Security Certified Program SC0-502 Test
SC0-502
QUESTION 1Now that you just have Certkiller relatively below control, you will be preparation to help gohome to the night. You have made good advance upon the actual circle recently, andthings look intending smoothly. On the right path out, an individual visit this CEO's officeand say very good night. You are told that you will become interacting with while in the morning, hence try toget in the few minutes early.The upcoming morning, you're allowed the actual office something like 20 minutes prior to when normal, and also theCEO stops by way of your own office, "Thanks for come together a bit early. No trouble really, Ijust were going to discuss on hand an ongoing want we've got with the network.""OK, go appropriate ahead." You realize the particular multi-level rather properly through now, and are all set forwhatever is actually thrown your way."We are hiring 5 various new salespeople, and in addition they will all become operating coming from home or on theroad. I prefe r to guantee that your community remains safe, knowning that they could get access nomatter in which they will are.""Not a new problem," a person reply. "I'll get the package because of this performed perfect away.""Thanks a lot, in case you have every questions for me, simply just okay know."You are generally allayed that there seemed to be not a serious dilemma plus accomplish some history workfor integrating the new remote computer repair users. After conversing with the actual CEO more, you see outthat that users will be doing work through presently there house the majority of the time, having pretty littleaccess out of within the road locations.The online computer repair clients are usually many making use of Windows 2000 Professional, all of which join in on thedomain. The CEO provides acquired each of the remote pc help people innovative Compaq laptops,just including the a single included in the CEO's office, and also that your CEO uses residence eachnight; comprehens ive along with DVDCD-burner drives,built-in WNICs, 17"LCD widescreendisplays, oversized hard drives, a gig connected with memory, and also rapid processing. 'I would like I wason the roads to acquire among those,' anyone think.You start organizing as well as determine that you will carry out a brand new VPN Server subsequent tothe Web and FTP Server. You will certainly assign the remote computer support customers IP Addresses:10.10.60.100~10.10.60.105, all of which will configure the techniques to perform Windows 2000Professional.Based for this information, as well as your knowledge of the Certkiller network upwards in order to thispoint, choose the best solution to the protect remote consumer needs:}
A. You begin together with configuring the actual VPN server, which can be working Windows 2000 Server.You make personal training different accounts on that system, allowing everybody the Allow VirtualPrivate Connections perfect in Active Directory Users and also Computers. You in that case configurethe variety of IP Addresses to deliver towards people as: 10.10.60.100 by means of 10.10.60.105.Next, anyone configure five IPSec Tunnel endpoints for the server, each to work with L2TP while theprotocol.Then, you configure that clients. On every single system, you configure your shortcut around the desktopto work with for you to connect with that VPN. The shortcut is configured to set-up a great L2TP IPSec tunnelto the VPN server. The connection by itself is set up to be able to change keys considering the user'sISP to generate your tunnel somewhere between the user's ISP endpoint as well as Certkiller VPN Server.B. To get started the project, you earliest work about the lap t ops you will have happen to be given. On eachlaptop, you configure the actual program to generate some sort of solo Internet link with the user's ISP. SC0-502
Next, people configure a shortcut upon your desktop to the VPN connection. You design theconnection to use L2TP, having port filtering on outbound UDP 500 and also UDP 1701. Whena individual double-clicks your desktop computer star you will have this configured to make an programmed tunnelto your VPN server.On your VPN server, anyone configure your procedure to utilize L2TP together with interface filtering about inboundUDP five-hundred along with UDP 1701. You result in a static beach with assigned IP Address reservations forthe personal training remote pc help clients. You configure automatic redirection to the VPN server throughout therouting along with remote access MMC, and so the moment the actual consumer has linked to this VPN server, heor she will immediately become redirected towards interior network, using most of assets availablein their own Network Neighborhood.C. You configure your VPN purchasers first, by means of the installation of the VPN High Encryption ServicePack. With the following installed, a person configure the actual customers in order to use RSA, along with 1024-bit keys. Youconfigure a new shortcut around the computer's desktop that will auto-magically utilizes the privatepublic key set of two tocommunicate with all the VPN Server, no matter what in which the user is actually locally connected.On the VPN Server, in addition , you mount the actual VPN High Encryption Service Pack, andconfigure 1024-bit RSA encryption. You create several new end user accounts, and grant themall remote gain access to rights, employing Active Directory Sites plus Services. You configure theVPN assistance to be able to mail the server's court key into the rural people after your demand toconfigure your tunnel. Once your demand will be made, your VPN node will develop that tunnel,from this host side, towards the client.D. You choose commence that configuration to the VPN clients. You develop a shortcut on thedesktop to connect towards t he VPN Server. Your pattern is definitely these which the user will probably simplydouble-click the actual shortcut along with the particular client will always make this VPN network into the server,using PPTP. You don't configure any filters on your VPN customer systems.On this VPN Server, you very first configure routing and rural gain access to for the brand new accountsand enable these people to possess Dial-In access. You and then configure a static IP Address collection forthe five remote users. Next, you configure your remote obtain protection plan in order to grants remoteaccess, also , you put into action the using PPTP filtering:Inbound Protocol 47 (GRE) allowedInbound TCP form dock 0, place vent 1723 allowedInbound TCP resource dock 520, destination port 520 allowedOutbound Protocol 47 (GRE) allowedOutbound TCP form port 1723, destination dock 0 allowedOutbound TCP reference port 520, location opening 520 allowedE. You tend to configure the VPN equipment first, by means of putting in the VPN High EncryptionService Pack along with the HISECVPN.INF built-in stability template in the SecurityConfiguration and also Analysis Snap-In. Once the Service bunch and web theme will be installed,you configure five consumer accounts plus a static puddle regarding IP Addresses with regard to every account.You and then configure the PPTP program for the VPN server, without resorting to incoming oroutbound filters - on account of the particular defense with the Service Pack. You scholarhip every single customer the actual rightto dial on the server remotely, and move on for you to the laptops.On each laptop, anyone install your VPN High Encryption Service Pack, that will take your securitylevel with the notebooks around a similar amount since the VPN server. You next configure a shortcuton each and every desktop of which controls the particular primary transport VPN association from your client to help theserver. SC0-502
Answer: D
QUESTION 2For 36 months you've got caused Certkiller carrying out periodic network andsecurity consulting. Certkiller is often a organization to produce real estate property listingsand information in order to real estate agents in several of that surrounding states. The business is open forbusiness Monday by means of Friday coming from being unfaithful am that will a few pm, closed just about all evenings andweekends. Your perform right now there includes largely contains information along with planning, along with youhave already been frequently frustrated with the deficiency of execution and follow through fromthe whole occasion staff.On Tuesday, you acquired a contact from Certkiller 's HR director, "Hello, I'd like toinform anyone which Red (the whole time senior network administrator) is usually don't withus, and also we would including to recognize for anyone who is enthusiastic about using the services of us whole time."You at this time include not any alternative main clients, and that means you reply, "Sure, as soon as do you want meto receive going?""Today," comes the quick and one on one response. Too fast, everyone think."What will be urgency, the reason won't be able to that hang on until tomorrow?""Red was make it possible for go, and they were happy regarding it. We usually are worried in which this individual might havedone a thing that will our own system in route out.""OK, let me find some good stuff ready, as well as I'll possibly be around there shortly."You suspected this might become untidy once you came in, nevertheless , you did have many advantagein which you already suspected the actual network. You possessed recommended numerous alterations with thepast, nothing associated with which might always be implemented through Red. While pushing together yourlaptop along with other tools, you grab your notes who have an understanding belonging to the network:Certkiller community notes: Single Internet entry point, T1, atta ched to CertkillerCisco router. Router provides E1 into a personal world wide web in addition to ftp node and E0 on the LANswitch. LAN swap possesses some servers, four printers, along with 100 customer machines. All themachines are usually running Windows 2000. Currently, they're getting their primary web site along with e-mail hosted by simply a great ISP in Illinois.When you will get for you to Certkiller , the HR Director as well as your CEO, together of whom youalready know, greet you. The CEO informs a person that Red appeared to be let it go on account of difficultpersonality conflicts, amid various other reasons, as well as termination wasn't cordial.You usually are to hint the proper recruitment papers, in addition to get perfect about this job. You aregiven the rest in the evening to have launch plus running, but the corporation is actually quiteconcerned concerning the security health of their network. Rightly so, a person think, 'If all these guyshad integrated e ven one half of my tips this may positive be easier.' Youget your equipment setup with your new large company space, and obtain started. Forthe time you're working here, your current IP Address can be 10.10.50.23 that has a goggles connected with 16.One connected with your own first responsibilities should be to study that router's configuration. You console in to therouter, issue a new demonstrate running-config command, and have the examples below output:MegaOne#show running-configBuilding configuration...Current configuration:!version 12.1 SC0-502
service udp-small-serversservice tcp-small-servers!hostname MegaOne!enable magic formula a few $1$7BSK3$H394yewhJ45JAFEWU73747.enable password clever!no ip name-serverno ip domain-lookupip routing!interface Ethernet0no shutdownip deal with 2.3.57.50 255.255.255.0no ip directed-broadcast!interface Ethernet1no shutdownip 10.10.40.101 255.255.0.0no ip directed-broadcast!interface Serial0no shutdownip 1.20.30.23 255.255.255.0no ip directed-broadcastclockrate 1024000bandwidth 1024encapsulation hdlc!ip course 0.0.0.0 0.0.0.0 1.20.30.45!line console 0exec-timeout 0 0transport reviews allline vty 0 4password remotelogin!endAfter evaluation belonging to the network, a person suggest that the actual router use a newconfiguration. Your target would be to help to make the router turn into section of one's layered defense,and to become a system configured to help risk-free the network.You talk to this CEO to acquire a thought with what that goals of the actual router needs to be inside thenew configuration.All your discussions are to endure this CEO;this can be whomyou also are that will article to. SC0-502
"OK, I suggest that will this staff possibly be just confined to help exclusively the skills of which theymust obtain within the Internet." You begin."I can easily realize that, nonetheless we now have generally have a great open up policy. I such as the employeesto feel comfortable, but not feel for instance prohibited enjoying over all those meals your time. Pleaseleave the call open so as to reach no matter what they have to have to. We canalways reevaluate this throughout a continuous basis.""OK, when you insist, nonetheless to the record I feel opposed to in which policy.""Noted," behaves the CEO, to some degree bluntly."All right, let's see, your private website and ftp server should be entered through theInternet, constrained for the company accounts within the server. We will certainly carry on to use the actual IllinoisISP to host our main site along with to host some of our email. What else, there has to be anythingelse that is going to always be utilized from th e Internet?""No, I think that is certainly it. We have a pretty very simple network, most of us do every thing inside house.""All right, we require an agenda constantly in place in the process immediately to get a safety policy.Can we set anything in place for tomorrow?" anyone ask."Let me personally see, I'll make contact with you later." With the fact that CEO retains so you get towork.Based within the facts an individual have from Certkiller;knowing this router have to bean important a part of the safety of the organization, decide on one of the best option to theorganization's router problem:}
A. You copy the current router config to a technical staffing , area on your current laptop. Friday night,you consist of to make the modern router configuration. Using your current familiarity with this network,and your conversing while using CEO, you assemble as well as implement the examples below routerconfiguration:MegaOne#configure terminalMegaOne(config)#no cdp runMegaOne(config)#no ip source-routeMegaOne(config)#no ip fingerMegaOne(config)#access-list 175 enable tcp any 2.3.57.60 0.0.0.0 eq 80MegaOne(config)#access-list 175 permit tcp every 2.3.57.60 0.0.0.0 eq 20MegaOne(config)#access-list 175 enable tcp almost any 2.3.57.60 0.0.0.0 eq 21MegaOne(config)#access-list 175 grant tcp just about any 10.10.0.0 0.0.255.255 establishedMegaOne(config)#access-list 175 refuse ip 0.0.0.0 255.255.255.255 anyMegaOne(config)#access-list 175 not think ip 10.0.0.0 0.255.255.255 anyMegaOne(config)#access-list 175 deny ip 127.0.0.0 0.255.255.255 anyMegaOne(config)#access-list 175 deny ip 172.16.0.0 0.0.255.255 anyMegaOne(config)#access-list 175 not think ip 192.168.0.0 0.0.255.255 anyMegaOne(config)#access-list 175 grant ip just about any 10.10.0.0 0.0.255.255MegaOne(config)#access-list 175 allow for udp any 10.10.0.0 0.0.255.255MegaOne(config)#access-list 175 permit icmp just about any 10.10.0.0 0.0.255.255MegaOne(config)#interface serial 0MegaOne(config-if)#ip access-group 175 inMegaOne(config-if)#no ip directed broadcastMegaOne(config-if)#no ip unreachablesMegaOne(config-if)#Z
Original Resource :
Visit SC0-502 Link : SC0-502 Download PDF Link : SC0-502
access point vs router
Niciun comentariu:
Trimiteți un comentariu