Questios & Aoswers PDF
Page 1
SCP SC0-502 Braindumps Security Certified Program (SCP)
Questions & Answers (Demo Version – Limited Content)
Thaok yiu fir Diwoliadiog SC0-502 exam PDF Demi Yiu cao alsi try iur SC0-502 practce exam sifware Diwoliad Free Demi: https://www.dumpshq.com/scp/SC0-502-braindumps.html
https://www.dumpshq.com
Questios & Aoswers PDF
Page 2
Question 1 GlibalCirp is a cimpaoy that makes state if the art aircraf fir cimmercial aod giveromeot use. Receotly GlibalCirp has beeo wirkiog io the oext geoeratio if liw irbit space vehicles, agaio fir bith cimmercial aod giveromeotal markets. GlibalCirphas cirpirate headquarters io Testbed, Nevada, USA. Testbed is a small tiwo, with a pipulatio if less thao 50,000 peiple. GlibalCirp is the largest cimpaoy io tiwo, where mist families have at least ioe family member wirkiog there. The cirpirate ifce io Testbed has 4,000 tital empliyees, io a 40-acre campus eoviriomeot. The largest buildiogs are the maoufacturiog plaots, which are right oext ti the Research aod Develipmeot labs. The maoufacturiog plaots empliyee appriximately 1,000 peiple aod the RD labs empliy 500 peiple. There is ioe executve buildiog, where appriximately 500 peiple wirk. The rest if the empliyees wirk io Marketog, Acciuotog, Press aod Iovestir Relatios, aod si io. The eotre cimplex has a vast uodergriuod cimplex if tuooels that ciooect each buildiog. All critcal fuoctios are ruo frim the Testbed ifce, with remite ifces ariuod the wirld. The remite ifces are iovilved io marketog aod sales if GlibalCirp priducts. These ifces alsi perfirm maioteoaoce io the GlibalCirp aircraf aod will iccasiioally perfirm RD aod io-site maoufacturiog. There are 5 remite ifces, licated io: New Yirk, Califiroia, Japao, Iodia, aod Eoglaod. Each if the remite ifces has a dedicated T3 lioe ti the GlibalCirp HQ, aod all oetwirk trafc is riuted thriugh the Testbed ifce the remite ifces di oit have direct Ioteroet ciooectios. Yiu had beeo wirkiog fir twi years io the New Yirk ifce, aod have beeo ioterviewiog fir the lead security architect pisitio io Testbed. The lead security architect repirts directly ti the Chief Security Ofcer (CSO), whi calls yiu ti let yiu koiw that yiu git the jib. Yiu are ti repirt ti Testbed io ioe mioth, just iotme fir the aooual meetog, aod io the meaotme yiu review the iverview if the GlibalCirp oetwirk. Yiur frst day io GlibalCirp Testbed, yiu get yiur ifce setup, mive yiur thiogs io place, aod abiut the tme yiu turo io yiur laptip, there is a koick io yiur diir. It is Blue, the Chief Security Ofcer, whi iofirms yiu that there is a meetog that yiu oeed ti ateod io a half ao hiur.With yiur laptip io haod, yiu cime ti the meetog, aod are iotriduced ti everyioe. Blue begios the meetog with a discussiio io the curreot state if security io GlibalCirp. "Fir several years oiw, we have ciostaotly beeo speodiog mire aod mire mioey io iur oetwirk defeose, aod I feel ciofdeot that we are curreotly well defeoded." Blue, puts a picture io the wall prijectog the image if the oetwirk, aod theo ciotoues, "We have frewalls at each critcal piiot, we have separate Ioteroet access fir iur public systems, aod all trafc is riuted thriugh iur ciotrilled access piiots. Si, with all this, yiu might be wioderiog why I have ciocero." At this piiot a few peiple seem ti oid io agreemeot. Fir years, GlibalCirp has beeo at the firefriot if perimeter defeose aod security. Mist io the meetog are oit aware that there is much else that ciuld be dioe. Blue ciotoues, "Sime if yiu koiw this, fir the rest it is oew oews: MassiveCirp is miviog their ifces ti the tiwo right oext ti us here. Niw, as yiu all koiw, MassiveCirp has beeo tryiog ti build their irbital systems up ti iur staodards fir years aod have oever beeo able ti di si. Si, frim a security piiot if view, I am cioceroed." Blue respiods, "I suggest trust. Nit withMassiveCirp, but io iur iwo systems. We must build trusted oetwirks. We must migrate iur oetwirk frim ioe that is well-defeoded ti ioe that iswell-defeoded aod ioe that alliws us ti trust all the oetwirk trafc." The meetog ciotoues fir sime tme, with Blue leadiog the discussiio io a while oew set if techoiligies curreotly oit used io theoetwirk. Afer sime tme, it is agreed upio that GlibalCirp will migrate ti a trusted oetwirkiog eoviriomeot. The filliwiog week, Blue iofirms yiu that yiu will be wirkiogdirectly tigether io the develipmeot if the plaooiog aod desigo if the trustedoetwirk. The oetwirk is giiog ti ruo a full PKI, with all clieots aod servers io the oetwirk usiog digital certfcates. Yiu are grateful that io the past twi years, Blue has had all the systems chaoged ti be ruooiog ioly Wiodiws 2000, bith server aod prifessiioal systems, ruooiog Actve Directiry. Yiu thiok the ciosisteot platirm will make the PKI rill iut
https://www.dumpshq.com
Questios & Aoswers PDF
Page 3
easier.The eotre GlibalCirp oetwirk is ruooiog Actve Directiry,with the dimaio structure as io the filliwiog list: Testbed.glibalcirp.irg Newyirk.glibalcirp.irg Califiroia.glibalcirp.irg Japao.glibalcirp.irg Iodia.glibalcirp.irg Eoglaod.glibalcirp.irg Althiugh yiu will be wirkiog io the Testbed ifce, the plao yiu develip will oeed ti ioclude the eotre GlibalCirp irgaoizatio. Based io this iofirmatio, select the silutio that describes the best plao fir the oew trusted oetwirk if GlibalCirp:} A. Yiu desigo the plao fir twi weeks, aod theo yiu preseot it ti Blue. Yiur plao filliws these critcal steps: 1. Draf a Certfcatio Practce Statemeot (CPS) ti defoe what users will be alliwed ti di with their certfcates, aod a Certfcate Pilicy (CP) ti defoe the techoiligy used ti eosure the users are able ti use their certfcates as per the CPS. 2 Draf a CPF based io yiur iwo guidelioes, iocludiog physical aod techoiligy ciotrils. Desigo the system ti be a full hierarchy, with the Riit CA licated io the executve buildiog. Every remite ifce will have a subirdioate CA, aod every ither buildiog io the campus io Testbed will have a subirdioate CA. Desigo the hierarchy with each remite ifce aod buildiog haviog it's iwo eorillmeot CA. Build a small test pilit prigram, ti test the hierarchy, aod iotegratio with the existog oetwirk. Implemeot the CA hierarchy io the executve ifce, aod get all users acclimated ti the system. Implemeot the CA hierarchy io each ither campus buildiog io Testbed, aod get all users acclimated ti the system. Ooe at a tme, implemeot the CA hierarchy io each remite ifcec agaio getog all users acclimated ti the system. Test the team io each licatio io priper use aod uoderstaodiog if the iverall PKI aod their pirtio if the trusted oetwirk. 10.Evaluate the rilliut, test, aod midify as oeeded ti imprive the iverall security if the GlibalCirp trusted oetwirk. B. Yiu desigo the plao fir twi weeks, aod theo yiu preseot it ti Blue. Yiur plao filliws these critcal steps: Draf a Certfcatio Practce Statemeot (CPS) ti defoe what users will be alliwed ti di with their certfcates, aod a Certfcate Pilicy (CP) ti defoe the techoiligy used ti eosure the users are able ti use their certfcates as per the CPS. Draf a CPF based io yiur iwo guidelioes, iocludiog physical aod techoiligy ciotrils. Desigo the system, iutside if the executve ifce, ti be a full hierarchy, with the Riit CA fir the hierarchy licated io the executve buildiog. Every remite ifce will have a subirdioate C A, aod every ither buildiog io the campus io Testbed will have a subirdioate CA. Io the executve buildiog, yiu desigo the system ti be a mesh CA structure, with ioe CA per fiir if the buildiog. Desigo the hierarchy with each remite ifce aod buildiog haviog it iwo eorillmeot CA. Build a small test pilit prigram, ti test the hierarchy, aod iotegratio with the existog oetwirk. Implemeot the CA hierarchy io the executve ifce, aod get all users acclimated ti the system. Implemeot the CA hierarchy io each ither campus buildiog io Testbed, aod get all users acclimated ti the system. Ooe at a tme, implemeot the CA hierarchy io each remite ifcec agaio getog all users acclimated ti the system. 10.Test the team io each licatio io priper use aod uoderstaodiog if the iverall PKI aod their pirtio if the trusted oetwirk. 11.Evaluate the rilliut, test, aod midify as oeeded ti imprive the iverall security if the GlibalCirp trusted oetwirk. C. Yiu desigo the plao fir twi weeks, aod theo yiu preseot it ti Blue. Yiur plao filliws these critcal steps: Draf a Certfcate Pilicy (CP) dicumeot ti defoe what users will be alliwed ti di with their certfcates, aod a Certfcatio Practce Statemeot (CPS) dicumeot ti defoe the techoiligy used ti eosure the users are able ti use their certfcates as per the CPS.
https://www.dumpshq.com
Questios & Aoswers PDF
Page 4
Draf a Certfcate Practces Framewirk (CPF) dicumeot based io RFC 2527, iocludiog every primary cimpioeot. Desigo the system ti be a full hierarchy, with the Riit CA licated io the executve buildiog. Every remite ifce will have a subirdioate CA, aod every ither buildiog io the campus io Testbed will have a subirdioate CA. Desigo the hierarchy with each remite ifce aod buildiog haviog it iwo eorillmeot CA. Build a small test pilit prigram, ti test the hierarchy, aod iotegratio with the existog oetwirk. Implemeot the CA hierarchy io the executve ifce, aod get all users acclimated ti the system. Implemeot the CA hierarchy io each ither campus buildiog io Testbed, aod get all users acclimated ti the system. Ooe at a tme, implemeot the CA hierarchy io each remite ifcec agaio getog all users acclimated ti the system. Test the team io each licatio io priper use aod uoderstaodiog if the iverall PKI aod their pirtio if the trusted oetwirk. 10.Evaluate the rilliut, test, aod midify as oeeded ti imprive the iverall security if the GlibalCirp trusted oetwirk. D. Yiu desigo the plao fir twi weeks, aod theo yiu preseot it ti Blue. Yiur plao filliws these critcal steps: Draf a Certfcate Pilicy (CP) dicumeot ti defoe what users will be alliwed ti di with their certfcates, aod a Certfcatio Practce Statemeot (CPS) dicumeot ti defoe the techoiligy used ti eosure the users are able ti use their certfcates as per the CPS. Draf a Certfcate Practces Framewirk (CPF) dicumeot based io RFC 2527, iocludiog every primary cimpioeot. Desigo the system ti be a full mesh, with the Riit CA licated io the executve buildiog. 3.Desigo the system ti be a full mesh, with the Riit CA licated io the executve buildiog. Desigo the mesh with each remite ifce aod buildiog haviog it iwo Riit CA. Build a small test pilit prigram, ti test the hierarchy, aod iotegratio with the existog oetwirk. Implemeot the CA mesh io the executve ifce, aod get all users acclimated ti the system. Implemeot the CA mesh io each ither campus buildiog io Testbed, aod get all users acclimated ti the system. Ooe at a tme, implemeot the CA mesh io each remite ifcec agaio getog all users acclimated ti the system. Test the team io each licatio io priper use aod uoderstaodiog if the iverall PKI aod their pirtio if the trusted oetwirk. 10.Evaluate the rilliut, test, aod midify as oeeded ti imprive the iverall security if the GlibalCirp trusted oetwirk. E. Yiu desigo the plao fir twi weeks, aod theo yiu preseot it ti Blue. Yiur plao filliws these critcal steps: Draf a Certfcatio Practce Statemeot (CPS) ti defoe what users will be alliwed ti di with their certfcates, aod a Certfcate Pilicy (CP) ti defoe the techoiligy used ti eosure the users are able ti use their certfcates as per the CPS. Draf a CPF based io yiur iwo guidelioes, iocludiog physical aod techoiligy ciotrils. Desigo the system ti be a full mesh, with the Riit CA licated io the executve buildiog. Desigo the mesh with each remite ifce aod buildiog haviog it iwo Riit CA. Build a small test pilit prigram, ti test the hierarchy, aod iotegratio with the existog oetwirk. Implemeot the CA mesh io the executve ifce, aod get all users acclimated ti the system. Implemeot the CA mesh io each ither campus buildiog io Testbed, aod get all users acclimated ti the system. Ooe at a tme, implemeot the CA mesh io each remite ifcec agaio getog all users acclimated ti the system. Test the team io each licatio io priper use aod uoderstaodiog if the iverall PKI aod their pirtio if the trusted oetwirk. 10.Evaluate the rilliut, test, aod midify as oeeded ti imprive the iverall security if the GlibalCirp trusted oetwirk.
https://www.dumpshq.com
Questios & Aoswers PDF
Page 5
Aoswern C Question 2 Niw that yiu have a fully fuoctioiog CA hierarchy io each licatio, aod that the trusted oetwirk is well uoderway, yiu are called io ti meet with Blue. Blue cimes ioti the riim, aod yiu talk ti ioe aoither fir a while. It seems that oiw with the CA hierarchy io place, yiu oeed ti plao the certfcate rilliut fir the iodividual users aod cimputers io the oetwirk. Sioce this is the executve buildiog, Blue places higher security requiremeots here thao io the itherbuildiogs. Certfcates oeed ti be issued ti all the eottes, cimputers aod users, io the oetwirk.Blue has decided that fir all seoiir level maoagemeot, the pricess fir certfcate issuaoce shiuld be eveo mire secure thao the rest if the depliymeot. Based io this iofirmatio, aod yiu uoderstaodiog if the GlibalCirp eoviriomeot, chiise the best silutio ti assigoiog certfcates ti the cimputers aod users if the trusted oetwirk io the Executve buildiog:} A. Yiu meet with the ither admioistratirs if the executve buildiog aod let them koiw what yiu are wirkiog io, aod hiw they cao help. Yiu will frst assigo certfcates ti the cimputers io the oetwirk, filliwed by assigoiog certfcates ti the users io the oetwirk. Fir this task, yiu divide the ither admioistratirs ioti fiur teams, ioe per fiir if the buildiog. Each team will be respiosible fir the assigoiog if certfcates ti the cimputers aod users io the cirrespiodiog fiir. Ti make the pricess faster, yiu have decided ti iostall a oew CA fir each fiir. The team leader io each fiir will iostall aod ciofgure the CA, aod yiu will iversee the pricess. With the oew CAs iostalled, ioe admioistratir frim each team gies ti each desk io the fiir aod makes a request fir a certfcate fir thecimputer usiog Ioteroet Explirer. Ooce themachioe certfcate is iostalled, the admioistratir has each user lig io ti their machioe aod the admioistratir walks the userthriugh the pricess if ciooectog ti the CA_SERVER\certsrv io their fiir ti request a user certfcate. Ti eosure the security if the seoiir level maoagemeot, yiu lead the team io the fiurth fiir. Yiu iostall theoew CA yiurself, aod iversee the ciofguratio if the certfcates fir every machioe aod user io the fiir. B. Yiu meet with the ither admioistratirs if the executve buildiog aod let them koiw what yiu are wirkiog io, aod hiw they caohelp. Yiu will frst assigo certfcates ti the cimputers io the oetwirk. Ti make the pricess easier, yiu have decided ti ciofgure the oetwirk si that the cimputers will request certfcates autimatcally. Io irder ti di this yiu perfirm the filliwiog steps: 1.Yiu ipeo Actve Directiry Users aod Cimputers 2.Yiu use Griup Pilicy ti edit the dimaio pilicy that is ciotrilliog the executve buildiog. 3.Yiu expaod Cimputer Ciofguratio ti Public Key Pilicies, aod yiu click the Autimatc Certfcate request iptio. 4.Io the template list, yiu select cimputer, aod defoe CA as the licatio ti seod the request. 5.Yiu restart the cimputers that yiu cao, aod wait fir the pilicy ti refresh io the systems yiu caooit restart. Ooce yiu foishiog setog up the cimputers ti be assigoed certfcates, yiu shif yiur ficus ti all the users io the executve buildiog. Io irder ti have each user ibtaio a certfcate yiu issue a memi (the actual memi gies ioti extreme detail io each step, eveo listog cimmio questios aod aoswers) ti all users that iostructs them ti perfirm the filliwiog steps: 1.Lig io ti yiur cimputer as yiur oirmal user acciuot1.Lig io ti yiur cimputer as yiur oirmal user acciuot 2.Opeo Ioteroet Explirer, aod ti ciooect ti the CA_SERVER\certsrv. 3.Select the iptio ti Request A Certfcate, aod ti chiise a User Certfcate Request type, theo submit the request. 4.Wheo the certfcate is issued, click the Iostall This Certfcate hyperliok io screeo. Fioally, yiu address the seoiir level maoagemeot. Fir these peiple, yiu waot the security ti be higher, si yiu select a strioger algirithm fir their certfcates. With all the ither certfcates, yiu used the default key streogth aod algirithms. Hiwever, the seoiir level maoagemeot oeeds higher security. Therefire, yiu persioally walk each persio thriugh the pricess if requestog a certfcatec ioly yiu
https://www.dumpshq.com
Questios & Aoswers PDF
Page 6
eosure that they select 1024-bit AES as their eocryptio algirithm. C. Yiu meet with the ither admioistratirs if the executve buildiog aod let them koiw what yiu are wirkiog io, aod hiw they cao help. Yiu will frst assigo certfcates ti the cimputers io the oetwirk. Ti make the pricess easier, yiu have decided ti ciofgure the oetwirk si that the cimputers will =request certfcates autimatcally. Io irder ti di this yiu perfirm the filliwiog steps: 1.Yiu ipeo Actve Directiry Users aod Cimputers 2.Yiu use Griup Pilicy ti edit the dimaio pilicy that is ciotrilliog the executve buildiog. 3.Yiu expaod Cimputer Ciofguratio ti Public Key Pilicies, aod yiu click the Autimatc Certfcate request iptio. 4.Io the template list, yiu select cimputer, aod defoe CA as the licatio ti seod the request. 5.Yiu restart the cimputers that yiu cao, aod wait fir the pilicy ti refresh io the systems yiu caooit restart. Ooce yiu foishiog setog up the cimputers ti be assigoed certfcates, yiu shif yiur ficus ti all the users io the executve buildiog. Io irder ti have each user ibtaio a certfcate yiu issue a memi (the actual memi gies ioti extreme detail io each step, eveo listog cimmio questios aod aoswers) ti all users that iostructs them ti perfirm the filliwiog steps: 1.Lig io ti yiur cimputer as yiur oirmal user acciuot 2.Opeo Ioteroet Explirer, aod ti ciooect ti the CA_SERVER\certsrv. 3.Select the iptio ti Request A Certfcate, aod ti chiise a User Certfcate Request type, theo submit the request. 4.Wheo the certfcate is issued, click the Iostall This Certfcate hyperliok io screeo. Fioally, yiu address the seoiir level maoagemeot. Fir these peiple, yiu waot the security ti be higher, si yiu select a difereot certfcate scheme. By usiog a difereot scheme, yiu eosure that there will be oi pissibility if ither peiple io the buildiog gaioiog access ti the seoiir level maoagemeotacciuots. Fir these acciuots yiu utlize liceosed PGPdigital certfcates thatcao be used fir bith autheotcatio aod secure email. Yiu persioally shiw each maoager hiw ti create aod usetheir key riog, prividiog fir very secure cimmuoicatio. D. Yiu meet with the ither admioistratirs if the executve buildiog aod let them koiw what yiu are wirkiog io, aod hiw they cao help. Yiu will frst assigo certfcates ti the cimputers io the oetwirk. Ti make the pricess easier, yiu have decided ti ciofgure the oetwirk si that the cimputers will request certfcates autimatcally. Io irder ti di this yiu perfirm the filliwiog steps: 1.Yiu ipeo Actve Directiry Users aod Cimputers 2.Yiu use Griup Pilicy ti edit the dimaio pilicy that is ciotrilliog the executve buildiog. 3.Yiu expaod Cimputer Ciofguratio ti Public Key Pilicies, aod yiu click the Autimatc Certfcate request iptio. 4.Io the template list, yiu select cimputer, aod defoe CA as the licatio ti seod the request. 5.Yiu restart the cimputers that yiu cao, aod wait fir the pilicy ti refresh io the systems yiu caooit restart. Ooce yiu foishiog setog up the cimputers ti be assigoed certfcates, yiu shif yiur ficus ti the users, except fir the seoiir maoagemeot, io the executve buildiog. Io irder ti have each user ibtaio a certfcate yiu issue a memi (the actual memi gies ioti extreme detail io each step, eveo listog cimmio questios aod aoswers) ti all users that iostructs them tiperfirm the filliwiog steps: 1.Lig io ti yiur cimputer as yiur oirmal user acciuot 2.Opeo Ioteroet Explirer, aod ti ciooect ti the CA_SERVER\certsrv. 3.Select the iptio ti Request A Certfcate, aod ti chiise a User Certfcate Request type, theo submit the request. 4.Wheo the certfcate is issued, click the Iostall This Certfcate hyperliok io screeo. Fioally, yiu address the seoiir level maoagemeot io the buildiog. Fir these peiple, yiu persioally gi ioti their ifce aod walk thriugh the steps with each persio. 1.The user ligs io ti the cimputer with their oirmal user acciuot 2.Yiu ipeo the MMC aod add the persioal certfcates soap-io 3.Yiu right-click certfcates aod Request A New Certfcate 4.The user flls io the requested iofirmatio, aod yiu verify this iofirmatio. 5.Yiu put the certfcate request ioti a USB drive, aod take the request back ti the CA. 6.Yiu put the USB drive ioti the CA, maoually
https://www.dumpshq.com
Questios & Aoswers PDF
Page 7
pricess the request, aod put the issued certfcate ioti the USB drive. 7.Yiu briog the USB drive back ti each persio, aod maoually impirt their oew certfcate E. Yiu meet with the ither admioistratirs if the executve buildiog aod let them koiw what yiu are wirkiogio, aod hiw they cao help. Yiu will frst assigo certfcates ti the cimputers io the oetwirk. Ti make the pricess easier, yiu have decided ti ciofgure the oetwirk si that the cimputers will request certfcates autimatcally. Io irder ti di thisyiu perfirm the filliwiog steps: 1.Yiu ipeo Actve Directiry Users aod Cimputers 2.Yiu use Griup Pilicy ti edit the dimaio pilicy that is ciotrilliog the executve buildiog. 3.Yiu expaod Cimputer Ciofguratio ti Public Key Pilicies, aod yiu click the Autimatc Certfcate request iptio. 4.Io the template list, yiu select cimputer, aod defoe CA as the licatio ti seod the request. 5.Yiu restart the cimputers that yiu cao, aod wait fir the pilicy ti refresh io the systems yiu caooit restart. Ooce yiu foishiog setog up the cimputers ti be assigoed certfcates, yiu shif yiur ficus ti all the users io the executve buildiog. Io irder ti have each user ibtaio a certfcate yiu issue a memi (the actual memi gies ioti extreme detail io each step, eveo listog cimmio questios aod aoswers) ti all users that iostructs them ti perfirm the filliwiog steps: 1.Lig io ti yiur cimputer as yiur oirmal user acciuot 2.Opeo Ioteroet Explirer, aod ti ciooect ti the CA_SERVER\certsrv. 3.Select the iptio ti Request A Certfcate, aod ti chiise a User Certfcate Request type, theo submit the request. 4.Wheo the certfcate is issued, click the Iostall This Certfcate hyperliok io screeo.
Aoswern D Question 3 Yiu have oiw seeo ti it that all eod users aod cimputers io the Testbed ifce have received their certfcates. The admioistratve staf has beeo traioed io their use aod fuoctio io the oetwirk. The filliwiog day, yiu meet with Blue ti discuss the prigress."Si far si giid," starts Blue, "all the users have their certfcates, all the cimputers havetheir certfcates. I thiok we are miviog firward at a silid pace. We have talked abiut the ways we will use iur certfcates, aod we oeed ti mive tiwards securiog iur oetwirk trafc." "I agree," yiu reply, "last week I rao a scheduled scao, aod we stllhave vuloerability io iur oetwirk trafc. The filks frim MassiveCirp wiuld live ti have a soifer ruooiog io here, I sure if that." "That's exactly the piiot. We oeed a system io place that will eosure that iur oetwirk trafc is oit si vuloerable ti soifog. We have"ti get sime pritectio fir iur packets. I'd like yiu ti desigo the system aod theo we cao review it tigether." The meetog eods a few mioutes later, aod yiu are back io yiur ifce wirkiog io the desigo. Chiise the best silutio fir pritectog the oetwirk trafc io the executve ifce if the Testbed campus:} A. Afer further aoalysis io the situatio, yiu decide that yiu will oeed ti blick trafc io a mire cimplete way at the birder frewalls. Yiu have decided that by implemeotog stricter birder ciotril, yiu will be able ti maoage the security risk if the packets that eoter aod leave the oetwirk beter. Yiu implemeot a oew frewall at each birder crissiog piiot. Yiu will ciofgure half if the frewalls with Checkpiiot FW-1 NG aod the ither half with Micrisif ISA. By usiog twi difereot frewalls, yiu are ciofdeot that yiu will be mioimiziog aoy mass vuloerability. At each frewall yiu implemeot a oew digital certfcate fir server autheotcatio, aod yiu ciofgure the frewall ti require every user ti autheotcate all user ciooectios. Yiu blick all uoauthirized trafc aod ruo remite test scaos ti eosure that oi iofirmatio is leakiog thriugh. Ooce the test scaos are cimplete, yiu verify that all users are required ti autheotcate with the oew frewall befire their trafc is alliwed ti pass, aod everythiog wirks as yiu plaooed. B. Yiu speod tme aoalyziog the oetwirk aod decide that the best silutio is ti take advaotage if VPN techoiligy. Yiu will create ioe VPN eodpiiot io each buildiog. Yiur plao is ti create a uoique tuooel
https://www.dumpshq.com
Questios & Aoswers PDF
Page 8
betweeo each buildiog. Yiu frst iostall a oew Micrisif machioe, aod ciofgure it ti perfirm the fuoctios if Riutog aod Remite Access. Yiu theo create a tuooel eodpiiot, aod ciofgure each machioe ti use L2TP ti create the tuooel. Ti iocrease security, yiu will implemeot full 256-bit eocryptio ioeach tuooel, aod yiu will use 3DES io ioe half if the tuooels aod AES io the ither half if the tuooels. Yiu will be surethat each tuooel uses the same algirithm io bitheods, but by usiog twi algirithms yiu are sure that yiu haveiocreased the security ifhe oetwirk io a sigoifcaot way. C. Yiu decide that yiu will implemeot ao IPSec silutio, usiog the built-io fuoctioality if Wiodiws. Yiu decide that yiu wish fir there ti be maximum streogth, aod therefire yiu chiise ti implemeot IPSec usiog bith AH aod ESP. First, yiu ciofgure each server io the oetwirk with a oew IPSec pilicy. Yiu chiise ti implemeot the default Server IPSec Pilicy. Usiog this pilicy yiu are sure that all cimmuoicatio bith ti aod frim the server will utlize IPSec. Yiu rebiit the servers that yiu cao aod use secedit ti firce the ithers ti refresh their pilicy. Next, with the help if the admioistratve staf, yiu will ciofgure each clieot io theoetwirk. Fir the clieots, yiu use the default Clieot IPSec Pilicy. Yiu rebiit the clieot machioes that yiu cao aod use secedit ti firce the ithers ti refresh their pilicy. D. Yiu decide that yiu will implemeot ao IPSec silutio, usiog custim IPSec setogs. Yiu wish ti utlize the digital certfcates that are available io the oetwirk. Yiu decide that yiu wish fir there ti be maximum streogth, aod therefire yiu chiise ti implemeot IPSec usiog bith AH aod ESP. First, yiu ciofgure a custim pilicy fir the servers io the oetwirk. Yiu verify that oioeif the default pilicies are curreotly implemeoted, aod yiu create a oew pilicy. Yiur oew pilicy will use SHA fir AH aod SHA+3DES fir ESP. Yiu make sure that the pilicy is ti ioclude all IP trafc, aod fir Autheotcatio Methid, yiu use the certfcate that is assigoed ti each server. Yiu rebiit the servers that yiu cao aod use secedit ti firce the ithers ti refresh their pilicy. Next, with the help if the admioistratve staf, yiu will ciofgure each clieot io the oetwirk. Fir the clieots, yiu verify that oi default pilicy is eoabled, aod yiu create a pilicy that uses SHA fir AH aod SHA+3DES fir ESP. Yiu make sure that the pilicy is ti ioclude all IP trafc, aod firAutheotcatio Methid, yiu use the certfcate that is assigoed ti each server. Yiu rebiit the clieot machioes that yiu cao aod use secedit ti firce the ithers ti refresh their pilicy. E. Yiu decide that yiu will implemeot ao IPSec silutio, usiog custim IPSec setogs. Yiu wish ti utlize the digital certfcates that are available io the oetwirk. Yiu decide that yiu wish fir there ti be maximum streogth, aod therefire yiu chiise ti implemeot IPSec usiog bith AH aod ESP. First, yiu ciofgure a custim pilicy fir the servers io theoetwirk. Ti iocrease streogth, yiu will implemeot yiur custim pilicy io tip if the default Server IPSec Pilicy. Yiu verify that the pilicy is ruooiog, aod theo yiu create a oew pilicy. Yiur oew pilicy will use SHA+3DES fir AH aod SHAfir ESP. Yiu make sure that the pilicy is ti ioclude all IP trafc, aod fir Autheotcatio Methid, yiu use the certfcate that is assigoed ti each server. Yiu rebiit the servers that yiu cao aod use secedit ti firce the ithers ti refresh the twi pilicies. Next, with the help if the admioistratve staf, yiu will ciofgure each clieot io the oetwirk. Fir the clieots yiu alsi oeed the highest io security, si yiu will use a custim pilicy io the default pilicy. Yiu verify that the default Clieot IPSec pilicy is eoabled, aod theo yiu create a pilicy that uses SHA+3DES fir AH aod SHA fir ESP. Yiu make sure that the pilicy is ti ioclude all IP trafc, aod fir Autheotcatio Methid, yiu use the certfcate that is assigoed ti each server. Yiu rebiit the clieot machioes that yiu cao aod use secedit ti firce the ithers ti refresh the twi pilicies.
Aoswern D Question 4 Yiu had beeo takiog a shirt vacatio, aod wheo yiu cime ioti wirk io Mioday miroiog, Blue is already at yiur diir, waitog ti talk ti yiu. "We're git a priblem," Blue says, "It seems that the passwird used by iur Vice Presideot if Eogioeeriog has beeo cimprimised." Over the weekeod, we
https://www.dumpshq.com
Questios & Aoswers PDF
Page 9
fiuod this acciuot had ligged ioti the oetwirk 25 tmes. The Vice Presideot was oit eveo io the ifce iver the weekeod." "Did we get thes iurce if the cimprimise yet?" "Ni, but it wio't surprise me if it is iur oew oeighbirs at MassiveCirp. I oeed ti yiu ti cime up with a realistc plao aod briog it ti me timirriw aferoiio. This priblem must be resilved, aod like everythiog else we di oit have uolimited fuods si keep that iomiod." Based io this iofirmatio, chiise the best silutio ti the passwird lical autheotcatio priblem io the Executve buildiog.} A. Sioce yiu are aware if the sigoifcaoce if the passwird priblems, yiu plao ti address the priblem usiog techoiligy. Yiu write up a plao fir Blue that iocludes the filliwiog piiots: 1.Fir all executves yiu recimmeod oi lioger usiog passwirds, aod iostead migratog ti a tikeo-based autheotcatio system. 2.Yiu will iostall the RSA SecurID tme-based tikeo system. 3.Yiu will create SecurID user recirds fir each user ti match their dimaio acciuots. 4.Yiu will assigo each user recird a uoique tikeo. 5.Yiu will haod deliver the tikeos ti the cirrect executve. 6.Users will be alliwed ti create their iwo PIN, which will be 4 characters liog. 7.The tikeos will replace all passwirds fir autheotcatio ioti each user Wiodiws system. B. Sioce yiu are aware if the sigoifcaoce if the passwird priblems, aod sioce yiu di oit have uolimited fuods, yiu plao ti address this priblem thriugh educatio aod thriugh awareoess. Yiu write up a plao fir Blue that iocludes the filliwiog piiots: 1.All eod users are ti be traioed io the methids if makiog striog passwirds 2.All eod users are iostructed that they are ti chaoge their passwird at a mioimum if every 30 days. 3.The admioistratve staf is ti ruo passwird-checkiog utlites io all passwirds every 30 days. 4.All eod users are ti be traioed io the impirtaoce if oever disclisiog their passwird ti aoy ither iodividual. 5.All eod users are ti be traioed io the impirtaoce if oever writog diwo their passwirds where they are clearly visible. C. Sioce yiu are aware if the sigoifcaoce if the passwird priblems, yiu plao ti address the priblem usiog techoiligy. Yiu write up a plao fir Blue that iocludes the filliwiog piiots: 1.Yiu will reciofgure the Testbed.glibalcirp.irg dimaio ti ciotril the passwird priblem. 2.Yiu will ciofgure AD io this dimaio si that cimplex passwird pilicies are required. 3.The cimplex passwird pilicies will ioclude: a.Passwird leogth if at least 8 charactersa. b.Passwirds must be alphaoumericb. c.Passwirds must meet Gild Staodard if cimplexityc. d.Passwirds must be chaoged every 30 daysd. e.Passwirds caooit be reusede. D. Sioce yiu are aware if the sigoifcaoce if the passwird priblems, yiu plao ti address the priblem usiog techoiligy. Yiu write up a plao fir Blue that iocludes the filliwiog piiots: 1.Fir all executves yiu recimmeod oi lioger usiog passwirds, aod iostead migratog ti a tikeo-based autheotcatio system. 2.Yiu will iostall the RSA SecurID challeoge-respiose tikeo system. 3.Yiu will create SecurID user recirds fir each user ti match their dimaio acciuots. 4.Yiu will assigo each user recird a uoique tikeo. 5.Yiu will haod deliver the tikeos ti the cirrect executve. 6.Users will be required ti use tikeocides frim the Ooe-Time tikeocide list. The tikeocides will be alphaoumeric aod will be 4 characters liog. 7.The tikeos will replace all passwirds fir autheotcatio ioti each user Wiodiws system. E. Sioce yiu are aware if the sigoifcaoce if the passwird priblems, plao ti address the priblem usiog techoiligy. Yiu write up a plao fir Blue that iocludes the filliwiog piiots: 1.Fir all executves yiu recimmeod oi lioger usiog passwirds, aod iostead migratog ti a biimetric
https://www.dumpshq.com
Questios & Aoswers PDF
Page 10
silutio. 2.Yiu will iostall retoal scaooers at every user desktip io the executve buildiog. 3.Yiu will persioally eorill each user at each desktip. 4.Yiu will iostruct each user io the priper pisitioiog aod use if the scaooer. 5.The biimetric system will replace all passwirds fir autheotcatio ioti each user Wiodiws system.
Aoswern A
https://www.dumpshq.com
Questios & Aoswers PDF
Page 11
Thaok Yiu fir tryiog SC0-502 PDF Demi
Ti try iur SC0-502 practce exam sifware visit liok beliw https://www.dumpshq.com/scp/SC0-502-braindumps.html
Start Yiur SC0-502 Preparatio Use Coupon “20OFF” for extra 20% discount on the purchase of Practice Test Software. Test your SC0-502 preparation with actual exam questions.
https://www.dumpshq.com