Free RC0-501 Exam Braindumps (page: 20)

Page 19 of 87

An incident responder receives a call from a user who reports a computer is exhibiting symptoms consistent with a malware infection.
Which of the following steps should the responder perform NEXT?

  1. Capture and document necessary information to assist in the response.
  2. Request the user capture and provide a screenshot or recording of the symptoms.
  3. Use a remote desktop client to collect and analyze the malware in real time.
  4. Ask the user to back up files for later recovery.

Answer(s): A



A senior incident response manager receives a call about some external IPs communicating with internal computers during off hours.
Which of the following types of malware is MOST likely causing this issue?

  1. Botnet
  2. Ransomware
  3. Polymorphic malware
  4. Armored virus

Answer(s): A



Which of the following technologies employ the use of SAML? (Select two.)

  1. Single sign-on
  2. Federation
  3. LDAP
  4. Secure token
  5. RADIUS

Answer(s): A,B



Which of the following specifically describes the exploitation of an interactive process to access otherwise restricted areas of the OS?

  1. Privilege escalation
  2. Pivoting
  3. Process affinity
  4. Buffer overflow

Answer(s): A






Post your Comments and Discuss CompTIA RC0-501 exam with other Community members:

RC0-501 Discussions & Posts