Which protocol is the most secure for establishing remote terminal access to a system
|
| トピック 2 | - Which aspect of network monitoring typically causes a network management system (NMS) database
|
| トピック 3 | - Which type of Syslog message indicates the lowest severity level
|
参照:http://www.solarwinds.com/certification/certificationprocess.aspx
TopExamは君にSC0-502の問題集を提供して、あなたの試験への復習にヘルプを提供して、君に難しい専門知識を楽に勉強させます。TopExamは君の試験への合格を期待しています。
安全的な支払方式を利用しています
Credit Cardは今まで全世界の一番安全の支払方式です。少数の手続きの費用かかる必要がありますとはいえ、保障があります。お客様の利益を保障するために、弊社のSC0-502問題集は全部Credit Cardで支払われることができます。
領収書について:社名入りの領収書が必要な場合、メールで社名に記入していただき送信してください。弊社はPDF版の領収書を提供いたします。
弊社は失敗したら全額で返金することを承諾します
我々は弊社のSC0-502問題集に自信を持っていますから、試験に失敗したら返金する承諾をします。我々のSCP SC0-502を利用して君は試験に合格できると信じています。もし試験に失敗したら、我々は君の支払ったお金を君に全額で返して、君の試験の失敗する経済損失を減少します。
弊社のSCP SC0-502を利用すれば試験に合格できます
弊社のSCP SC0-502は専門家たちが長年の経験を通して最新のシラバスに従って研究し出した勉強資料です。弊社はSC0-502問題集の質問と答えが間違いないのを保証いたします。
この問題集は過去のデータから分析して作成されて、カバー率が高くて、受験者としてのあなたを助けて時間とお金を節約して試験に合格する通過率を高めます。我々の問題集は的中率が高くて、100%の合格率を保証します。我々の高質量のSCP SC0-502を利用すれば、君は一回で試験に合格できます。
弊社は無料SCP SC0-502サンプルを提供します
お客様は問題集を購入する時、問題集の質量を心配するかもしれませんが、我々はこのことを解決するために、お客様に無料SC0-502サンプルを提供いたします。そうすると、お客様は購入する前にサンプルをダウンロードしてやってみることができます。君はこのSC0-502問題集は自分に適するかどうか判断して購入を決めることができます。
SC0-502試験ツール:あなたの訓練に便利をもたらすために、あなたは自分のペースによって複数のパソコンで設置できます。
一年間の無料更新サービスを提供します
君が弊社のSCP SC0-502をご購入になってから、我々の承諾する一年間の更新サービスが無料で得られています。弊社の専門家たちは毎日更新状態を検査していますから、この一年間、更新されたら、弊社は更新されたSCP SC0-502をお客様のメールアドレスにお送りいたします。だから、お客様はいつもタイムリーに更新の通知を受けることができます。我々は購入した一年間でお客様がずっと最新版のSCP SC0-502を持っていることを保証します。
PDF版 Demo
品質保証TopExamは我々の専門家たちの努力によって、過去の試験のデータが分析されて、数年以来の研究を通して開発されて、多年の研究への整理で、的中率が高くて99%の通過率を保証することができます。
一年間の無料アップデートTopExamは弊社の商品をご購入になったお客様に一年間の無料更新サービスを提供することができ、行き届いたアフターサービスを提供します。弊社は毎日更新の情況を検査していて、もし商品が更新されたら、お客様に最新版をお送りいたします。お客様はその一年でずっと最新版を持っているのを保証します。
全額返金弊社の商品に自信を持っているから、失敗したら全額で返金することを保証します。弊社の商品でお客様は試験に合格できると信じていますとはいえ、不幸で試験に失敗する場合には、弊社はお客様の支払ったお金を全額で返金するのを承諾します。(
ご購入の前の試用TopExamは無料なサンプルを提供します。弊社の商品に疑問を持っているなら、無料サンプルを体験することができます。このサンプルの利用を通して、お客様は弊社の商品に自信を持って、安心で試験を準備することができます。
