1102: Chap 7 - Security

Question 1

1102-Chap7-12: You are configuring a router for a small office network. The network users should be able to access regular and secure websites and send and receive email. Those are the only connections allowed to the Internet. Which security feature should you configure to prevent additional traffic from coming through the router?

MAC filtering
Content filtering
Port forwarding/mapping
Port security/disabling unused ports

Answer 1

Port security/disabling unused ports

Question 2

1102-Chap7-13: On a Win10 workstation, there are two NTFS volumes. The Managers group has Modify access to the D:\mgmt directory. You move the folder to the D:\keyfiles folder, to which the Managers group has Read Access. What level of permissions will the Managers group have to the new D:\keyfiles\mgmt directory?

Full Control
Modify
Read & Execute
Read

Answer 2

Modify

When you move or copy a folder on the same NTFS volume, it will keep its original permissions. If you copy it or move it to a different volume, it will inherit permissions from its new parent directory

Question 3

1102-Chap7-19: What does NTFS use to track users and groupd and their level of access to resources?

ACLs
Token
Badges
Control rosters

Answer 3

ACLs

Question 4

1102-Chap7-20: You have created a user account for a contract employee on a Windows 11 PC. The contractor will be with the company for a month. Which user group should this user’s account be placed in?

Power Users
Administrators
Standard Users
Guests

Answer 4

Guests

Guest have same access rights as Users, except: cannot access log files; Great for temporary workers

Question 5

1102-Chap7-25: What wireless protocol used in WPA compensates for the weak encryption of WEP?

VLAN
TKIP
VPN
AES

Answer 5

TKIP

Temporal Key Integrity Protocol

Question 6

WPA Encryption protocol

Answer 6

TKIP - temporal Key Integrity Protocol

Question 7

WPA2 Encryption protocol

Answer 7

AES - Advanced Encryption Standard

Question 8

1102-Chap7-30: What concept in Active Directory creates a directory subdivison within which may be placed users, groups, computers and other objects?

User
Domain
Organizational Unit
Home folder

Answer 8

Organizational Unit (OU)

Question 9

Folder Redirection

Answer 9

AD feature to allow users to log in from other computers. I think it used to be called Windows roaming profiles

Question 10

1102-Chap7-40: A user on your network reported that they received a phone call from someone in the IT department saying the user needed to reset their password. The caller offered to do it for them if they user could provide the IT worker with their current password. What is this most likely am example of?

The IT department helping the user to reset their password
A spoofing attack
A social engineering attack
A brute-force attack

Answer 10

A social engineering attack

Question 11

1102-Chap7-42: Several employees at your company have been tailgating to gian access to secure areas. Which of the following security methods is the best choice for stopping this practice?

Door lock
Entry control roster
Access control vestibule
ID Badges

Answer 11

Access control vestibule

Question 12

1102-Chap7-45: An administrator is transfering confidential files from one Windows Pro workstation to another, using a flash drive. Policy dictates that the files on the flash drive must be encrypted. What technology should be used?

BitLocker
BitLocker To Go
EFS
AES

Answer 12

BitLocker To Go

Question 13

1102-Chap7-49: Several Workstations on your network have not had their operating systems updated in more than a year, and your anti-virus software is also out of date. What type of security threat does this represent?

Non-compliant system
Zombie/botnet
Brute-force attack
Zero-day attack

Answer 13

Non-compliant system

Question 14

1102-Chap7-51: UserA is a member of the Dev group and the HR Group. They are trying to access a local resource on an NTFS volume. The HR group has Full Control permission for the payroll folder, and the Dev group has Deny Read permission for the same folder. What is UserA’s effective access to the payroll folder?

Full Control
Read
Write
Deny

Answer 14

Deny

When granting conflicting NTFS permissions, they are generally combined, and the most liberal is granted. The exception is when there is an explicit Deny. That overrides any allowed permissions

Question 15

1102-Chap7-53: You have assigned a Windows workstation to a workgroup. Which of the following are recommended best practices for maxmizing security rehgarding the Administrator account? (Choose two)

Disable the Administrator account
Rename the Administrator account
Remove the Administrator account from the Administrators group
Require a strong password

Answer 15

Rename the Administrator account

Require a strong password

Question 16

1102-Chap7-55: Which of the following are advantages of using NTFS permissions over share permissions? (choose two)

NTFS permissions will override share permissions if there is a conflict
NTFS permissions affect users at the local computer, but share permissions do not
NTFS permissions are more restrictive in their access levels than share permissions
NTFS permissions can be set at the file level, but share permissions cannot

Answer 16

NTFS permissions affect users at the local computer, but share permissions do not

NTFS permissions can be set at the file level, but share permissions cannot

Question 17

1102-Chap7-56: Someone has placed an unauthorized wireless router on your network and configured it to the same SSID as your network. Users can access the network through that router, even though its not supposed to be there. What type of security threat could this lead to?

Zombie/botnet
Spoofing
Non-compliant system
On-Path attack

Answer 17

On-Path attack

Question 18

1102-Chap7-61: You need to know which files have been modified in a folder. Which of the folloiwing is not a way to see when the files have been modified?

Right-click each file and choose Properties, and then Advanced to see whether the archive bit is set
Open the folder in File Explorer and click Date Modified to sort the files by the date they were last modified.
Type archive at a command prompt
Type attrib at a command prompt

Answer 18

Type archive at a command prompt

Question 19

1102-Chap7-74: A computer user wants to encrypt a few files on an NTFS volume on their Windows Pro workstation. They do not have administrative rights to the computer. Which of the following statements is correct?

They can only use device encryption
They can use BitLocker
They can use BitLocker To Go
They can use EFS

Answer 19

They can use EFS

Question 20

1102-Chap7-77: On a windows workstation, there is one volume formatted with NTFS. The Developers group has Modify access to the C:\dev directory. You copy the folder to the C:\operations folder, to which the Developers group has Read access. What level of permissions will the Developers group have to the new C:\operations\dev directory?

Read & Execute
Read
Full Control
Modify

Answer 20

Read

When a folder or file is copied on NTFS volumes, the new file or folder will inherit its NTFS permissions from its new parent folder. The old permissions will be discarded. However, when files and folders are moved versus copying them, the original permissions are retained at the new location

Question 21

1102-Chap7-81: A computer user wants to encrypt the data on their Win10 Home device. They have adminsitrative rights to the computer. Which of the following statements is true?

The may be able to use Windows device encryption
They can use BitLocker
They can use BitLocker To Go
They can use EFS

Answer 21

The may be able to use Windows device encryption

Question 22

1102-Chap7-83: Which of the following statements are true regarding file and folder attrributes on a Windows 11 workstation? (choose two)

• File attributes are only available on NTFS volumes
• Only members of the Administrators group can change file/folder attributes
• Attributes can be accessed by right-clicking the file/folder and choosing Properties and then selecting the General Tab
• Compression is an advanced file/folder attribute

Answer 22

• Attributes can be accessed by right-clicking the file/folder and choosing Properties and then selecting the General Tab
• Compression is an advanced file/folder attribute

Question 23

1102-Chap7-86: A user is working on a Windows workstation. Their user account is a member of the Managers group, and they are trying to access a folder called reports, located oin a different computer. The NTFS permissions for the reports shared folder on that computer for the Managers group are Read and Write. the folder’s share permissions for the Managers group is the Read permission. What are the user’s effective permissions on the reports folder?

Full Control
Read and Write
Read
No Access

Answer 23

Read

Because the user is accessing the NTFS-based resource over the network, both the NTFS and share permissions are applied. If there is a difference between the two of them, the most restrictive permissions are used. Therefore, the user has Read access only

Question 24

1102-Chap7-89: Someone has placed an unauthorized wireless router on your network and configured it to the same SSID as your network. Users can access the network through that router, even though its not supposed to be there. What is this router configuration known as?

Zombie/botnet
Evil twin
Non-compliant system
On-path attack

Answer 24

Evil twin

Question 25

1102-Chap7-92: Which of the following is an open source authentication encryption protocol that is widely used and that uses a third party to verify user credentials?

AES
TACACS+
Kerberos
RADIUS

Answer 25

Kerberos

Question 26

WinRE

Answer 26

Windows Recovery Environment

Question 27

1102-Chap7-111: What Active Directory security measure moves a user’s data to a server and off the local drive so that if a laptop is lost or stolen and someone gains access to it, they won’t have access to information in the user’s data files?

Home Folder
Security Group
Organizational Unit
Login Script

Answer 27

Home Folder

Question 28

1102-Chap7-119: Your company has different locations, each with its own management needs, but it wan ts a cohesive way to manage all the users, computers and other resources on the network. What will you group those users, computers, and resources into that will provide a centralized point of control for each location?

Active Directory
Domain
Security Groups
Home Folders

Answer 28

Domain

Question 29

1102-Chap7-123: You are a junior IT administrator and your supervisor has asked you to ensure that all workstations have the built-in Windows firewall activated. Where can you go to do that? (choose two)

Firewall & Network Protection in the Settings App
Firewall & Network Protection in Control Panel
Windows Defender Firewall in the Settings App
Windows Defender Firewall in Control Panel

Answer 29

Firewall & Network Protection in the Settings App

Windows Defender Firewall in Control Panel

Question 30

1102-Chap7-131: You’re configuring password requirements such as length and expiriation for several Windows 11 pro workstations. What utility can you use on the workstations to configure the password requirements?

User Accounts in Control Panel
Local Users and Groups
Administrative Tools
Local Security Policy

Answer 30

Local Security Policy

Question 31

1102-Chap7-133: A computer user is setting up a new Windows 11 Home computer for the first time. They called you because they can’t figure out how to set it up with a local account. What will you tell them?

That option is not available. They must use a Microsoft Account.
Press F10 during bootup to create a local account
They must switch to the Pro edition if they want to use a local account after setup
Local accounts are never available in Windows 11

Answer 31

That option is not available. They must use a Microsoft Account.

Question 32

1102-Chap7-142: You are setting up a Windows 11 Pro computer that will house data shared by many people. How will you establish security for this group?

• Use the Local Users and Groups app to create groups, such as Accounting, Office and so on. Then set up permissions for each group on the shared files. Add and remove users on the group as needed
• In Control Panel, User Accounts, make all users administrators so they can do what they need
• Use the Local Users and Groups app to create groups such as Accounting, Office and so on. Then set up permissions for each group on the shared files. Add users to the groups just for organizational purposes
• Groups are only used on servers, so set up each person with their specific NTFS permissions on the shared data folder

Answer 32

Use the Local Users and Groups app to create groups, such as Accounting, Office and so on. Then set up permissions for each group on the shared files. Add and remove users on the group as needed

Question 33

1102-Chap7-144: Which of the following are best practices for managin user accounts? (choose two)

Restrict User permissions
Restrict Login Times
Enable the guest account
Give all users administrator permissions

Answer 33

Restrict User permissions

Restrict Login Times

Question 34

UPnP

Answer 34

Universal Plug and Play

a protocol that alloows devices to find and communicate with each othert on your LAN. Also commonly used by malware