Free CompTIA RC0-C02 Exam Dumps Questions & Answers

Joe, a penetration tester, is tasked with testing the security robustness of the protocol between a mobile web application and a RESTful application server. Which of the following security tools would be required to assess the security between the mobile web application and the RESTful application server? (Select
TWO).

• A.  Reconnaissance tools
• B.  Vulnerability scanner
• C.  Password cracker
• D.  Jail broken mobile device
• E.  Network enumerator
• F.  HTIP interceptor

A security architect is designing a new infrastructure using both type 1 and type 2 virtual machines.
In addition to the normal complement of security controls (e.g. antivirus, host hardening, HIPS/NIDS) the security architect needs to implement a mechanism to securely store cryptographic keys used to sign code and code modules on the VMs. Which of the following will meet this goal without requiring any hardware pass-through implementations?

• A.  vTPM
• B.  TPM
• C.  INE
• D.  HSM

The IT Security Analyst for a small organization is working on a customer's system and identifies a possible intrusion in a database that contains PII. Since PII is involved, the analyst wants to get the issue addressed as soon as possible. Which of the following is the FIRST step the analyst should take in mitigating the impact of the potential intrusion?

• A.  Shut down the production network interfaces on the server and change all of the DBMS account passwords.
• B.  Refer the issue to management for handling according to the incident response process.
• C.  Contact the local authorities so an investigation can be started as quickly as possible.
• D.  Disable the front-end web server and notify the customer by email to determine how the customer would like to proceed.

The Information Security Officer (ISO) believes that the company has been targeted by cybercriminals and it is under a cyber attack. Internal services that are normally available to the public via the Internet are inaccessible, and employees in the office are unable to browse the Internet. The senior security engineer starts by reviewing the bandwidth at the border router, and notices that the incoming bandwidth on the router's external interface is maxed out. The security engineer then inspects the following piece of log to try and determine the reason for the downtime, focusing on the company's external router's IP which is
1 28.20.176.19:
1 1:16:22.110343 IP 90.237.31.27.19 > 128.20.176.19.19: UDP, length 1400
1 1:16:22.110351 IP 23.27.112.200.19 > 128.20.176.19.19: UDP, length 1400
1 1:16:22.110358 IP 192.200.132.213.19 > 128.20.176.19.19: UDP, length 1400
1 1:16:22.110402 IP 70.192.2.55.19 > 128.20.176.19.19: UDP, length 1400
1 1:16:22.110406 IP 112.201.7.39.19 > 128.20.176.19.19: UDP, length 1400
Which of the following describes the findings the senior security engineer should report to the ISO and the
BEST solution for service restoration?

• A.  After the senior engineer used a mirror port to capture the ongoing amplification attack, a BGP sinkhole should be configured to drop traffic at the source networks.
• B.  After the senior engineer used the above IPS logs to detect the ongoing DDOS attack, an IPS filter should be enabled to block the attack and restore communication.
• C.  After the senior engineer used a packet capture to identify an active Smurf attack, an ACL should be placed on the company's external router to block incoming UDP port 19 traffic.
• D.  After the senior engineer used a network analyzer to identify an active Fraggle attack, the company's
  ISP should be contacted and instructed to block the malicious packets.

A new IDS device is generating a very large number of irrelevant events. Which of the following would
BEST remedy this problem?

• A.  Adjust IDS filters to increase the number of false negatives.
• B.  Change the IDS to use a heuristic anomaly filter.
• C.  Change the IDS filter to data mine the false positives for statistical trending data.
• D.  Adjust IDS filters to decrease the number of false positives.