Chapter 8

Question 1

What is the main objective of implementing security controls in Microsoft Windows systems and networks?

Answer 1

To protect Microsoft Windows systems and networks

Question 2

Define network in the context of Microsoft Windows.

Answer 2

A collection of computers and devices joined by connection media

Question 3

What are the three main types of vulnerabilities that need attention for securing a Microsoft Windows network?

Answer 3

• Physical and logical access
• Traffic flow
• Computer and device security

Question 4

What does a Local Area Network (LAN) cover?

Answer 4

A small physical area, such as an office or building

Question 5

What is a Metropolitan Area Network (MAN)?

Answer 5

Connects two or more LANs but does not span an area larger than a city or town

Question 6

What is the purpose of a Wide Area Network (WAN)?

Answer 6

To connect multiple LANs and WANs and span very large areas

Question 7

List some network security controls.

Answer 7

• Access controls for protected resources
• Communication controls
• Anti-malware software
• Recovery plans
• Configuration management
• Monitoring tools
• Software patch management

Question 8

True or False: Using firewalls is a method to control unauthorized traffic on a network.

Answer 8

True

Question 9

What type of connection media is most commonly used in networks?

Answer 9

Unshielded twisted pair (UTP)

Question 10

What is the main advantage of fiber-optic cable?

Answer 10

Immunity to radio and electrical interference

Question 11

Fill in the blank: The protocol that enables secure communication over the web is _______.

Answer 11

HTTPS

Question 12

What is the primary function of a router in a network?

Answer 12

To connect two or more separate networks

Question 13

What does a network file server provide?

Answer 13

Secure access to stored data for remote users

Question 14

What is the role of a firewall?

Answer 14

To filter network traffic to block suspicious packets or messages

Question 15

What does NAT stand for, and what is its function?

Answer 15

Network address translation; it hides the true IP address of internal computers from outside nodes

Question 16

What is the significance of the OSI Reference Model?

Answer 16

It describes how computers use multiple layers of protocol rules to communicate across a network

Question 17

List some common network communication protocols.

Answer 17

• Telnet
• Secure Shell (SSH)
• HTTPS
• SSL/TLS
• TCP/IP
• IPSec
• SSTP

Question 18

True or False: Telnet encrypts all information transmitted, making it secure.

Answer 18

False

Question 19

What is the main purpose of service accounts in Windows?

Answer 19

To define rights and permissions based on user accounts

Question 20

What should be done to secure services in a Windows environment?

Answer 20

Disable or remove unnecessary services

Question 21

Fill in the blank: The most common protocol pair for internet communication is _______.

Answer 21

TCP/IP

Question 22

What is the purpose of configuration management software in network security?

Answer 22

To control network device configuration changes

Question 23

What is the recommended practice for running each service in Windows?

Answer 23

Run each service as a user that possesses the minimum privileges necessary to perform the service’s functions.

Question 24

What should be done if a service is not needed?

Answer 24

Stop it, disable it, remove it.

Question 25

What encryption methods should be used for securing wireless networking?

Answer 25

Use WPA, WPA2, or WPA3 encryption.

Question 26

What is the principle of least privilege?

Answer 26

Grant minimal rights and permissions to users.

Question 27

What should be required from users to protect workstations from unauthorized access?

Answer 27

Require unique user accounts with strong passwords for each user.

Question 28

What should be done to user accounts after termination of employment?

Answer 28

Remove or disable unused user accounts.

Question 29

What is the purpose of auditing failed access attempts?

Answer 29

To monitor and enhance security by tracking unauthorized access attempts.

Question 30

What is a recommended action after five failed logon attempts?

Answer 30

Enable account lockout.

Question 31

What should be done to protect workstations from malicious software?

Answer 31

Require all workstations to have anti-malware software installed and updated.

Question 32

What should be done with outbound traffic to protect against DoS and DDoS attacks?

Answer 32

Configure each workstation’s firewall to filter outbound traffic.

Question 33

What authentication method does Windows use by default?

Answer 33

Kerberos.

Question 34

What should be enforced on each Windows server regarding malware protection?

Answer 34

Install antivirus and antispyware software.

Question 35

What is the role of stand-alone firewalls in network security?

Answer 35

They process firewall rules and forward only approved traffic.

Question 36

What should be included in a cloud service provider's service level agreement (SLA)?

Answer 36

Know what each one promises regarding security and recovery goals.

Question 37

What does Microsoft Defender for Cloud allow?

Answer 37

Consistent assessments of your security posture and recommendations for action.

Question 38

What is the purpose of configuring security alerts in Azure Resource Graph Explorer?

Answer 38

To create queries for alerting and monitoring governance.

Question 39

What should be done to protect sensitive data at rest?

Answer 39

Use encryption.

Question 40

What should be the approach for firewall rules?

Answer 40

Establish rules to deny all suspicious traffic.

Question 41

Fill in the blank: The principle of least privilege helps to _______.

Answer 41

[grant minimal rights and permissions to users]

Question 42

True or False: It is advisable to enable SSID broadcast for better network visibility.

Answer 42

False.

Question 43

What should be done to guest access in a secure network?

Answer 43

Install a separate wireless access point for guests.

Question 44

What should users be trained on to enhance workstation security?

Answer 44

How to create strong passwords and protect user account credentials.

Question 45

What is one of the best practices for managing user accounts?

Answer 45

Establish unique domain user accounts.

Question 46

What should be done to services running as a domain administrator user?

Answer 46

Do not allow any services to run as a domain administrator user.