SCP SC0-501

SC0-501 Enterprise Security Implementation (ESI)

Practice Test
Version 1.0
 SCP SC0-501: Practice Exam
QUESTION NO: 1

Which of the following is not a category of Intellectual Property?

A. Patents
B. Trademarks
C. Copyrights
D. Manufacturing Standards
E. Trade Secrets

Answer: D

QUESTION NO: 2

Which of the following can be protected by a patent?

m
A. A new invention
B. A new product
C. A new process
.co
D. A new name
sts
E. An old product made in a new way

Answer: A,B,C,E
lTe

QUESTION NO: 3
tua

When Windows places a file on a FAT 16 partition, what does it look for, in HEX, to
know that a file can be placed in that cluster?
Ac

A. 0000
B. FFFF
C. 0001
D. 000F
E. 1111

Answer: A

QUESTION NO: 4

What is the name of the option in Windows to hide, or append, a second file to a
main file?

"Pass Any Exam. Any Time." - www.actualtests.com 2

 SCP SC0-501: Practice Exam
A. The Hidden Bit
B. Dynamic Link Libraries
C. NTFS Streams
D. File Associations
E. Hidden Server Management

Answer: C

QUESTION NO: 5

If you capture an 802.11 frame, and the ToDS bit is set to zero and the FromDS bit
is set to zero, what type of WLAN is this frame a part of?

A. Mesh
B. Broadcast

m
C. Infrastructure
D. Hierarchical
E. Ad Hoc
.co
Answer: E
sts
lTe

QUESTION NO: 6

What transmission system uses short bursts combined together as a channel?

tua

A. Frequency Hopping Spread Spectrum (FHSS)

B. Direct Sequence Spread Spectrum (DSSS)
C. Lamar Anthell Transmission (LAT)
Ac

D. Digital Band Hopping (DBH)

E. Digital Channel Hopping (DCH)

Answer: A

QUESTION NO: 7

When you install and use PGP on your local computer, where is the key pair stored,
by default?

A. secret.ring
B. public.ring
C. /usr/bin/pgp

"Pass Any Exam. Any Time." - www.actualtests.com 3

 SCP SC0-501: Practice Exam
D. pubring.pkr
E. secring.pkr

Answer: D,E

QUESTION NO: 8

When a biometric system performs a one-to-one mapping, what is the systems doing?

A. Identification
B. Authentication
C. Classification
D. Detection
E. Recognition

m
Answer: B

.co
QUESTION NO: 9
sts
If you are going to build a PKI you will need many different components. What is
an industry standard that you can build your PKI upon?
lTe

A. Contiguous distinguished name spaces

B. X.509v3 Certificates
C. A defined hierarchy of authorities
tua

D. 128-bit SHA1
E. 128-bit MD5
Ac

Answer: B

QUESTION NO: 10

You are in the process of designing your PKI. You are working on the individual
systems and servers that you will need. Which machine that you install is designed
simply to enroll new users into the PKI?

A. Certification Authority
B. Archive Server
C. Security Server
D. Registration Authority
E. Certification Repository

"Pass Any Exam. Any Time." - www.actualtests.com 4

 SCP SC0-501: Practice Exam
Answer: D

QUESTION NO: 11

If a Certificate Authority is also designed to accept requests for certificates, then it

can be termed as what?

A. A Root CA
B. An Intermediate CA
C. A CA Hierarchy
D. A Registration Authority
E. A Repository

Answer: D

m
QUESTION NO: 12 .co
If your goal is to make your CA issue certificates that have specific key usage, what
can you use to achieve this goal?
sts

A. This can be done by using unique DNs for each key use that you want.
B. This can be done by using OIDs for each key use that you want.
lTe

C. This can be done by using unique CNs for each key use that you want.
D. This can only be done by selecting the key use options during the setup of the CA.
E. This can be done by installing the identifier file for each key use.
tua

Answer: B
Ac

QUESTION NO: 13

If you receive an X.509 digital certificate that has a unique identifier, but has no
extensions, what version is the certificate?

A. It is a Version 2 certificate
B. It is a Version 3 certificate
C. It is a Version 1 certificate
D. All X.509 digital certificates have unique identifiers
E. The unique identifier is determined by implementation, not version number

Answer: A

"Pass Any Exam. Any Time." - www.actualtests.com 5

 SCP SC0-501: Practice Exam
QUESTION NO: 14

When using the 3DES encryption ( C = EK1[DK2[EK1[P]]] ) , what is the function

of D?

A. D is the text before encryption

B. D is the first encryption key
C. D is the second encryption key
D. D is the decryption key
E. D is the text after encryption

Answer: D

QUESTION NO: 15

m
Which of the following numbers are Non-Prime Numbers?

A. 23
B. 2
.co
C. 24
sts
D. 39
E. 17
lTe

Answer: C,D
tua

QUESTION NO: 16

What are the two primary types of token system?

Ac

A. Time-based
B. Passive
C. Challenge/Response
D. Active
E. Seeded

Answer: A,C

QUESTION NO: 17

If you wish to make your Windows user account use smart cards, where must you
go to check this option?

"Pass Any Exam. Any Time." - www.actualtests.com 6

 SCP SC0-501: Practice Exam
A. Active Directory Users and Computers
B. Computer Management, Local Users and Groups
C. Active Directory Sites and Services
D. Active Directory Security Services
E. On the Enterprise Certificate Server

Answer: A

QUESTION NO: 18

Incidents are generally categorized as falling into attacks on the CIA triad. Which
of the following three attacks are the general categories?

A. Attacks against Integrity

B. Attacks against Confidentiality

m
C. Attacks against Availability
D. Attacks against Accuracy
E. Attacks against Collisions
.co
Answer: A,B,C
sts
lTe

QUESTION NO: 19

What is a unique benefit to using a File Viewer as one of your Forensics Tools?
tua

A. You do not have to copy data files to your forensic machine for analysis
B. You do not have to worry about modifying the evidence in any manner
C. You are able to view the evidence files in HEX format
Ac

D. You do not need to have all the programs installed on your forensic machine to view
evidence files
E. You are able to search for specific file types to which the O/S does not have
application associations

Answer: D

QUESTION NO: 20

What type of information can be learned from a user's COOKIES/index.dat file?

A. Their MAC address

B. Their IP address

"Pass Any Exam. Any Time." - www.actualtests.com 7

 SCP SC0-501: Practice Exam
C. Their email address
D. The websites they have visited
E. The user logon name

Answer: D,E

QUESTION NO: 21

Which antenna type is best for extending the local range of an Access Point?

A. Yagi
B. Omni-directional
C. Di-polar
D. Parabolic
E. Mono-polar

m
Answer: B
.co
QUESTION NO: 22
sts

What transmission system uses multiple frequencies combined together as a band?

lTe

A. Digital Channel Hopping (DCH)

B. Lamar Anthell Transmission (LAT)
C. Frequency Hopping Spread Spectrum (FHSS)
tua

D. Digital Band Hopping (DBH)

E. Direct Sequence Spread Spectrum (DSSS)
Ac

Answer: E

QUESTION NO: 23

In PGP, there are two conditions that can be present to provide for the validity of a
certificate. What are these two conditions?

A. The certificate has been digitally signed by your local trusted root Certificate
Authority.
B. The certificate is digitally signed by at least one completely trusted key holder, who
has a valid certificate.
C. The certificate is digitally signed by at least two of the marginally trusted key holders,
who have valid certificates.

"Pass Any Exam. Any Time." - www.actualtests.com 8

 SCP SC0-501: Practice Exam
D. The certificate has been digitally signed by the sender's trusted root Certificate
Authority.
E. The certificate is digitally signed by the sender, who is authenticated by your local
Certificate Authority.

Answer: B,C

QUESTION NO: 24

What is the average size of a biometric template?

A. Between 10 and 100 KB

B. Between 100 and 500 KB
C. Less than 1 KB
D. Less than 3 bytes

m
E. Between 500 KB and 1 MB

Answer: C
.co
sts

QUESTION NO: 25

Based on the provided image, what type of certification path will be used in this
lTe

network?
tua
Ac

A. Nested certification path

B. Hierarchical certification path
C. Functional certification path

"Pass Any Exam. Any Time." - www.actualtests.com 9

 SCP SC0-501: Practice Exam
D. Mesh certification path
E. Bridged certification path

Answer: D

QUESTION NO: 26

When an OCSP responder provides a digitally signed response for each of the
certificates sent to it by the relying party in the original request, its reply consists of
the certificate identifier, one of three status values and a validity interval. What are
the three status values?

A. Okay, Not Okay, Revoked

B. This Update, Next Update, Future Update
C. Good, Revoked, Unknown

m
D. Issuer's Public Key, Hash of the Private Key, Unknown
.co
E. Issuer's Private Key, Thumbprint of the Public Key, Unknown

Answer: C
sts

QUESTION NO: 27
lTe

What format is used to list the information that is contained in the Issuer field of an

A. FQDN
tua

B. X.500 CN
C. CA Name
D. X.500 DN
Ac

E. Position of the CA in the CA hierarchy

Answer: D

QUESTION NO: 28

There are many certificate templates built into Windows 2000 Certificate Servers.
Which of the following user templates are valid for client authentication?

A. Smart Card Logon

B. Domain Controller
C. Authenticated Session
D. IPSec (Offline Request)

"Pass Any Exam. Any Time." - www.actualtests.com 10

 SCP SC0-501: Practice Exam
E. Smart Card User

Answer: A,C,E

QUESTION NO: 29

One of the many extensions in an X.509 digital certificate is called the

SubjectKeyIdentifier. What is this extension used for?

A. The extension is used to verify the SubjectPrivateKeyInfo

B. The extension is used to match the hashes of the SubjectKeyAlgorithm
C. The extension is used only when the certificate is used for code signing from a defined
Subject
D. The extension is used when matching the hash value of the public key on the
certificate

m
E. The extension is used only if the certificate is sent from a Root CA

Answer: D
.co
sts

QUESTION NO: 30

Which of the following are hash algorithms?

lTe

A. MD5
B. SHA
tua

C. RSA
D. 3DES
E. AES
Ac

Answer: A,B

QUESTION NO: 31

From the Answer:s listed, select the one that does not represent a correct XOR
(exclusive OR) operation

A. 0 XOR 0 = 0
B. 0 XOR 1 = 1
C. 1 XOR 0 = 1
D. 1 XOR 1 = 0
E. 1 XOR 1 = 1

"Pass Any Exam. Any Time." - www.actualtests.com 11

 SCP SC0-501: Practice Exam
Answer: E

QUESTION NO: 32

If a user has lost their SecurID token, and still requires access to the network, what
can the user do to continue network?

A. Delete the token record

B. Disable the token record
C. Use one-time passwords
D. Use the community token
E. Use default authentication

Answer: C

m
QUESTION NO: 33 .co
What is an example of a two-factor authentication policy?
sts
A. Biometrics and Forensics
B. Username and Password
C. Smart cards and PIN
lTe

D. Kerberos and encryption

E. LDAP and X.500
tua

Answer: C
Ac

QUESTION NO: 34

Which of the following are examples of trade secrets?

A. Formulas
B. Techniques
C. Methods
D. Patterns
E. Logos

Answer: A,B,C,D

QUESTION NO: 35

"Pass Any Exam. Any Time." - www.actualtests.com 12

 SCP SC0-501: Practice Exam
When investigating Windows computers, with FAT 16 hard disks, what is the size of
a Cluster if the partition is 512 MB?

A. 4K
B. 8K
C. 16K
D. 32K
E. 64K

Answer: B

QUESTION NO: 36

What tool built into Windows can provide investigators with MAC information?

m
A. Dir
B. Netstat
C. NBTstat
.co
D. ARP
E. Doskey
sts

Answer: A
lTe

QUESTION NO: 37
tua

What is the least reliable, in a courtroom, method of evidence acquisition?

A. Acquire the evidence from the live suspect system

Ac

B. Acquire evidence from a copy of the suspect operating system

C. Acquire evidence from a bit-by-bit clone of the suspect hard drive
D. Acquire the evidence by using a remote workstation to connect to the suspect system
E. Acquire evidence by using a laptop connected via an encrypted link to the suspect
system

Answer: A

QUESTION NO: 38

In the image, there are two nodes communicating directly, without an access point.
In the packet on the right side of the image, the Address 1 field is blank. If this
packet is going to the other computer, what is the value that must be filled in this
blank address field?
"Pass Any Exam. Any Time." - www.actualtests.com 13
 SCP SC0-501: Practice Exam

A. 2345
B. 1234
C. ABCD

m
D. <null>
E. ABCD-1234

Answer: B
.co
sts

QUESTION NO: 39
lTe

What two layers of the OSI Model are addressed by the 802.11 standards?

A. Physical
tua

B. Data Link
C. Network
D. Transport
E. Session
Ac

Answer: A,B

QUESTION NO: 40

What are the three general categories of trust that you an assign to a certificate you
receive when using PGP to secure email?

A. Undefined or No Trust
B. Complete Trust
C. Low Trust
D. Marginal Trust

"Pass Any Exam. Any Time." - www.actualtests.com 14

 SCP SC0-501: Practice Exam
E. Medium Trust
F. High Trust

Answer: A,B,D

QUESTION NO: 41

When building a biometric system, there are many variables that one must take into
consideration. What are the three main variables that a biometric system must
consider?

A. Template Creation Algorithm (TCA)

B. False Match Rate (FMR)
C. False Non-Match Rate (FNMR)
D. Biometric Matching Algorithm (BMA)

m
E. Failure To Enroll (FTE)

Answer: B,C,E
.co
sts

QUESTION NO: 42

Based on the provided image, what type of certification path will be used in this
lTe

network?
tua
Ac

"Pass Any Exam. Any Time." - www.actualtests.com 15

 SCP SC0-501: Practice Exam

m
.co
sts

A. Nested certification path

lTe

B. Hierarchical certification path

C. Functional certification path
D. Mesh certification path
tua

E. Bridged certification path

Answer: E
Ac

QUESTION NO: 43

In order to design the proper PKI, you are analyzing your organization and
network. The office is small with only 100 end user computers and 20 servers. What
PKI architecture is the most appropriate to implement in this scenario?

A. Hierarchical PKI
B. Mesh PKI
C. Nested PKI
D. Functional PKI
E. Single CA

Answer: E

"Pass Any Exam. Any Time." - www.actualtests.com 16

 SCP SC0-501: Practice Exam

QUESTION NO: 44

One important X.509v3 extension in a digital certificate is the SubjectKeyIdentifier.

What is the purpose of this field?

A. This extension contains a hash of the end entity's private key. This allows a user to
decrypt the end entity's private key using the published public key and recalculate the
hash value of the private key on the certificate to look for a match. If the calculation
matches the SubjectKeyIdentifier value, then the end entity can be validated.
B. This extension contains a hash of the subject's private key. This allows a user to
decrypt the subject's private key using the published public key and recalculate the hash
value of the private key on the certificate to look for a match. If the calculation matches
the SubjectKeyIdentifier value, then the subject can be validated.

m
C. This extension has a hash of the subject's public key. This allows a user to calculate
the hash value of the public key on the certificate to look for a match. If the calculation
.co
matches the SubjectKeyIdentifier value, then the subject can be validated.
D. This extension has a hash of the issuer's public key. This allows a user to calculate the
hash value of the public key on the certificate to look for a match. If the calculation
sts
matches the SubjectKeyIdentifier value, then the CA can be validated.

Answer: D
lTe

QUESTION NO: 45
tua

There are many certificate templates built into Windows 2000 Certificate Servers.
Which of the following computer templates are valid for client authentication?
Ac

A. EFS Recovery
B. Domain Controller
C. Enrollment Agent
D. Computer
E. Authenticated Session

Answer: B,D

QUESTION NO: 46

What X.509 extension is used to identify certificates that have been signed by a
specific private key of a Certificate Authority?

"Pass Any Exam. Any Time." - www.actualtests.com 17

 SCP SC0-501: Practice Exam
A. AuthorityKeyIdentifier
B. SubjectKeyIdentifier
C. SubjectPublicKeyInfo
D. SubjectPrivateKeyInfo
E. SignatureAlgorithm

Answer: A

QUESTION NO: 47

Which three of the following are examples of the reason that Message
Authentication is needed?

A. Packet Loss
B. Content Modification

m
C. Masquerading
D. Public Key Registration
E. Sequence Modification
.co
Answer: B,C,E
sts
lTe

QUESTION NO: 48

Which of the following Answer:s is the word SECURITY after having been encrypted
using the following Polybius Cipher shown in the figure?
tua
Ac

A. 280
B. 34 51 31 54 24 42 44 45
C. 7 6 8 9 6 6 8 9
D. 43 15 13 45 42 24 44 54
E. 4315 4224 1345 4454

Answer: D

"Pass Any Exam. Any Time." - www.actualtests.com 18

 SCP SC0-501: Practice Exam
QUESTION NO: 49

Which of the following are benefits to using smart cards for authentication?

A. Lower administrative costs

B. Reduced losses and liability
C. Increased convenience
D. More secure than tokens
E. Better accuracy than biometrics

Answer: A,B,C

m
.co
sts
lTe
tua
Ac

"Pass Any Exam. Any Time." - www.actualtests.com 19