7.2

Question 1

What is an object-oriented, interactive command environment with scripting language features?

Answer 1

Windows PowerShell (PS)

Question 2

What cmdlet and variable do you use to obtain the current PS version?

Answer 2

Get-Host and $PSVersionTable

Question 3

What PS cmdlet gives a complete list of aliased commands and their associated PS cmdlet?

Answer 3

Get-Alias

Question 4

dir is an alias for what ps cmdlet?

Answer 4

Get-ChildItem

Question 5

What is the PS cmdlet to list the available cmdlets?

Answer 5

Get-Command

Question 6

What is the PS command to see all of the arguments for a given cmdlet?

Answer 6

Get-Help

Question 7

What parameter will show specific examples for a cmdlet in PS?

Answer 7

-examples

Question 8

What are small commands used within PS called?

Answer 8

cmdlets

Question 9

What cmdlet is used to show all of the available verbs in PS?

Answer 9

Get-Verb

Question 10

What parameter is used to state the name of an object, i.e. a user name, cmdlet name, path name?

Answer 10

-name

Question 11

What parameter is used to state the system name or IP you want the action performed on?

Answer 11

-computername

Question 12

What parameter is used to state the path for a directory?

Answer 12

-Path

Question 13

What defines additional information associated with a parameter name?

Answer 13

Arguments

Question 14

What parameter and argument is used when navigating the filesystem to specify path to traverse?

Answer 14

-Path C:\Windows

Question 15

What parameter and argument is used with Import-Module and specifies the name of the module that you wish to import?

Answer 15

-Name ActiveDirectory

Question 16

What defines the process of passing the results of one cmdlet as input into a second cmdlet?

Answer 16

Pipeline

Question 17

What are packages of PS commands, consisting of cmdlets, functions, variables, and aliases?

Answer 17

Modules

Question 18

What defines a way for the OS and its services and applications to record important actrions, post status messages, and track security events?

Answer 18

Logging

Question 19

What is the command line tool that enables auditing?

Answer 19

auditpol

Question 20

What defines the tracking of changes?

Answer 20

Auditing

Question 21

What three logs are always available?

Answer 21

Application Log, System Log, and Security Log

Question 22

Where does 5.* Windows architectures store log files?

Answer 22

%SystemRoot%\system32\config

Question 23

Where does 6.* Windows architectures store log files at?

Answer 23

%SystemRoot%\system32\winevt\logs

Question 24

What logs will a domain controller typically have?

Answer 24

Directory Service Log, File Replication Log, and DNS Server Log

Question 25

What is a vast heirarchical repository of operating system (OS), hardware, applications, and user settings that is referred to as the heart and soul of the OS?

Answer 25

Windows Registry

Question 26

At what time is the registry read?

Answer 26

Boot process, application startup, and User Login

Question 27

What is the primary tool for viewing and editing the Registry?

Answer 27

regedit.exe

Question 28

What is the primary tool for viewing and editing the Registry?

Answer 28

regedit.exe

Question 29

What type of key contains all the user settings and all the computer settings respectively?

Answer 29

Master key

Question 30

What are the two master keys?

Answer 30

• HKEY_USERS (HKU)*
• HKEY_LOCAL_MACHINE (HKLM)*

Question 31

What types of key are linked to key within the two master keys; and what are they?

Answer 31

Derived

• HKEY_CLASSES_ROOT (HKCR)
• HKEY_CURRENT_USER (HKCU)
• HKEY_CURRENT_CONFIG (HKCC)

Question 32

What are used to identify additional object attributes?

Answer 32

Parameters

Question 33

What defines an internal command that is associated with a PS cmdlet that provides a similar output?

Answer 33

Aliases

Question 34

Which Security Audit trigger happens when changes to user rights, Windows Firewall, GPOs, audit, or trust policies occur?

Answer 34

Policy Change

Question 35

Which Security Audit trigger happens when an object (e.g., file, folder, etc.) is accessed that has a System Access Control List (SACL)?

Answer 35

Object Access

Question 36

Which Security Audit trigger happens when a user exercises a user right or privilege?

Answer 36

Privilege Use

Question 37

Which Security Audit trigger happens when programs activate, processes exit, and object are accessed indirectly?

Answer 37

Process Tracking (Detailed Tracking)

Question 38

Which Security Audit trigger happens when computer security events such as restart, shutdown, or clearing the vent log occur?

Answer 38

System

Question 39

Which Security Audit trigger happens when accounts are created, deleted, or which user accounts are modified?

Answer 39

Account Management

Question 40

Which Security Audit trigger happens when logon attempts occur?

Answer 40

Logon

Question 41

Which Security Audit trigger happens when network-based access to computer and attempts connect to shares are made?

Answer 41

Account Logon

Question 42

Which Security Audit trigger happens when a user accesses a directory service object with a System Access Control List (SACL)?

Answer 42

Directory Service Access