1102: Chap 7 - Security Flashcards
1102-Chap7-12: You are configuring a router for a small office network. The network users should be able to access regular and secure websites and send and receive email. Those are the only connections allowed to the Internet. Which security feature should you configure to prevent additional traffic from coming through the router?
MAC filtering
Content filtering
Port forwarding/mapping
Port security/disabling unused ports
Port security/disabling unused ports
1102-Chap7-13: On a Win10 workstation, there are two NTFS volumes. The Managers group has Modify access to the D:\mgmt directory. You move the folder to the D:\keyfiles folder, to which the Managers group has Read Access. What level of permissions will the Managers group have to the new D:\keyfiles\mgmt directory?
Full Control
Modify
Read & Execute
Read
Modify
When you move or copy a folder on the same NTFS volume, it will keep its original permissions. If you copy it or move it to a different volume, it will inherit permissions from its new parent directory
1102-Chap7-19: What does NTFS use to track users and groupd and their level of access to resources?
ACLs
Token
Badges
Control rosters
ACLs
1102-Chap7-20: You have created a user account for a contract employee on a Windows 11 PC. The contractor will be with the company for a month. Which user group should this user’s account be placed in?
Power Users
Administrators
Standard Users
Guests
Guests
Guest have same access rights as Users, except: cannot access log files; Great for temporary workers
1102-Chap7-25: What wireless protocol used in WPA compensates for the weak encryption of WEP?
VLAN
TKIP
VPN
AES
TKIP
Temporal Key Integrity Protocol
WPA Encryption protocol
TKIP - temporal Key Integrity Protocol
WPA2 Encryption protocol
AES - Advanced Encryption Standard
1102-Chap7-30: What concept in Active Directory creates a directory subdivison within which may be placed users, groups, computers and other objects?
User
Domain
Organizational Unit
Home folder
Organizational Unit (OU)
Folder Redirection
AD feature to allow users to log in from other computers. I think it used to be called Windows roaming profiles
1102-Chap7-40: A user on your network reported that they received a phone call from someone in the IT department saying the user needed to reset their password. The caller offered to do it for them if they user could provide the IT worker with their current password. What is this most likely am example of?
The IT department helping the user to reset their password
A spoofing attack
A social engineering attack
A brute-force attack
A social engineering attack
1102-Chap7-42: Several employees at your company have been tailgating to gian access to secure areas. Which of the following security methods is the best choice for stopping this practice?
Door lock
Entry control roster
Access control vestibule
ID Badges
Access control vestibule
1102-Chap7-45: An administrator is transfering confidential files from one Windows Pro workstation to another, using a flash drive. Policy dictates that the files on the flash drive must be encrypted. What technology should be used?
BitLocker
BitLocker To Go
EFS
AES
BitLocker To Go
1102-Chap7-49: Several Workstations on your network have not had their operating systems updated in more than a year, and your anti-virus software is also out of date. What type of security threat does this represent?
Non-compliant system
Zombie/botnet
Brute-force attack
Zero-day attack
Non-compliant system
1102-Chap7-51: UserA is a member of the Dev group and the HR Group. They are trying to access a local resource on an NTFS volume. The HR group has Full Control permission for the payroll folder, and the Dev group has Deny Read permission for the same folder. What is UserA’s effective access to the payroll folder?
Full Control
Read
Write
Deny
Deny
When granting conflicting NTFS permissions, they are generally combined, and the most liberal is granted. The exception is when there is an explicit Deny. That overrides any allowed permissions
1102-Chap7-53: You have assigned a Windows workstation to a workgroup. Which of the following are recommended best practices for maxmizing security rehgarding the Administrator account? (Choose two)
Disable the Administrator account
Rename the Administrator account
Remove the Administrator account from the Administrators group
Require a strong password
Rename the Administrator account
Require a strong password
1102-Chap7-55: Which of the following are advantages of using NTFS permissions over share permissions? (choose two)
NTFS permissions will override share permissions if there is a conflict
NTFS permissions affect users at the local computer, but share permissions do not
NTFS permissions are more restrictive in their access levels than share permissions
NTFS permissions can be set at the file level, but share permissions cannot
NTFS permissions affect users at the local computer, but share permissions do not
NTFS permissions can be set at the file level, but share permissions cannot
1102-Chap7-56: Someone has placed an unauthorized wireless router on your network and configured it to the same SSID as your network. Users can access the network through that router, even though its not supposed to be there. What type of security threat could this lead to?
Zombie/botnet
Spoofing
Non-compliant system
On-Path attack
On-Path attack
1102-Chap7-61: You need to know which files have been modified in a folder. Which of the folloiwing is not a way to see when the files have been modified?
Right-click each file and choose Properties, and then Advanced to see whether the archive bit is set
Open the folder in File Explorer and click Date Modified to sort the files by the date they were last modified.
Type archive at a command prompt
Type attrib at a command prompt
Type archive at a command prompt
1102-Chap7-74: A computer user wants to encrypt a few files on an NTFS volume on their Windows Pro workstation. They do not have administrative rights to the computer. Which of the following statements is correct?
They can only use device encryption
They can use BitLocker
They can use BitLocker To Go
They can use EFS
They can use EFS
1102-Chap7-77: On a windows workstation, there is one volume formatted with NTFS. The Developers group has Modify access to the C:\dev directory. You copy the folder to the C:\operations folder, to which the Developers group has Read access. What level of permissions will the Developers group have to the new C:\operations\dev directory?
Read & Execute
Read
Full Control
Modify
Read
When a folder or file is copied on NTFS volumes, the new file or folder will inherit its NTFS permissions from its new parent folder. The old permissions will be discarded. However, when files and folders are moved versus copying them, the original permissions are retained at the new location
1102-Chap7-81: A computer user wants to encrypt the data on their Win10 Home device. They have adminsitrative rights to the computer. Which of the following statements is true?
The may be able to use Windows device encryption
They can use BitLocker
They can use BitLocker To Go
They can use EFS
The may be able to use Windows device encryption
1102-Chap7-83: Which of the following statements are true regarding file and folder attrributes on a Windows 11 workstation? (choose two)
- File attributes are only available on NTFS volumes
- Only members of the Administrators group can change file/folder attributes
- Attributes can be accessed by right-clicking the file/folder and choosing Properties and then selecting the General Tab
- Compression is an advanced file/folder attribute
- Attributes can be accessed by right-clicking the file/folder and choosing Properties and then selecting the General Tab
- Compression is an advanced file/folder attribute
1102-Chap7-86: A user is working on a Windows workstation. Their user account is a member of the Managers group, and they are trying to access a folder called reports, located oin a different computer. The NTFS permissions for the reports shared folder on that computer for the Managers group are Read and Write. the folder’s share permissions for the Managers group is the Read permission. What are the user’s effective permissions on the reports folder?
Full Control
Read and Write
Read
No Access
Read
Because the user is accessing the NTFS-based resource over the network, both the NTFS and share permissions are applied. If there is a difference between the two of them, the most restrictive permissions are used. Therefore, the user has Read access only
1102-Chap7-89: Someone has placed an unauthorized wireless router on your network and configured it to the same SSID as your network. Users can access the network through that router, even though its not supposed to be there. What is this router configuration known as?
Zombie/botnet
Evil twin
Non-compliant system
On-path attack
Evil twin
1102-Chap7-92: Which of the following is an open source authentication encryption protocol that is widely used and that uses a third party to verify user credentials?
AES
TACACS+
Kerberos
RADIUS
Kerberos
WinRE
Windows Recovery Environment
1102-Chap7-111: What Active Directory security measure moves a user’s data to a server and off the local drive so that if a laptop is lost or stolen and someone gains access to it, they won’t have access to information in the user’s data files?
Home Folder
Security Group
Organizational Unit
Login Script
Home Folder
1102-Chap7-119: Your company has different locations, each with its own management needs, but it wan ts a cohesive way to manage all the users, computers and other resources on the network. What will you group those users, computers, and resources into that will provide a centralized point of control for each location?
Active Directory
Domain
Security Groups
Home Folders
Domain
1102-Chap7-123: You are a junior IT administrator and your supervisor has asked you to ensure that all workstations have the built-in Windows firewall activated. Where can you go to do that? (choose two)
Firewall & Network Protection in the Settings App
Firewall & Network Protection in Control Panel
Windows Defender Firewall in the Settings App
Windows Defender Firewall in Control Panel
Firewall & Network Protection in the Settings App
Windows Defender Firewall in Control Panel
1102-Chap7-131: You’re configuring password requirements such as length and expiriation for several Windows 11 pro workstations. What utility can you use on the workstations to configure the password requirements?
User Accounts in Control Panel
Local Users and Groups
Administrative Tools
Local Security Policy
Local Security Policy
1102-Chap7-133: A computer user is setting up a new Windows 11 Home computer for the first time. They called you because they can’t figure out how to set it up with a local account. What will you tell them?
That option is not available. They must use a Microsoft Account.
Press F10 during bootup to create a local account
They must switch to the Pro edition if they want to use a local account after setup
Local accounts are never available in Windows 11
That option is not available. They must use a Microsoft Account.
1102-Chap7-142: You are setting up a Windows 11 Pro computer that will house data shared by many people. How will you establish security for this group?
- Use the Local Users and Groups app to create groups, such as Accounting, Office and so on. Then set up permissions for each group on the shared files. Add and remove users on the group as needed
- In Control Panel, User Accounts, make all users administrators so they can do what they need
- Use the Local Users and Groups app to create groups such as Accounting, Office and so on. Then set up permissions for each group on the shared files. Add users to the groups just for organizational purposes
- Groups are only used on servers, so set up each person with their specific NTFS permissions on the shared data folder
Use the Local Users and Groups app to create groups, such as Accounting, Office and so on. Then set up permissions for each group on the shared files. Add and remove users on the group as needed
1102-Chap7-144: Which of the following are best practices for managin user accounts? (choose two)
Restrict User permissions
Restrict Login Times
Enable the guest account
Give all users administrator permissions
Restrict User permissions
Restrict Login Times
UPnP
Universal Plug and Play
a protocol that alloows devices to find and communicate with each othert on your LAN. Also commonly used by malware
