Mastin Gallery

Mastin Espanol Gallery - All photos: © Copyright by the owners!
Boost your knowledge up to date with SC0-502 Practice Questions

What study guide do I need to pass SC0-502 exam?

SC0-502 pass marks | SC0-502 study guide | SC0-502 free online test | SC0-502 free exam papers | SC0-502 Practice test - Officialcerts.com



SC0-502 - Security Certified Program - Dump Information

Vendor : SCP
Exam Code : SC0-502
Exam Name : Security Certified Program
Questions and Answers : 40 Q & A
Updated On : August 17, 2017
PDF Download Mirror : SC0-502 Brain Dump
Get Full Version : Officialcerts SC0-502 Full Version


Just try these real questions and success is yours.

I gave the SC0-502 practice questions only once before I enrolled for joining the Officialcerts program. I did not have success even after giving my ample of time to my studies. I did not know where i lacked in getting success. But after joining Officialcerts i got my answer was missing was SC0-502 prep books. It put all the things in the right directions. Preparing for SC0-502 with SC0-502 example questions is truly convincing. SC0-502 Prep Books of other classes that i had did help me as they were not enough capable for clearing the SC0-502 questions. They were tough in fact they did not cover the whole syllabus of SC0-502. But Officialcerts designed books are really excellent.

Get pack of knowledge to prepare SC0-502 exam. Best Q&A for you.

I am Aggarwal and I work for Smart Corp. I had applied to appear for the SC0-502 exam and was very apprehensive about it as it contained difficult case studies etc. I then applied for your question bank. My many doubts got cleared due to the explainations provided for the answers. I also got the case studies in my email which were properly solved. I appeared for the exam and am happy to say that I got 73.75% and I give you the whole credit. Further I congratulate you and look further to clear more exams with the help of your site.

Need to-the-point knowledge of SC0-502 topics!

I passed both the SC0-502 first try itself with 80% and 73% resp. Thanks a lot for your help. The question bank really helped. I am thankful to Officialcerts for helping a lot with so many papers with solutions to work on if not understood. They were extremely useful. Thankyou.

What is easiest way to pass SC0-502 exam?

I cleared SC0-502 exam with high marks. Every time I had registered with Officialcerts which helped me to score more marks. Its great to have help of Officialcerts question bank for such type of exams. Thanks to all.

Great opportunity to get certified SC0-502 exam.

Hi all, please be informed that I have passed the SC0-502 exam with Officialcerts, which was my main preparation source, with a solid average score. This is a very valid exam material, which I highly recommend to anyone working towards their IT certification. This is a reliable way to prepare and pass your IT exams. In my IT company, there is not a person who has not used/seen/heard/ of the Officialcerts materials. Not only do they help you pass, but they ensure that you learn and end up a successful professional.

I need real questions of SC0-502 exam.

I am now SC0-502 certified and it could not be possible without Officialcerts SC0-502 testing engine. Officialcerts testing engine has been tailored keeping in mind the requirements of the students which they confront at the time of taking SC0-502 exam. This testing engine is very much exam focus and every topic has been addressed in detail just to keep apprised the students from each and every information. Officialcerts team knows that this is the way to keep students confident and ever ready for taking examination.

What study guide do I need to pass SC0-502 exam?

I will suggest you to come here to remove all fears related to SC0-502 certification because this is a great platform to provide you with assured goods for your preparations. I was worried for SC0-502 exam but all thanks to Officialcerts who provided me with great products for my preparation. I was really worried about my success but it was only SC0-502 exam engine that increased my success confidence and now I am feeling pleasure on this unconditional help. Hats off to you and your unbelievable services for all students and professionals!

Observed maximum SC0-502 Questions in real exam that I prepared.

The Officialcerts Q&A material as well as SC0-502 Exam Simulator goes well for the exam. I used both them and succeed in the SC0-502 exam without any problem. The material helped me to analyze where I was weak, so that I improved my spirit and spent enough time with the particular topic. In this way, it helped me to prepare well for the exam. I wish you good luck for you all.

Observed maximum SC0-502 Questions in braindumps that I prepared.

Passing the SC0-502 exam was quite difficult for me until I was introduced with the Question & Answer by Officialcerts. Some of the topics seemed very hard to me. Tried a lot to read the books, but failed as time was short. Finally, the dump helped me understand the topics and wrap up my preparation in 10 days time. Great guide, Officialcerts. My heartfelt thanks to you.

What study guide do I need to pass SC0-502 exam?

I retained the same number of as I could. A score of 89% was a decent come about for my 7-day planning. My planning of the exam SC0-502 was sad, as the themes were excessively intense for me to get it. For speedy reference I emulated the Officialcerts dumps aide and it gave great backing. The short-length answers were decently clarified in basic dialect. Much appreciated.

Latest Exams added on Officialcerts

1Z0-453 | 210-250 | 300-210 | 500-205 | 500-210 | 70-765 | 9A0-409 | C2010-555 | C2090-136 | C9010-260 | C9010-262 | C9020-560 | C9020-568 | C9050-042 | C9050-548 | C9050-549 | C9510-819 | C9520-911 | C9520-923 | C9520-928 | C9520-929 | C9550-512 | CPIM-BSP | C_TADM70_73 | C_TB1200_92 | C_TBW60_74 | C_TPLM22_64 | C_TPLM50_95 | DNDNS-200 | DSDPS-200 | E20-562 | E20-624 | E_HANABW151 | E_HANAINS151 | JN0-1330 | JN0-346 | JN0-661 | MA0-104 | MB2-711 | NSE6 | OMG-OCRES-A300 | P5050-031 |

See more dumps on Officialcerts

C2040-442 | HP0-S12 | 1Z0-560 | H11-851 | ST0-91X | 98-367 | C2150-810 | C_TERP10_65 | 3300-1 | 00M-248 | 000-163 | BH0-007 | HP3-025 | HP0-M23 | HP2-H20 | 000-856 | G2700 | FINRA | 000-036 | HP2-N34 | 190-756 | CV0-001 | HP0-054 | HP2-B97 | S90-18A | 000-355 | CSCP | 190-755 | C2180-188 | 310-345 | A2040-956 | 70-688 | 00M-236 | 190-957 | HP0-390 | LOT-917 | C2180-404 | 000-564 | HP2-037 | 000-206 | ML0-220 | HP0-J45 | HP0-690 | ISS-001 | C4090-452 | E20-020 | BCP-710 | 1Z0-238 | CTFL-001 | 4H0-110 |

SC0-502 Questions and Answers

.p, p { color: black; font-family:"Times New Roman", serif; font-style: normal; font-weight: normal; text-decoration: none; font-size: 12pt; margin:0pt; } h1 { color: #F00; font-family:"Times New Roman", serif; font-style: normal; font-weight: bold; text-decoration: none; font-size: 12pt; } li {display: block; } #l1 {padding-left: 0pt;counter-reset: c1 0; } #l1> li:before {counter-increment: c1; content: counter(c1, upper-latin)". "; color: black; font-family:"Times New Roman", serif; font-style: normal; font-weight: normal; text-decoration: none; font-size: 12pt; }


building and exactly opposite Troytec . The device is not in your office, and you will report this to the CEO. You will also ask the CEO if you should inform the neighbor that their network is possibly at risk due to their wireless network use.


Answer: D


QUESTION: 40

You are well along your way to getting the Troytec security up to what you consider an acceptable level. You feel the security is now solid enough that you can go ahead and some new tests and perform analysis on the network.You plug in your laptop and fire up Snort to see the traffic coming into the network. You plug in on the outside of the router, to see the unfiltered traffic that the network must deal with. In full promiscuous mode, you collect data for an hour, to filter through it later. Since you captured quite a bit of data, you filter out a few specific lines to analyze.

10\27-23:48:42.126886 0:D0:9:7E:E5:E9 -> 0:D0:9:7F:C:9B type:0x800 len:0x3C

10.0.10.237 -> 10.0.10.234 ICMP TTL:128 TOS:0x0 ID:1185 IpLen:20 DgmLen:36 Type:8 Code:0 ID:3 Seq:289 ECHO

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 10\27-23:48:42.137906 0:D0:9:7E:E5:E9 -> 0:2:B3:2D:1:4A type:0x800 len:0x3C

10.0.10.237 -> 10.0.10.235 ICMP TTL:128 TOS:0x0 ID:1186 IpLen:20 DgmLen:36 Type:8 Code:0 ID:3 Seq:290 ECHO

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 10\27-23:48:42.148642 0:D0:9:7E:E5:E9 -> 0:D0:9:7E:F9:DB type:0x800 len:0x3C

10.0.10.237 -> 10.0.10.236 ICMP TTL:128 TOS:0x0 ID:1187 IpLen:20 DgmLen:36 Type:8 Code:0 ID:3 Seq:291 ECHO

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 10\27-23:48:42.167031 0:D0:9:7E:E5:E9 -> 0:D0:9:68:87:2C type:0x800 len:0x3C

10.0.10.237 -> 10.0.10.238 ICMP TTL:128 TOS:0x0 ID:1190 IpLen:20 DgmLen:36 Type:8 Code:0 ID:3 Seq:292 ECHO

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 10\27-23:48:42.177247 0:D0:9:7E:E5:E9 -> 0:D0:9:69:48:E3 type:0x800 len:0x3C

10.0.10.237 -> 10.0.10.239 ICMP TTL:128 TOS:0x0 ID:1191 IpLen:20 DgmLen:36 Type:8 Code:0 ID:3 Seq:293 ECHO

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 10\28-19:09:07.387953 0:D0:9:7E:F9:DB -> 0:2:B3:2D:1:4A type:0x800 len:0x3C

10.0.10.236:57228 -> 10.0.10.235:1 TCP TTL:44 TOS:0x0 ID:24652 IpLen:20

DgmLen:40

******** Seq: 0x0 Ack: 0x0 Win: 0x400 TcpLen: 20

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

10\28-19:09:07.320917 0:D0:9:7E:F9:DB -> 0:2:B3:2D:1:4A type:0x800 len:0x3C

10.0.10.236:57228 -> 10.0.10.235:2 TCP TTL:44 TOS:0x0 ID:52330 IpLen:20

DgmLen:40


******** Seq: 0x0 Ack: 0x0 Win: 0x400 TcpLen: 20

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

10\28-19:09:07.377933 0:D0:9:7E:F9:DB -> 0:2:B3:2D:1:4A type:0x800 len:0x3C

10.0.10.236:57228 -> 10.0.10.235:3 TCP TTL:44 TOS:0x0 ID:10807 IpLen:20

DgmLen:40

******** Seq: 0x0 Ack: 0x0 Win: 0x400 TcpLen: 20

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 10\28-19:09:07.328200 0:D0:9:7E:F9:DB -> 0:2:B3:2D:1:4A type:0x800 len:0x3C

10.0.10.236:57228 -> 10.0.10.235:4 TCP TTL:44 TOS:0x0 ID:40192 IpLen:20

DgmLen:40

******** Seq: 0x0 Ack: 0x0 Win: 0x400 TcpLen: 20

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

10\28-19:09:07.363859 0:D0:9:7E:F9:DB -> 0:2:B3:2D:1:4A type:0x800 len:0x3C

10.0.10.236:57228 -> 10.0.10.235:5 TCP TTL:44 TOS:0x0 ID:20497 IpLen:20

DgmLen:40

******** Seq: 0x0 Ack: 0x0 Win: 0x400 TcpLen: 20

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 10\28-19:09:07.391163 0:D0:9:7E:F9:DB -> 0:2:B3:2D:1:4A type:0x800 len:0x3C

10.0.10.236:57228 -> 10.0.10.235:6 TCP TTL:44 TOS:0x0 ID:30756 IpLen:20

DgmLen:40

******** Seq: 0x0 Ack: 0x0 Win: 0x400 TcpLen: 20

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

10\28-19:09:07.300794 0:D0:9:7E:F9:DB -> 0:2:B3:2D:1:4A type:0x800 len:0x3C

10.0.10.236:57228 -> 10.0.10.235:7 TCP TTL:44 TOS:0x0 ID:3946 IpLen:20

DgmLen:40

******** Seq: 0x0 Ack: 0x0 Win: 0x400 TcpLen: 20

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 10\28-01:52:16.979681 0:D0:9:7E:E5:E9 -> 0:D0:9:7F:C:9B type:0x800 len:0x3E

10.0.10.237:1674 -> 10.0.10.234:31337 TCP TTL:128 TOS:0x0 ID:5277 IpLen:20

DgmLen:48

******S* Seq: 0x3F2FE2CC Ack: 0x0 Win: 0x4000 TcpLen: 28 TCP Options (4) => MSS: 1460 NOP NOP SackOK

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 10\28-01:52:16.999652 0:D0:9:7E:E5:E9 -> 0:2:B3:2D:1:4A type:0x800 len:0x3E

10.0.10.237:1675 -> 10.0.10.235:31337 TCP TTL:128 TOS:0x0 ID:5278 IpLen:20

DgmLen:48

******S* Seq: 0x3F30DB1F Ack: 0x0 Win: 0x4000 TcpLen: 28 TCP Options (4) => MSS: 1460 NOP NOP SackOK

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 10\28-01:52:17.019680 0:D0:9:7E:E5:E9 -> 0:D0:9:7E:F9:DB type:0x800 len:0x3E

10.0.10.237:1676 -> 10.0.10.236:31337 TCP TTL:128 TOS:0x0 ID:5279 IpLen:20

DgmLen:48

******S* Seq: 0x3F3183AE Ack: 0x0 Win: 0x4000 TcpLen: 28


TCP Options (4) => MSS: 1460 NOP NOP SackOK

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

10\28-01:52:17.059669 0:D0:9:7E:E5:E9 -> 0:D0:9:68:87:2C type:0x800 len:0x3E

10.0.10.237:1678 -> 10.0.10.238:31337 TCP TTL:128 TOS:0x0 ID:5282 IpLen:20

DgmLen:48

******S* Seq: 0x3F332EC2 Ack: 0x0 Win: 0x4000 TcpLen: 28

TCP Options (4) => MSS: 1460 NOP NOP SackOK

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

10\28-01:52:17.079821 0:D0:9:7E:E5:E9 -> 0:D0:9:69:48:E3 type:0x800 len:0x3E

10.0.10.237:1679 -> 10.0.10.239:31337 TCP TTL:128 TOS:0x0 ID:5283 IpLen:20

DgmLen:48

******S* Seq: 0x3F3436FA Ack: 0x0 Win: 0x4000 TcpLen: 28

TCP Options (4) => MSS: 1460 NOP NOP SackOK

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

10\28-01:45:18.733562 0:D0:9:7E:E5:E9 -> 0:D0:9:7F:C:9B type:0x800 len:0x3E

10.0.10.237:1646 -> 10.0.10.234:12345 TCP TTL:128 TOS:0x0 ID:4974 IpLen:20

DgmLen:48

******S* Seq: 0x38E326F7 Ack: 0x0 Win: 0x4000 TcpLen: 28

TCP Options (4) => MSS: 1460 NOP NOP SackOK

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

10\28-01:45:18.753691 0:D0:9:7E:E5:E9 -> 0:2:B3:2D:1:4A type:0x800 len:0x3E

10.0.10.237:1647 -> 10.0.10.235:12345 TCP TTL:128 TOS:0x0 ID:4975 IpLen:20

DgmLen:48

******S* Seq: 0x38E3D2D0 Ack: 0x0 Win: 0x4000 TcpLen: 28

TCP Options (4) => MSS: 1460 NOP NOP SackOK

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

10\28-01:45:18.773781 0:D0:9:7E:E5:E9 -> 0:D0:9:7E:F9:DB type:0x800 len:0x3E

10.0.10.237:1648 -> 10.0.10.236:12345 TCP TTL:128 TOS:0x0 ID:4976 IpLen:20

DgmLen:48

******S* Seq: 0x38E4CF5C Ack: 0x0 Win: 0x4000 TcpLen: 28

TCP Options (4) => MSS: 1460 NOP NOP SackOK

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

10\28-01:45:18.813837 0:D0:9:7E:E5:E9 -> 0:D0:9:68:87:2C type:0x800 len:0x3E

10.0.10.237:1650 -> 10.0.10.238:12345 TCP TTL:128 TOS:0x0 ID:4979 IpLen:20

DgmLen:48

******S* Seq: 0x38E692B6 Ack: 0x0 Win: 0x4000 TcpLen: 28

TCP Options (4) => MSS: 1460 NOP NOP SackOK

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

10\28-01:45:18.833772 0:D0:9:7E:E5:E9 -> 0:D0:9:69:48:E3 type:0x800 len:0x3E

10.0.10.237:1651 -> 10.0.10.239:12345 TCP TTL:128 TOS:0x0 ID:4980 IpLen:20

DgmLen:48

******S* Seq: 0x38E7211C Ack: 0x0 Win: 0x4000 TcpLen: 28

TCP Options (4) => MSS: 1460 NOP NOP SackOK


=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

Looking at the types of traffic that are hitting your network, what types of attacks

are you dealing with, and what is the best solution for mitigating those attacks?}


  1. There is a clear attack pattern, where the attacker is looking for packets that are formed with a TTL of 128, followed by a TTL of 44. Finally, the attacker is looking to exploit the NOP SackOK vulnerability.To mitigate these attacks, you recommend implementing a new firewall on the outside of the router, designed with rules to specifically stop these attacks, allowing the rest of the traffic through to your router and the rest of your perimeter defense.

  2. There is a clear pattern of attack, starting with general reconnaissance to see which

    systems are up and running to respond to attack inquiries. Next, the attacks show port scans, looking specifically for open ports on a unique host, and then moving to searching out NetBus and SubSeven servers.To mitigate these attacks, you do not recommend any new technology. You feel that your firewall, IDS, and routers will properly address these types of attacks.

  3. Looking at the traffic, you are unable to identify any pattern of attack. You see normal

    legitimate traffic, the type of which you see every day. The traffic that you have captured provides you no clues as to the current attacks against your network, and as such you make no recommendations to mitigate.

  4. There is a clear attack pattern, where the attacker first is checking to see which hosts will reply to sequential packets, followed by vulnerability checking for the IPLen:20 server

    vulnerability.To mitigate these attacks, you recommend reconfiguring the access control lists on the routers, specifically to address the IPLen:20 attack, and to address the sequential

    packet attack. You recommend that with the router configuration change, the threats will be properly addressed.

  5. There is a clear pattern of attack, starting with the attacker looking for hosts that will respond to the ID:3 vulnerability. Once identified, the attacker runs a second set of scans,

looking for hosts that are vulnerable to a TOS:0x0 attack, and finally running a scan to check for hosts that are vulnerable to the MSS: 1460 NOP attack.To mitigate these attacks, you

recommend implementing a new firewall on the outside of the router, designed with rules to specifically stop these attacks, allowing the rest of the traffic through to your router and the

rest of your perimeter defense.


Answer: B


SCP SC0-502 Exam (Security Certified Program) Detailed Information

">SC0-502 SCP Security Certified Program Visit: Pass4sureofficial.com.

1 ">SC0-502 SCP Security Certified Program : Pass4sureofficialm is a reputable IT certification examination guide, study guides and audio exam provider, we not only ensure that you pass your ">SC0-502 exam in first attempt, but also you can get a high score to acquire SCP certification. If you use pass4sureofficial ">SC0-502 Certification questions and answers, you will experience actual ">SC0-502 exam questionsanswers. We know exactly what is needed and have all the exam preparation material required to pass the exam. Our SCP exam prep covers over 95% of the questions and answers that may be appeared in your ">SC0-502 exam. Every point from pass4sure ">SC0-502 PDF, ">SC0-502 review will help you take SCP ">SC0-502 exam much easier and become SCP certified. All the QuestionsAnswers are taken from real exams. Here's what you can expect from the Pass4sureOfficial SCP ">SC0-502 course: * Up-to-Date SCP ">SC0-502 questions taken from the real exam. * 100% correct SCP ">SC0-502 answers you simply can't find in other ">SC0-502 courses. * All of our tests are easy to download. Your file will be saved as a ">SC0-502 PDF. * SCP ">SC0-502 brain dump free content featuring the real ">SC0-502 test questions. SCP ">SC0-502 certification exam is of core importance both in your Professional life and SCP certification path. With SCP certification you can get a good job easily in the market and get on your path for success. Professionals who passed SCP ">SC0-502 exam training are an absolute favorite in the industry. You will pass SCP ">SC0-502 certification test and career opportunities will be open for you.

2 ">SC0-502 QUESTION 1 Now that you have Certkiller somewhat under control, you are getting ready to go home for the night. You have made good progress on the network recently, and things seem to be going smoothly. On your way out, you stop by the CEO's office and say good night. You are told that you will be meeting in the morning, so try to get in a few minutes early. The next morning, you get to the office 20 minutes earlier than normal, and the CEO stops by your office, "Thanks for coming in a bit early. No problem really, I just wanted to discuss with you a current need we have with the network." "OK, go right ahead." You know the network pretty well by now, and are ready for whatever is thrown your way. "We are hiring 5 new salespeople, and they will all be working from home or on the road. I want to be sure that the network stays safe, and that they can get access no matter where they are." "Not a problem," you reply. "I'll get the plan for this done right away." "Thanks a lot, if you have any questions for me, just let me know." You are relieved that there was not a major problem and do some background work for integrating the new remote users. After talking with the CEO more, you find out that the users will be working from there home nearly all the time, with very little access from on the road locations. The remote users are all using Windows 2000 Professional, and will be part of the domain. The CEO has purchased all the remote users brand new Compaq laptops, just like the one used in the CEO's office, and which the CEO takes home each night; complete with DVD\CD-burner drives,built-in WNICs, 17"LCD widescreen displays, oversized hard drives, a gig of memory, and fast processing. 'I wish I was on the road to get one of those,' you think. You start planning and decide that you will implement a new VPN Server next to the Web and FTP Server. You are going to assign the remote users IP Addresses: ~ , and will configure the systems to run Windows 2000 Professional. Based on this information, and your knowledge of the Certkiller network up to this point, choose the best solution for the secure remote user needs:} A. You begin with configuring the VPN server, which is running Windows 2000 Server. You create five new accounts on that system, granting each of them the Allow Virtual Private Connections right in Active Directory Users and Computers. You then configure the range of IP Addresses to provide to the clients as: through Next, you configure five IPSec Tunnel endpoints on the server, each to use L2TP as the protocol. Then, you configure the clients. On each system, you configure a shortcut on the desktop to use to connect to the VPN. The shortcut is configured to create an L2TP IPSec tunnel to the VPN server. The connection itself is configured to exchange keys with the user's ISP to create a tunnel between the user's ISP endpoint and the Certkiller VPN Server. B. To start the project, you first work on the laptops you have been given. On each laptop, you configure the system to make a single Internet connection to the user's ISP.

3 ">SC0-502 Next, you configure a shortcut on the desktop for the VPN connection. You design the connection to use L2TP, with port filtering on outbound UDP 500 and UDP When a user double-clicks the desktop icon you have it configured to make an automatic tunnel to the VPN server. On the VPN server, you configure the system to use L2TP with port filtering on inbound UDP 500 and UDP You create a static pool of assigned IP Address reservations for the five remote clients. You configure automatic redirection on the VPN server in the routing and remote access MMC, so once the client has connected to the VPN server, he or she will automatically be redirected to the inside network, with all resources available in his or her Network Neighborhood. C. You configure the VPN clients first, by installing the VPN High Encryption Service Pack. With this installed, you configure the clients to use RSA, with 1024-bit keys. You configure a shortcut on the desktop that automatically uses the private\public key pair to communicate with the VPN Server, regardless of where the user is locally connected. On the VPN Server, you also install the VPN High Encryption Service Pack, and configure 1024-bit RSA encryption. You create five new user accounts, and grant them all remote access rights, using Active Directory Sites and Services. You configure the VPN service to send the server's public key to the remote users upon the request to configure the tunnel. Once the request is made, the VPN server will build the tunnel, from the server side, to the client. D. You decide to start the configuration on the VPN clients. You create a shortcut on the desktop to connect to the VPN Server. Your design is such that the user will simply double-click the shortcut and the client will make the VPN connection to the server, using PPTP. You do not configure any filters on the VPN client systems. On the VPN Server, you first configure routing and remote access for the new accounts and allow them to have Dial-In access. You then configure a static IP Address pool for the five remote users. Next, you configure the remote access policy to grant remote access, and you implement the following PPTP filtering: ùInbound Protocol 47 (GRE) allowed ùInbound TCP source port 0, destination port 1723 allowed ùInbound TCP source port , destination port allowed ùOutbound Protocol 47 (GRE) allowed ùOutbound TCP source port 1723, destination port 0 allowed ùOutbound TCP source port , destination port allowed E. You choose to configure the VPN server first, by installing the VPN High Encryption Service Pack and the HISECVPN.INF built-in security template through the Security Configuration and Analysis Snap-In. Once the Service pack and template are installed, you configure five user accounts and a static pool of IP Addresses for each account. You then configure the PPTP service on the VPN server, without using inbound or outbound filters - due to the protection of the Service Pack. You grant each user the right to dial into the server remotely, and move on to the laptops. On each laptop, you install the VPN High Encryption Service Pack, to bring the security level of the laptops up to the same level as the VPN server. You then configure a shortcut on each desktop that controls the direct transport VPN connection from the client to the server.

4 ">SC0-502 Answer: D QUESTION 2 For three years you have worked with Certkiller doing occasional network and security consulting. Certkiller is a small business that provides real estate listings and data to realtors in several of the surrounding states. The company is open for business Monday through Friday from 9 am to 6 pm, closed all evenings and weekends. Your work there has largely consisted of advice and planning, and you have been frequently disappointed by the lack of execution and follow through from the full time staff. On Tuesday, you received a call from Certkiller 's HR director, "Hello, I'd like to inform you that Red (the full time senior network administrator) is no longer with us, and we would like to know if you are interested in working with us full time." You currently have no other main clients, so you reply, "Sure, when do you need me to get going?" "Today," comes the fast and direct response. Too fast, you think. "What is the urgency, why can't this wait until tomorrow?" "Red was let go, and he was not happy about it. We are worried that he might have done something to our network on the way out." "OK, let me get some things ready, and I'll be over there shortly." You knew this would be messy when you came in, but you did have some advantage in that you already knew the network. You had recommended many changes in the past, none of which would be implemented by Red. While pulling together your laptop and other tools, you grab your notes which have an overview of the network: Certkiller network notes: Single Internet access point, T1, connected to Certkiller Cisco router. Router has E1 to a private web and ftp server and E0 to the LAN switch. LAN switch has four servers, four printers, and 100 client machines. All the machines are running Windows Currently, they are having their primary web site and hosted by an ISP in Illinois. When you get to Certkiller, the HR Director and the CEO, both of whom you already know, greet you. The CEO informs you that Red was let go due to difficult personality conflicts, among other reasons, and the termination was not cordial. You are to sign the proper employment papers, and get right on the job. You are given the rest of the day to get setup and running, but the company is quite concerned about the security of their network. Rightly so, you think, 'If these guys had implemented even half of my recommendations this would sure be easier.' You get your equipment setup in your new oversized office space, and get started. For the time you are working here, your IP Address is with a mask of \16. One of your first tasks is to examine the router's configuration. You console into the router, issue a show running-config command, and get the following output: MegaOne#show running-config Building configuration... Current configuration: ! version 12.1

5 ">SC0-502 service udp-small-servers service tcp-small-servers ! hostname MegaOne ! enable secret 5 $1$7BSK3$H394yewhJ45JAFEWU enable password clever ! no ip name-server no ip domain-lookup ip routing ! interface Ethernet0 no shutdown ip address no ip directed-broadcast ! interface Ethernet1 no shutdown ip no ip directed-broadcast ! interface Serial0 no shutdown ip no ip directed-broadcast clockrate bandwidth 1024 encapsulation hdlc ! ip route ! line console 0 exec-timeout 0 0 transport input all line vty 0 4 password remote login ! end After analysis of the network, you recommend that the router have a new configuration. Your goal is to make the router become part of your layered defense, and to be a system configured to help secure the network. You talk to the CEO to get an idea of what the goals of the router should be in the new configuration.All your conversations are to go through the CEO;this is whom you also are to report to.

6 ">SC0-502 "OK, I suggest that the employees be strictly restricted to only the services that they must access on the Internet." You begin. "I can understand that, but we have always had an open policy. I like the employees to feel comfortable, and not feel like we are watching over them all the time. Please leave the connection open so they can get to whatever they need to get to. We can always reevaluate this in an ongoing basis." "OK, if you insist, but for the record I am opposed to that policy." "Noted," responds the CEO, somewhat bluntly. "All right, let's see, the private web and ftp server have to be accessed by the Internet, restricted to the accounts on the server. We will continue to use the Illinois ISP to host our main web site and to host our . What else, is there anything else that needs to be accessed from the Internet?" "No, I think that's it. We have a pretty simple network, we do everything in house." "All right, we need to get a plan in place as well right away for a security policy. Can we set something up for tomorrow?" you ask. "Let me see, I'll get back to you later." With that the CEO leaves and you get to work. Based on the information you have from Certkiller;knowing that router must be an integral part of the security of the organization, select the best solution to the organization's router problem:} A. You backup the current router config to a temp location on your laptop. Friday night, you come in to build the new router configuration. Using your knowledge of the network, and your conversation with the CEO, you build and implement the following router configuration: MegaOne#configure terminal MegaOne(config)#no cdp run MegaOne(config)#no ip source-route MegaOne(config)#no ip finger MegaOne(config)#access-list 175 permit tcp any eq 80 MegaOne(config)#access-list 175 permit tcp any eq 20 MegaOne(config)#access-list 175 permit tcp any eq 21 MegaOne(config)#access-list 175 permit tcp any established MegaOne(config)#access-list 175 deny ip any MegaOne(config)#access-list 175 deny ip any MegaOne(config)#access-list 175 deny ip any MegaOne(config)#access-list 175 deny ip any MegaOne(config)#access-list 175 deny ip any MegaOne(config)#access-list 175 permit ip any MegaOne(config)#access-list 175 permit udp any MegaOne(config)#access-list 175 permit icmp any MegaOne(config)#interface serial 0 MegaOne(config-if)#ip access-group 175 in MegaOne(config-if)#no ip directed broadcast MegaOne(config-if)#no ip unreachables MegaOne(config-if)#Z

7 Pass4SureOfficialm Lifetime Membership Features; Pass4SureOfficial Lifetime Membership Package includes over 2500 Exams. All exams Questions and Answers are included in package. All Audio Guides are included free in package. All Study Guides are included free in package. Lifetime login access. Unlimited download, no account expiry, no hidden charges, just one time $99 payment. Free updates for Lifetime. Free Download Access to All new exams added in future. Accurate answers with explanations (If applicable). Verified answers researched by industry experts. Study Material updated on regular basis. Questions, Answers and Study Guides are downloadable in PDF format. Audio Exams are downloadable in MP3 format. No authorization code required to open exam. Portable anywhere. 100% success Guarantee. Fast, helpful support 24x7. View list of All exams (Q&A) downloads View list of All Study Guides (SG) downloads View list of All Audio Exams (AE) downloads Download All Exams Samples To purchase $99 Lifetime Full Access Membership click here 3COM ADOBE APC Apple BEA BICSI CheckPoint Cisco Citrix CIW CompTIA ComputerAssociates CWNP DELL ECCouncil EMC Enterasys ExamExpress Exin ExtremeNetworks Filemaker Fortinet Foundry Fujitsu GuidanceSoftware HDI Hitachi HP Huawei Hyperion IBM IISFA Intel ISACA ISC2 ISEB ISM Juniper Legato Lotus LPI McAfee McData Microsoft Mile2 NetworkAppliance Network-General Nokia Nortel Novell OMG Oracle PMI Polycom RedHat Sair SASInstitute SCP See-Beyond SNIA Sun Sybase Symantec TeraData TIA Tibco TruSecure Veritas Vmware

TestKing ">SC0-502 Exam Simulator v.2.1



Advertisement

Advertisement

We are all well aware that a major problem in the IT industry is that there is a lack of quality SCP ">SC0-502 Test Prep study materials. Our Certification SCP ">SC0-502 Exam Preparation Materials provide you everything you will need to take a certification examination. Details are researched and produced by Certification Experts who are constantly using industry experience to produce precise, logical and verified explanations for the answers. You may get questions from different web sites or books, but logic is the key. SCP ">SC0-502 Exam Preparation from Testking include: Comprehensive ">SC0-502 brain dumps questions with complete details Detailed explanations of all the questions (when available) Questions accompanied by exhibits Verified Answers Researched by Industry Experts Drag and Drop questions as experienced in the ">SC0-502 study guides and Actual Exams Questions updated on regular basis These questions and answers are backed by our GUARANTEE. Like actual certification exams our product is in multiple-choice questions (MCQs). Our SCP ">SC0-502 Test King Exam will provide you with exam questions and verified answers that reflect the actual exam. These questions and answers provide you with the experience of taking the actual test. The practice exam is not just questions and answers. They are your access to high technical expertise and accelerated learning capacity. Our SCP ">SC0-502 braindumps and questions have detailed explanations for every answer and thus ensures that you fully understand the questions and the concept behind the questions. Certification Experts, Certified Computer Trainers, Technical Coworker and Comprehensive Language Masters, who have a solid, verified and certified background and high technical expertise, have compiled these detailed explanations. Certification preparation Q and A provided by SCP ">SC0-502 TestKing will make you feel like you are taking an actual exam at a Prometric or VUE center.

We are all well aware that a major problem in ... SCP ">SC0-502 Exam Simulator with Explainations and Exhibits ...

exam, industry, test, questions

  • File Name:TestKing ">SC0-502 Exam Simulator
  • Version:2.1
  • :Testkingm
  • Runs on:Win98,WinME,WinNT 4.x,Windows2000,WinXP,Windows2003
  • Rating:
  • License:Demo
  • File Size:604 Kb
  • Downloads:3222
  • Price:
  • Review TestKing ">SC0-502 Exam Simulator 

    Other software of Testkingm

    

    New Training Tools software




  • HGCSOFT Sitemap
    HGCSOFT PDF SITEMAP
    AT-Capital
    Top Softwares for Download
    Pass4sure
    Certification Exams Database