SC0-502 Free Dumps Study Materials
Question 1: It has been quite some time since you were called in to address the network and
security needs of Certkiller . You feel good in what you have accomplished so far.
You have been able to get Certkiller to deal with their Security Policy issue, you have
secured the router, added a firewall, added intrusion detection, hardened the
Operating Systems, and more.
One thing you have not done however, is run active testing against the network from
the outside. This next level of testing is the final step, you decide, in wrapping up
this first stage of the new Certkiller network and security system. You setup a
meeting with the CEO to discuss.
"We have only one significant issue left to deal with here at Certkiller ," you begin.
"We need some really solid testing of our network and our security systems."
"Sounds fine to me, don't you do that all the time anyway? I mean, why meet about
this?"
"Well, in this case, I'd like to ask to bring in outside help. Folks who specialize in
this sort of thing. I can do some of it, but it is not my specialty, and the outside look
in will be better and more independent from an outside team."
"What does that kind of thing cost, how long will it take?"
"It will cost a bit of money, it won't be free, and with a network of our size, I think it
can be done pretty quick. Once this is done and wrapped up, I will be resigning as
the full time security and network pro here. I need to get back to my consulting
company full time. Remember, this was not to be a permanent deal. I can help you
with the interview, and this is the perfect time to wrap up that transition."
"All right, fair enough. Get me your initial project estimates, and then I can make a
more complete decision. And, I'll get HR on hiring a new person right away."
Later that afternoon you talk to the CEO and determine a budget for the testing.
Once you get back to your office, you are calling different firms and consultants,
and eventually you find a consulting group that you will work with.
A few days later you meet with the group in their office, and you describe what you
are looking for, and that their contact and person to report to is you. They ask what
is off limits, and your response is only that they cannot do anything illegal, to which
they agree and point out is written in their agreement as well.
With this outside consulting group and your knowledge of the network and
company, review and select the solution that will best provide for a complete test of
the security of Certkiller .}
A. The consulting group has identified the steps it will follow in testing the network. You
have asked to be kept up to date, and given an approximate schedule of events. You
intend to follow along with the test, with weekly reports.
The first thing the consultants will do is dumpster diving and physical surveillance,
looking for clues as to user information and other secret data that should not be outside of
the network. Once they have identified several targets through the dumpster diving, they
will run scans to match up and identify the workstations for those users.
After identifying the user workstations, they will run vulnerability checks on the systems,
to find holes, and if a hole is found they have been given permission to exploit the hole
and gain access of the system.
They will attempt to gain access to the firewall and router remotely, via password
guessing, and will test the response of the network to Denial of Service attacks. Finally,
they will call into Certkiller to see what information they can learn via social engineering.
B. The consulting group has identified the steps it will follow in testing the network. You
have asked to be kept up to date, and given an approximate schedule of events. You
intend to follow along with the test, with weekly reports.
The consultants will first run remote network surveillance to identify hosts, followed by
port scans and both passive and active fingerprinting. They will then run vulnerability
scanners on the identified systems, and attempt to exploit any found vulnerabilities. They
will next scan and test the router and firewall, followed by testing of the IDS rules.
They will then perform physical surveillance and dumpster diving to learn additional
information. This will be followed by password sniffing and cracking. Finally, they will
call into Certkiller to see what information they can learn via social engineering.
C. The consulting group has identified the steps it will follow in testing the network. You
have asked to be kept up to date, and given an approximate schedule of events. You
intend to follow along with the test, with weekly reports.
The consultants surprise you with their initial strategy. They intend to spend nearly 100%
of their efforts over the first week on social engineering and other physical techniques,
using little to no technology. They have gained access to the building as a maintenance
crew, and will be coming into the office every night when employees are wrapping up for
the day.
All of their testing will be done through physical contact and informal questioning of the
employees. Once they finish that stage, they will run short and direct vulnerability
scanners on the systems that they feel will present weakness.
D. The consulting group has identified the steps it will follow in testing the network. You
have asked to be kept up to date, and given an approximate schedule of events. You
intend to follow along with the test, with weekly reports.
The consultants have decided on a direct strategy. They will work inside the Certkiller
office, with the group introducing themselves to the employees. They will directly
interview each employee, and perform extensive physical security checks of the network.
They will review and provide analysis on the security policy, and follow that with
electronic testing. They will run a single very robust vulnerability scanner on every
single client and server in the network, and document the findings of the scan.
E. The consulting group has identified the steps it will follow in testing the network. You
have asked to be kept up to date, and given an approximate schedule of events. You
intend to follow along with the test, with weekly reports.
The consultants will start the process with remote network surveillance, checking to see
what systems and services are available remotely. They will run both passive and active
fingerprinting on any identified system. They will run customized vulnerability scanners
on the identified systems, and follow that through with exploits, including new zero-day
exploits they have written themselves.
They will next run scans on the router, firewall, and intrusion detection, looking to
identify operating systems and configurations of these devices. Once identified, they will
run customized scripts to gain access to these devices. Once they complete the testing on
the systems, they will dumpster dive to identify any leaked information.
Correct Answer: B
