F

SCP SC0-502 Exam Material

Information About SCP SC0-502 Exam

Vender: SCP
Exam Code: SC0-502
Exam Name: Security Certified Program
Number Of Questions: 28
Certification Name: SAP Security Certified Network Architect
Exam Language: English
Questions Type: MCQs
Material Format: PDF & Web Practice Test Software

Prepare SCP SC0-502 Exam Questions

Question No 1:
GlobalCorp is a company that makes state of the art aircraft for commercial and government use. Recently GlobalCorp has been working on the next generation of low orbit space vehicles, again for both commercial and governmental markets. GlobalCorphas corporate headquarters in Testbed, Nevada, US

A. Testbed is a small town, with a population of less than 50,000 people. GlobalCorp is the largest company in town, where most families have at least one family member working there. The corporate office in Testbed has 4,000 total employees, on a 40-acre campus environment. The largest buildings are the manufacturing plants, which are right next to the Research and Development labs. The manufacturing plants employee approximately 1,000 people and the RD labs employ 500 people. There is one executive building, where approximately 500 people work. The rest of the employees work in Marketing, Accounting, Press and Investor Relations, and so on. The entire complex has a vast underground complex of tunnels that connect each building. All critical functions are run from the Testbed office, with remote offices around the world. The remote offices are involved in marketing and sales of GlobalCorp products. These offices also perform maintenance on the GlobalCorp aircraft and will occasionally perform RD and on-site manufacturing. There are 5 remote offices, located in: New York, California, Japan, India, and England. Each of the remote offices has a dedicated T3 line to the GlobalCorp HQ, and all network traffic is routed through the Testbed office the remote offices do not have direct Internet connections. You had been working for two years in the New York office, and have been interviewing for the lead security architect position in Testbed. The lead security architect reports directly to the Chief Security Officer (CSO), who calls you to let you know that you got the job. You are to report to Testbed in one month, just intime for the annual meeting, and in the meantime you review the overview of the GlobalCorp network. Your first day in GlobalCorp Testbed, you get your office setup, move your things in place, and about the time you turn on your laptop, there is a knock on your door. It is Blue, the Chief Security Officer, who informs you that there is a meeting that you need to attend in a half an hour.With your laptop in hand, you come to the meeting, and are introduced to everyone. Blue begins the meeting with a discussion on the current state of security in GlobalCorp. "For several years now, we have constantly been spending more and more money on our network defense, and I feel confident that we are currently well defended." Blue, puts a picture on the wall projecting the image of the network, and then continues, "We have firewalls at each critical point, we have separate Internet access for our public systems, and all traffic is routed through our controlled access points. So, with all this, you might be wondering why I have concern." At this point a few people seem to nod in agreement. For years, GlobalCorp has been at the forefront of perimeter defense and security. Most in the meeting are not aware that there is much else that could be done. Blue continues, "Some of you know this, for the rest it is new news: MassiveCorp is moving their offices to the town right next to us here. Now, as you all know, MassiveCorp has been trying to build their orbital systems up to our standards for years and have never been able to do so. So, from a security point of view, I am concerned." Blue responds, "I suggest trust. Not withMassiveCorp, but in our own systems. We must build trusted networks. We must migrate our network from one that is well-defended to one that iswell-defended and one that allows us to trust all the network traffic." The meeting continues for some time, with Blue leading the discussion on a whole new set of technologies currently not used in thenetwork. After some time, it is agreed upon that GlobalCorp will migrate to a trusted networking environment. The following week, Blue informs you that you will be workingdirectly together on the development of the planning and design of the trustednetwork. The network is going to run a full PKI, with all clients and servers in the network using digital certificates. You are grateful that in the past two years, Blue has had all the systems changed to be running only Windows 2000, both server and professional systems, running Active Directory. You think the consistent platform will make the PKI roll out easier.The entire GlobalCorp network is running Active Directory,with the domain structure as in the following list: Testbed.globalcorp.org Newyork.globalcorp.org California.globalcorp.org Japan.globalcorp.org India.globalcorp.org England.globalcorp.org Although you will be working in the Testbed office, the plan you develop will need to include the entire GlobalCorp organization. Based on this information, select the solution that describes the best plan for the new trusted network of GlobalCorp:}

Answer: You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps: 1. Draft a Certification Practice Statement (CPS) to define what users will be allowed to do with their certificates, and a Certificate Policy (CP) to define the technology used to ensure the users are able to use their certificates as per the CPS. 2 Draft a CPF based on your own guidelines, including physical and technology controls. Design the system to be a full hierarchy, with the Root CA located in the executive building. Every remote office will have a subordinate CA, and every other building on the campus in Testbed will have a subordinate CA. Design the hierarchy with each remote office and building having it's own enrollment CA. Build a small test pilot program, to test the hierarchy, and integration with the existing network. Implement the CA hierarchy in the executive office, and get all users acclimated to the system. Implement the CA hierarchy in each other campus building in Testbed, and get all users acclimated to the system. One at a time, implement the CA hierarchy in each remote office; again getting all users acclimated to the system. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network. 10.Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network. ,You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps: Draft a Certification Practice Statement (CPS) to define what users will be allowed to do with their certificates, and a Certificate Policy (CP) to define the technology used to ensure the users are able to use their certificates as per the CPS. Draft a CPF based on your own guidelines, including physical and technology controls. Design the system, outside of the executive office, to be a full hierarchy, with the Root CA for the hierarchy located in the executive building. Every remote office will have a subordinate C A, and every other building on the campus in Testbed will have a subordinate CA. In the executive building, you design the system to be a mesh CA structure, with one CA per floor of the building. Design the hierarchy with each remote office and building having it own enrollment CA. Build a small test pilot program, to test the hierarchy, and integration with the existing network. Implement the CA hierarchy in the executive office, and get all users acclimated to the system. Implement the CA hierarchy in each other campus building in Testbed, and get all users acclimated to the system. One at a time, implement the CA hierarchy in each remote office; again getting all users acclimated to the system. 10.Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network. 11.Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network. ,You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps: Draft a Certificate Policy (CP) document to define what users will be allowed to do with their certificates, and a Certification Practice Statement (CPS) document to define the technology used to ensure the users are able to use their certificates as per the CPS. Draft a Certificate Practices Framework (CPF) document based on RFC 2527, including every primary component. Design the system to be a full hierarchy, with the Root CA located in the executive building. Every remote office will have a subordinate CA, and every other building on the campus in Testbed will have a subordinate CA. Design the hierarchy with each remote office and building having it own enrollment CA. Build a small test pilot program, to test the hierarchy, and integration with the existing network. Implement the CA hierarchy in the executive office, and get all users acclimated to the system. Implement the CA hierarchy in each other campus building in Testbed, and get all users acclimated to the system. One at a time, implement the CA hierarchy in each remote office; again getting all users acclimated to the system. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network. 10.Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network. ,You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps: Draft a Certificate Policy (CP) document to define what users will be allowed to do with their certificates, and a Certification Practice Statement (CPS) document to define the technology used to ensure the users are able to use their certificates as per the CPS. Draft a Certificate Practices Framework (CPF) document based on RFC 2527, including every primary component. Design the system to be a full mesh, with the Root CA located in the executive building. 3.Design the system to be a full mesh, with the Root CA located in the executive building. Design the mesh with each remote office and building having it own Root CA. Build a small test pilot program, to test the hierarchy, and integration with the existing network. Implement the CA mesh in the executive office, and get all users acclimated to the system. Implement the CA mesh in each other campus building in Testbed, and get all users acclimated to the system. One at a time, implement the CA mesh in each remote office; again getting all users acclimated to the system. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network. 10.Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network. ,You design the plan for two weeks, and then you present it to Blue. Your plan follows these critical steps: Draft a Certification Practice Statement (CPS) to define what users will be allowed to do with their certificates, and a Certificate Policy (CP) to define the technology used to ensure the users are able to use their certificates as per the CPS. Draft a CPF based on your own guidelines, including physical and technology controls. Design the system to be a full mesh, with the Root CA located in the executive building. Design the mesh with each remote office and building having it own Root CA. Build a small test pilot program, to test the hierarchy, and integration with the existing network. Implement the CA mesh in the executive office, and get all users acclimated to the system. Implement the CA mesh in each other campus building in Testbed, and get all users acclimated to the system. One at a time, implement the CA mesh in each remote office; again getting all users acclimated to the system. Test the team in each location on proper use and understanding of the overall PKI and their portion of the trusted network. 10.Evaluate the rollout, test, and modify as needed to improve the overall security of the GlobalCorp trusted network.

See More Questions

Join the conversation

You can post now after register. If you have an account, sign in now to post with your account.