A company exchanges information with a business partner. An annual audit of the business partner is conducted against the SLA in order to verify:
A. Performance and service delivery metrics
B. Backups are being performed and tested
C. Data ownership is being maintained and audited
D. Risk awareness is being adhered to and enforced
Which of the following is the proper way to quantify the total monetary damage resulting from an explogted vulnerability?
A. Calculate the ALE
B. Calculate the ARO
C. Calculate the MTBF
D. Calculate the TCO
A security administrator needs to implement a system that detects possible intrusions based upon a vendor provided list. Which of the following BEST describes this type of IDS?
A. Signature based
B. Heuristic
C. Anomaly-based
D. Behavior-based
The chief Security Officer (CSO) has reported a rise in data loss but no break ins have occurred. By doing which of the following is the CSO most likely to reduce the number of incidents?
A. Implement protected distribution
B. Empty additional firewalls
C. Conduct security awareness training
D. Install perimeter barricades
Having adequate lighting on the outside of a building is an example of which of the following security controls?
A. Deterrent
B. Compensating
C. Detective
D. Preventative
During a recent audit, it was discovered that several user accounts belonging to former employees were still active and had valid VPN permissions. Which of the following would help reduce the amount of risk the organization incurs in this situation in the future?
A. Time-of-day restrictions
B. User access reviews
C. Group-based privileges
D. Change management policies
An organization is working with a cloud services provider to transition critical business applications to a hybrid cloud environment. The organization retains sensitive customer data and wants to ensure the provider has sufficient administrative and logical controls in place to protect its data. In which of the following documents would this concern MOST likely be addressed?
A. Service level agreement
B. Interconnection security agreement
C. Non-disclosure agreement
D. Business process analysis
A security administrator wants to implement a company-wide policy to empower data owners to manage and enforce access control rules on various resources. Which of the following should be implemented?
A. Mandatory access control
B. Discretionary access control
C. Role based access control
D. Rule-based access control
Which of the following BEST describes an attack where communications between two parties are intercepted and forwarded to each party with neither party being aware of the interception and potential modification to the communications?
A. Spear phishing
B. Main-in-the-middle
C. URL hijacking
D. Transitive access
Which of the following best describes the initial processing phase used in mobile device forensics?
A. The phone should be powered down and the battery removed to preserve the state of data on any internal or removable storage utilized by the mobile device
B. The removable data storage cards should be processed first to prevent data alteration when examining the mobile device
C. The mobile device should be examined first, then removable storage and lastly the phone without removable storage should be examined again D. The phone and storage cards should be examined as a complete unit after examining the removable storage cards separately.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only CompTIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your RC0-501 exam preparations and CompTIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.