Chapter 9: Security

Question 1

In the Kerberos Policy Settings, what is the default value for Maximum Lifetime for User Ticket?

Answer 1

10 hours

Question 2

Which of the following do attackers use if they want to find an organization’s dial-up ports?

Answer 2

war dialer

Question 3

Which of the following allows designated recovery agents to create public keys that can decode encrypted information?

Answer 3

Encrypting File System

Question 4

Which of the following is not a role that can be selected when you install Active Directory Certificate Services on a Windows Server 2008 computer?

Answer 4

intermediate

Question 5

Which of the following contains a digest of the certificate data used for digital signing?

Answer 5

thumbprint

Question 6

What is known as the cryptographic key that is used in exchanges between the security principal and the KDC?

Answer 6

long-term key

Question 7

Which of the following types of connections is established between two computers involved in the tunneling process?

Answer 7

PPP

Question 8

Which of the following specifies a value assigned by the CA that uniquely identifies the certificate?

Answer 8

serial number

Question 9

Which of the following template versions provides backward compatibility for CAs running Windows Server 2003 Standard Edition and Windows 2000 family operating systems?

Answer 9

version 1

Question 10

Smartcard User is a version __________ certificate template.

Answer 10

1

Question 11

For encryption on a data network to be both possible and practical, what form of encryption do computers typically use?

Answer 11

public key

Question 12

Which of the following is the default maximum password age?

Answer 12

42 days

Question 13

An ACL is a collection of individual permissions presented in what form?

Answer 13

access control entries

Question 14

Which of the following authentication devices verifies the identity of a user during logon?

Answer 14

smart card

Question 15

Which of the following is not a required permission that must be granted to the same user or group for the autoenrollment certificate template permission to function correctly?

Answer 15

Allow Write

Question 16

What type of list does SAM enable computers to maintain?

Answer 16

local users and groups that function as a decentralized authentication system

Question 17

For authentication, PPTP supports all of the following authentication protocols except __________.

Answer 17

Microsoft Point-to-Point Encryption (MPPE)

Question 18

Which of the following terms specifies the functions for which a digital certificate can be used?

Answer 18

enhanced key usage

Question 19

In Windows Server 2008, a root CA’s self-generated certificate defaults to a validity period of __________.

Answer 19

5 years

Question 20

Which of the following methods enables the server to support authentication with smart cards or other types of digital certificates?

Answer 20

Extensible Authentication Protocol-Transport Level Security (EAP-TLS)

Question 21

Which of the following is not an important criterion that firewalls can use in their rules?

Answer 21

DNS name

Question 22

Effective permissions for a given resource can be assigned in various ways. Which of the following is not a way in which they can be assigned?

Answer 22

application controlled

Question 23

Which of the following is the most popular biometric technology in use today?

Answer 23

fingerprint matching

Question 24

Which of the following is the strongest authentication protocol supported by Windows Server 2008?

Answer 24

Extensible Authentication Protocol (EAP)

Question 25

Which of the following Windows Server 2008 Certificate templates allows user authentication, EFS encryption, secure email, and certificate trust list signing?

Answer 25

administrator

Question 26

Which of the following is not a reason code for revoking a certificate?

Answer 26

certificate compromise