Security Certified Program SC0-502 Test
SC0-502
QUESTION 1Now that you simply include Certkiller considerably under control, you will be getting ready to gohome for that night. You have produced good develop around the system recently, andthings sound like likely smoothly. On your way out, a person visit the CEO's officeand point out very good night. You tend to be explained to that you'll often be reaching in the morning, so attempt toget inside one or two a matter of minutes early.The up coming morning, you become towards the place of work twenty minutes prior to when normal, plus theCEO prevents by way of your office, "Thanks to get returning in a very touch early. No problem really, Ijust wanted to talk about on hand a current need we've got with all the network.""OK, go correct ahead." You realize your multi-level pretty effectively by now, and are prepared forwhatever is done your current way."We are getting some new salespeople, plus they will all often be being employed at home or maybe on theroad. I desire to b e certain of which the circle stays safe, knowning that they will acquire access nomatter wherever that they are.""Not a problem," anyone reply. "I'll obtain the prepare to get the following completed correct away.""Thanks a lot, if you have just about any concerns with regard to me, just let me know."You tend to be relieved that there were not a major challenge as well as accomplish some history workfor adding the modern remote users. After chatting when using the CEO more, you see outthat that people are going to be working from there residence most business your time, using incredibly littleaccess through on your way locations.The remote customers usually are most making use of Windows 2000 Professional, and will be component to thedomain. The CEO provides acquired every one of the remote pc help users completely new Compaq laptops,just just like the just one utilised in the actual CEO's office, and also that your CEO takes home eachnight; detailed with DVDCD-burner drive s,built-in WNICs, 17"LCD widescreendisplays, oversized hard drives, a gig involving memory, in addition to rapid processing. 'I want I wason the route to acquire among those,' a person think.You get started planning and determine in which you'll implement a brand new VPN Server following tothe Web and also FTP Server. You will certainly assign your remote computer repair people IP Addresses:10.10.60.100~10.10.60.105, and can configure the systems running Windows 2000Professional.Based on this subject information, along with your information about the actual Certkiller network around thispoint, pick out the very best answer to the secure online computer repair person needs:}
A. You start out with making your VPN server, and that is jogging Windows 2000 Server.You produce five fresh financial records upon this system, according them your Allow VirtualPrivate Connections suitable within Active Directory Users and also Computers. You then configurethe selection involving IP Addresses to be able to provide to the actual people as: 10.10.60.100 by means of 10.10.60.105.Next, people configure all 5 IPSec Tunnel endpoints within the server, every single to utilize L2TP as theprotocol.Then, everyone configure this clients. On just about every system, you configure a shortcut for the desktopto make use of to connect with your VPN. The shortcut can be designed to set-up an L2TP IPSec tunnelto the actual VPN server. The association itself can be configured to exchange keys while using user'sISP to build a tunnel between this user's ISP endpoint and also the Certkiller VPN Server.B. To start out the project, everyone earliest work towards that netbooks yo u might have already been given. On eachlaptop, people configure the actual program for making an individual Internet connection towards the user's ISP. SC0-502
Next, you configure a shortcut about the actual computer help for that VPN connection. You pattern theconnection make use of L2TP, using port blocking with outbound UDP 500 along with UDP 1701. Whena customer double-clicks this desktop star you've that set up to create an semi-automatic or fully automatic tunnelto this VPN server.On the particular VPN server, people configure the procedure for you to make use of L2TP along with interface blocking on inboundUDP 500 and UDP 1701. You develop a static collection involving given IP Address booking forthe five rural clients. You configure automatic redirection for the VPN device within therouting as well as rural entry MMC, so once the client has connected to the VPN server, heor your lady could immediately often be redirected on the within network, with most of assets availablein his or her and also the woman's Network Neighborhood.C. You configure the VPN people first, through installing the actual VPN High Encryption Service Pack. With this particular installed, you configure the actual people to utilize RSA, along with 1024-bit keys. Youconfigure a shortcut for the desktop in which immediately uses that privatepublic important pair tocommunicate using the VPN Server, no matter what the place that the individual is usually in your area connected.On the particular VPN Server, moreover , you may mount the VPN High Encryption Service Pack, andconfigure 1024-bit RSA encryption. You create five brand new user accounts, and scholarship themall online computer repair entry rights, utilizing Active Directory Sites plus Services. You configure theVPN service to send the actual server's open important to help that online computer repair users upon the particular request toconfigure the actual tunnel. Once your demand can be made, the actual VPN node could build your tunnel,from the particular device side, for the client.D. You choose to start the configuration for the VPN clients. You result in a shortcut on thedesktop that will go to the particular VPN Server. Your design and style is actually such which the person will simplydouble-click your shortcut as well as the purchaser will probably make the VPN connection to the server,using PPTP. You tend not to configure almost any filters on the VPN purchaser systems.On that VPN Server, people first configure routing and remote computer repair access to the different accountsand allow these for you to include Dial-In access. You in that case configure a static IP Address swimming pool forthe personal trainer rural users. Next, you configure the remote admittance coverage to scholarship remoteaccess, therefore you put into action the following PPTP filtering:Inbound Protocol 47 (GRE) allowedInbound TCP source vent 0, getaway interface 1723 allowedInbound TCP supply convey 520, destination interface 520 allowedOutbound Protocol 47 (GRE) allowedOutbound TCP supply interface 1723, destination interface 0 allowedOutbound TCP source v ent 520, vacation spot port 520 allowedE. You pick that will configure the particular VPN equipment first, through installing the VPN High EncryptionService Pack and also the HISECVPN.INF built-in stability web theme from the SecurityConfiguration along with Analysis Snap-In. Once the Service bunch and structure are usually installed,you configure personal trainer customer financial records as well as a static collection connected with IP Addresses for each account.You next configure this PPTP company about the VPN server, without using inbound oroutbound filters - because of the security from the Service Pack. You grant each end user the rightto dial into your equipment remotely, and move on on the laptops.On every single laptop, people deploy the VPN High Encryption Service Pack, to be able to deliver your securitylevel belonging to the notebooks up towards exact amount since the VPN server. You subsequently configure your shortcuton every computer help that will settings the primary transfer VPN interconnection from that purchaser for you to theserver. SC0-502
Answer: D
QUESTION 2For several years you might have worked with Certkiller performing unexpected network andsecurity consulting. Certkiller can be a small internet business that provides real estate listingsand data that will agents in most of the adjacent states. The firm is actually amenable forbusiness Monday through Friday from nine here's that will half a dozen pm, sealed most evenings andweekends. Your do the job generally there has typically contains advice and planning, and youhave happen to be regularly frustrated from the deficit of execution plus follow-through fromthe 100 % period staff.On Tuesday, everyone received some sort of phone through Certkiller 's HR director, "Hello, I'd just like toinform everyone in which Red (the complete period senior system administrator) is actually no more withus, and we would want to know when you are interested in working along with individuals entire time."You at the moment have zero various other main clients, and that means you rep ly, "Sure, when do you need meto acquire going?""Today," happens the fast and special response. Too fast, anyone think."What is a urgency, the key reason why can't the following wait until eventually tomorrow?""Red appeared to be make it possible for go, as well as this individual appeared to be not necessarily satisfied in relation to it. We are generally apprehensive which this individual might havedone something in order to our own community about began seeing out.""OK, let me find some good points ready, and I'll become around at this time there shortly."You recognized this could be sloppy whenever you came up in, but everyone have have some advantagein in which people by now knew the network. You had recommended many variations within thepast, it's unlikely that any that will possibly be executed by Red. While draging collectively yourlaptop and also other tools, a person grab your notes that create an understanding of the network:Certkiller network notes: Single Intern et access point, T1, attached to CertkillerCisco router. Router offers E1 to some private web as well as ftp device and also E0 for the LANswitch. LAN switch has some servers, some printers, and also 100 client machines. All themachines are generally running Windows 2000. Currently, they are owning their primary webpage and e mail hosted through an ISP with Illinois.When you are free to Certkiller , the HR Director and the CEO, both equally of whom youalready know, meet you. The CEO updates everyone which Red ended up being released as a result of difficultpersonality conflicts, amid different reasons, along with the actual termination wasn't cordial.You are generally to sign the proper recruitment papers, and have perfect to the job. You aregiven the rest from the morning to obtain create plus running, even so the provider is quiteconcerned around the protection of the network. Rightly so, you think, 'If these kinds of guyshad enforced even 1 / 2 with my testimonials this w ill confident be easier.' Youget your current equipment create inside your fresh oversized office space, and have started. Forthe period you will be doing the job here, your IP Address can be 10.10.50.23 having a disguise of 16.One within your initial responsibilities will be to look at the particular router's configuration. You system into therouter, concern a show running-config command, and have this output:MegaOne#show running-configBuilding configuration...Current configuration:!version 12.1 SC0-502
service udp-small-serversservice tcp-small-servers!hostname MegaOne!enable secret some $1$7BSK3$H394yewhJ45JAFEWU73747.enable password clever!no ip name-serverno ip domain-lookupip routing!interface Ethernet0no shutdownip tackle 2.3.57.50 255.255.255.0no ip directed-broadcast!interface Ethernet1no shutdownip 10.10.40.101 255.255.0.0no ip directed-broadcast!interface Serial0no shutdownip 1.20.30.23 255.255.255.0no ip directed-broadcastclockrate 1024000bandwidth 1024encapsulation hdlc!ip route 0.0.0.0 0.0.0.0 1.20.30.45!line unit 0exec-timeout 0 0transport reviews allline vty 0 4password remotelogin!endAfter examination with the network, a person advice that your router have got a newconfiguration. Your goal is usually to help to make your router come to be component to ones layered defense,and to become a method configured to assist protect this network.You speak to this CEO to receive an concept of what exactly the particular ambitions of the router ought to be around then ew configuration.All your interactions will be research your CEO;this is usually whomyou in addition are that will survey to. SC0-502
"OK, I suggest which the workforce always be just confined for you to simply the support of which theymust gain access to around the Internet." You begin."I can easily know that, nevertheless we've found always acquired an open policy. I such as the employeesto really feel comfortable, plus not necessarily think similar to were watching above them all this time. Pleaseleave that association open for them to be able to what ever they require to acquire to. We canalways reevaluate this particular with a regular basis.""OK, in case you insist, but for your record I am in opposition to this policy.""Noted," does respond the CEO, somewhat bluntly."All right, why don't we see, the actual exclusive online along with ftp equipment need to be accessed simply by theInternet, restricted towards accounts for the server. We will carry on to create a savings fund IllinoisISP to help host each of our most important web site and also to intended for our email. What else, possibly there is anythingelse that will always be accessed with the Internet?""No, I believe that is definitely it. We employ a rather simple network, we accomplish everything inside house.""All right, many of us need to get a plan in position as well straightaway for a security policy.Can all of us fixed something up to get tomorrow?" people ask."Let me see, I'll get back to anyone later." With that the CEO leaves therefore you get towork.Based around the information you've got from Certkiller;knowing this router must bean integral section with the protection in the organization, pick out one of the best means to fix theorganization's router problem:}
A. You back up the actual router config to a temporary place on the laptop. Friday night,you are available in to generate the revolutionary router configuration. Using your information about that network,and your discussion while using CEO, you construct along with put into practice these routerconfiguration:MegaOne#configure terminalMegaOne(config)#no cdp runMegaOne(config)#no ip source-routeMegaOne(config)#no ip fingerMegaOne(config)#access-list 175 permit tcp any 2.3.57.60 0.0.0.0 eq 80MegaOne(config)#access-list 175 permit tcp just about any 2.3.57.60 0.0.0.0 eq 20MegaOne(config)#access-list 175 permit tcp almost any 2.3.57.60 0.0.0.0 eq 21MegaOne(config)#access-list 175 grant tcp any 10.10.0.0 0.0.255.255 establishedMegaOne(config)#access-list 175 not think ip 0.0.0.0 255.255.255.255 anyMegaOne(config)#access-list 175 refuse ip 10.0.0.0 0.255.255.255 anyMegaOne(config)#access-list 175 not think ip 127.0.0.0 0.255.255.255 anyMegaOne(config)#access-list 175 not allow ip 172.16.0.0 0.0.255.255 anyMegaOne(config)#access-list 175 refuse ip 192.168.0.0 0.0.255.255 anyMegaOne(config)#access-list 175 permit ip virtually any 10.10.0.0 0.0.255.255MegaOne(config)#access-list 175 grant udp any kind of 10.10.0.0 0.0.255.255MegaOne(config)#access-list 175 permit icmp any kind of 10.10.0.0 0.0.255.255MegaOne(config)#interface serial 0MegaOne(config-if)#ip access-group 175 inMegaOne(config-if)#no ip directed broadcastMegaOne(config-if)#no ip unreachablesMegaOne(config-if)#Z
Original Resource :
Visit SC0-502 Link : SC0-502 Download PDF Link : SC0-502
access point vs router
Niciun comentariu:
Trimiteți un comentariu