Security Certified Program SC0-502 Test
SC0-502
QUESTION 1Now that you simply have Certkiller fairly less than control, you will be receiving ready to be able to gohome for the night. You have manufactured excellent advancement for the network recently, andthings appear to be heading smoothly. On on your path out, you check out the actual CEO's officeand claim good night. You are explained to that you will be reaching from the morning, hence attempt toget inside a couple of minutes early.The up coming morning, you're allowed the office something like 20 a matter of minutes prior to when normal, and theCEO ceases by simply your office, "Thanks for to arrive a bit early. No difficulty really, Ijust were going to focus on with you your existing will need we now have considering the network.""OK, proceed proper ahead." You find out this circle rather good through now, and are prepared forwhatever will be tossed your way."We will be hiring a few brand new salespeople, and so they will most of possibly be operating in a home office as well as on theroad. I need to be guaranteed of which the community is still around safe, knowning that they will gets access nomatter where these people are.""Not your problem," you reply. "I'll receive the plan due to this executed proper away.""Thanks a lot, for those who have any kind of doubts intended for me, just ok , i'll know."You are relieved which there was not only a main trouble and also accomplish many background workfor developing the fresh remote users. After discussing with this CEO more, you find outthat the actual users is going to be being employed after that home as a rule that time, by using quite littleaccess coming from on your way locations.The rural people usually are all using Windows 2000 Professional, but will join in on thedomain. The CEO possesses acquired the many remote computer support clients make new Compaq laptops,just much like the a single utilised in this CEO's office, and that your CEO will take property eachnight; filled wit h DVDCD-burner drives,built-in WNICs, 17"LCD widescreendisplays, oversized very difficult drives, a gig regarding memory, plus quick processing. 'I hope I wason the road to acquire a single connected with those,' an individual think.You start out arranging plus decide that you may implement a brand new VPN Server future tothe Web plus FTP Server. You will assign that remote pc help consumers IP Addresses:10.10.60.100~10.10.60.105, all of which will configure the devices to be able to run Windows 2000Professional.Based on this subject information, as well as your knowledge of this Certkiller network up to thispoint, decide the most effective solution with the safe and sound remote consumer needs:}
A. You start out with configuring the VPN server, that is certainly going Windows 2000 Server.You produce five innovative records with that system, affording them your Allow VirtualPrivate Connections right inside Active Directory Users in addition to Computers. You then configurethe range with IP Addresses to deliver towards the purchasers as: 10.10.60.100 through 10.10.60.105.Next, anyone configure five IPSec Tunnel endpoints on the particular server, just about every to apply L2TP because theprotocol.Then, you configure the clients. On every system, everyone configure a shortcut around the desktopto use to connect for you to your VPN. The shortcut is set up to make a good L2TP IPSec tunnelto your VPN server. The relationship alone is definitely designed to help change secrets while using user'sISP to produce some sort of canal between that user's ISP endpoint as well as the Certkiller VPN Server.B. To start off your project, an individual primary work with the particula r laptops you have also been given. On eachlaptop, everyone configure your technique in making just one Internet link with that user's ISP. SC0-502
Next, anyone configure some sort of shortcut on the desktop computer with the VPN connection. You design theconnection to use L2TP, having vent filtering upon outbound UDP five hundred and UDP 1701. Whena consumer double-clicks this desktop star you've got that configured to create a strong programmed tunnelto that VPN server.On the actual VPN server, anyone configure that process make use of L2TP with opening blocking upon inboundUDP five hundred and UDP 1701. You make a static swimming pool with assigned IP Address reservations forthe several remote computer repair clients. You configure automatic redirection on the particular VPN server in therouting in addition to online computer repair gain access to MMC, so once your customer has powering the actual VPN server, heor she'll automatically become rerouted for the inside of network, using many assets availablein her or his Network Neighborhood.C. You configure the actual VPN people first, by installing the VPN High Encry ption ServicePack. With this kind of installed, you configure that clientele to utilize RSA, together with 1024-bit keys. Youconfigure your shortcut to the desktop of which automatically utilizes the privatepublic key set of two tocommunicate while using VPN Server, no matter where the user is definitely in the neighborhood connected.On the particular VPN Server, you additionally set up the VPN High Encryption Service Pack, andconfigure 1024-bit RSA encryption. You make several different customer accounts, along with give themall remote computer repair access rights, utilizing Active Directory Sites along with Services. You configure theVPN company in order to give your server's public major to the remote people customers the actual request toconfigure this tunnel. Once the actual require is usually made, that VPN node will develop this tunnel,from the particular server side, on the client.D. You just go start out that configuration on the VPN clients. You result in a shortc ut with thedesktop for connecting for the VPN Server. Your design and style is these how the individual will simplydouble-click the particular shortcut plus the clientele can make the VPN connection to this server,using PPTP. You tend not to configure almost any filters upon the actual VPN client systems.On the VPN Server, anyone first configure routing plus remote computer support admittance for the revolutionary accountsand allow them to obtain Dial-In access. You subsequently configure a static IP Address collection forthe five remote users. Next, a person configure your remote pc help entry protection plan to help grant making remoteaccess, and you also implement the examples below PPTP filtering:Inbound Protocol 47 (GRE) allowedInbound TCP supply opening 0, vacation spot convey 1723 allowedInbound TCP supply dock 520, place port 520 allowedOutbound Protocol 47 (GRE) allowedOutbound TCP origin port 1723, place vent 0 allowedOutbound TCP source interface 520, desired dest ination convey 520 allowedE. You tend to configure that VPN server first, by means of adding the particular VPN High EncryptionService Pack as well as the HISECVPN.INF built-in safety measures structure in the SecurityConfiguration along with Analysis Snap-In. Once the actual Service load up in addition to theme are installed,you configure several person company accounts including a static puddle involving IP Addresses for every account.You subsequently configure the particular PPTP provider for the VPN server, without needing inbound oroutbound filters - as a result of protection in the Service Pack. You grants each user this rightto dial into your host remotely, along with proceed on the laptops.On each and every laptop, a person deploy this VPN High Encryption Service Pack, to deliver the securitylevel from the notebook computers around the identical stage because VPN server. You then configure a new shortcuton each one desktop of which controls that special transportatio n VPN connection in the client to help theserver. SC0-502
Answer: D
QUESTION 2For three years you could have worked by using Certkiller doing infrequent multi-level andsecurity consulting. Certkiller is usually a smaller business to deliver real-estate listingsand records to help agents with some your bordering states. The organization is actually open forbusiness Monday by way of Friday from being unfaithful am for you to some pm, sealed all early evenings andweekends. Your function now there includes generally consisted associated with tips along with planning, along with youhave been usually disappointed because of the don't have regarding performance as well as follow through fromthe whole period staff.On Tuesday, you acquired a telephone from Certkiller 's HR director, "Hello, I'd just like toinform an individual that Red (the 100 % moment older network administrator) is will no longer withus, in addition to most of us choose to learn if you're interested in functioning having all of us total time."You currently have zero additional p rincipal clients, so that you reply, "Sure, when seeking meto acquire going?""Today," occurs the fast as well as direct response. Too fast, people think."What may be the urgency, the key reason why cannot this specific hang on till tomorrow?""Red was let go, in addition to they were delighted regarding it. We are usually uneasy which he might havedone anything to help our own multilevel upon the best way out.""OK, let me obtain many points ready, as well as I'll end up being above presently there shortly."You suspected this could be disorganized while a person came up in, nonetheless people did include several advantagein which you already recognized that network. You had recommended many changes throughout thepast, nothing which can be executed by simply Red. While pushing together yourlaptop and other tools, you grab your notes that create an presentation of the actual network:Certkiller network notes: Single Internet access point, T1, linked that will CertkillerCisco rout er. Router possesses E1 in order to a private web and also ftp device plus E0 into the LANswitch. LAN transition provides four servers, four printers, as well as 100 client machines. All themachines tend to be operating Windows 2000. Currently, they're owning their major website as well as electronic mail hosted by an ISP around Illinois.When you can Certkiller , your HR Director as well as CEO, together connected with with whom youalready know, greet you. The CEO informs an individual that will Red has been let move because of difficultpersonality conflicts, involving different reasons, and also the termination has not been cordial.You are in order to sign the appropriate work papers, and have proper within the job. You aregiven others of the day to receive setup and running, women and men corporation is actually quiteconcerned around the stability of these network. Rightly so, you think, 'If these kind of guyshad implemented also one half connected with my referrals this c ould positive become easier.' Youget a person's tools installation with a person's new oversized company space, as well as find started. Forthe occasion you are doing work here, your IP Address is 10.10.50.23 which includes a disguise regarding 16.One within your initial projects is always to verify the actual router's configuration. You console directly into therouter, situation some sort of show running-config command, and obtain this particular output:MegaOne#show running-configBuilding configuration...Current configuration:!version 12.1 SC0-502
service udp-small-serversservice tcp-small-servers!hostname MegaOne!enable secret 5 various $1$7BSK3$H394yewhJ45JAFEWU73747.enable password clever!no ip name-serverno ip domain-lookupip routing!interface Ethernet0no shutdownip tackle 2.3.57.50 255.255.255.0no ip directed-broadcast!interface Ethernet1no shutdownip 10.10.40.101 255.255.0.0no ip directed-broadcast!interface Serial0no shutdownip 1.20.30.23 255.255.255.0no ip directed-broadcastclockrate 1024000bandwidth 1024encapsulation hdlc!ip path 0.0.0.0 0.0.0.0 1.20.30.45!line unit 0exec-timeout 0 0transport source allline vty 0 4password remotelogin!endAfter research on the network, a person suggest the particular router use a newconfiguration. Your objective is definitely to create the particular router become section of this layered defense,and to be a system configured to assist protect the network.You talk to the actual CEO to have an idea of just what exactly the objectives from the router ought to be in thenew confi guration.All ones conversations are going through the CEO;this will be whomyou are also to report to. SC0-502
"OK, I would suggest that this personnel possibly be firmly restrained to help solely the services that will theymust access about the Internet." You begin."I might fully grasp that, although you'll find often experienced an wide open policy. I like the employeesto feel comfortable, instead of feel like we are watching over these every one of the time. Pleaseleave the web link open up to allow them to reach anything they need to get to. We canalways reevaluate the following in a constant basis.""OK, in the event you insist, nevertheless for any file I am in opposition to that policy.""Noted," takes action the actual CEO, considerably bluntly."All right, let's see, the exclusive online in addition to ftp server should be utilized by theInternet, restrained towards the company accounts within the server. We could continue to create a savings fund IllinoisISP to be able to sponsor our main internet site and in order to coordinator some of our email. What else, there has to be anythingelse that should always be entered with the Internet?""No, I believe that's it. We possess a pretty uncomplicated network, we carry out everything in house.""All right, many of us must get a program set up in the process right away for a reliability policy.Can most people arranged something in place to get tomorrow?" anyone ask."Let my home see, I'll get back to a person later." With how the CEO retains also , you obtain towork.Based within the tips you've got from Certkiller;knowing this router have got to bean integral section of the safety belonging to the organization, pick the best treatment for theorganization's router problem:}
A. You backup the present router config to somewhat of a temporary spot on your laptop. Friday night,you consist of to make that innovative router configuration. Using your expertise with the network,and your current conversation with the CEO, everyone build and implement the next routerconfiguration:MegaOne#configure terminalMegaOne(config)#no cdp runMegaOne(config)#no ip source-routeMegaOne(config)#no ip fingerMegaOne(config)#access-list 175 grant tcp just about any 2.3.57.60 0.0.0.0 eq 80MegaOne(config)#access-list 175 permit tcp any 2.3.57.60 0.0.0.0 eq 20MegaOne(config)#access-list 175 enable tcp every 2.3.57.60 0.0.0.0 eq 21MegaOne(config)#access-list 175 allow for tcp every 10.10.0.0 0.0.255.255 establishedMegaOne(config)#access-list 175 refuse ip 0.0.0.0 255.255.255.255 anyMegaOne(config)#access-list 175 not think ip 10.0.0.0 0.255.255.255 anyMegaOne(config)#access-list 175 deny ip 127.0.0.0 0.255.255.255 anyMegaOne(config)#access-list 175 not think ip 172.16.0.0 0 .0.255.255 anyMegaOne(config)#access-list 175 deny ip 192.168.0.0 0.0.255.255 anyMegaOne(config)#access-list 175 permit ip almost any 10.10.0.0 0.0.255.255MegaOne(config)#access-list 175 grant udp almost any 10.10.0.0 0.0.255.255MegaOne(config)#access-list 175 allow icmp almost any 10.10.0.0 0.0.255.255MegaOne(config)#interface serial 0MegaOne(config-if)#ip access-group 175 inMegaOne(config-if)#no ip redirected broadcastMegaOne(config-if)#no ip unreachablesMegaOne(config-if)#Z
Original Resource :
Visit SC0-502 Link : SC0-502 Download PDF Link : SC0-502
access point vs router
Niciun comentariu:
Trimiteți un comentariu