El Preguntas Flashcards

1
Q

What is the primary goal of a security baseline?

A. To establish a minimum level of security for all systems
B. To identify vulnerabilities in existing systems
C. To provide a framework for incident response
D. To ensure compliance with industry regulations

A

A. To establish a minimum level of security for all systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following is NOT a fundamental principle of the Zero Trust model?

A. Never trust, always verify
B. Assume breach
C. Least privilege access
D. Open access

A

D. Open access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the primary purpose of a firewall?

A. To prevent unauthorized access to a network
B. To detect and block malware
C. To encrypt data in transit
D. To monitor network traffic for anomalies

A

A. To prevent unauthorized access to a network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the best practice for password management?

A. Using the same password for all accounts
B. Sharing passwords with colleagues
C. Using strong, unique passwords
D. Disabling password expiration

A

C. Using strong, unique passwords

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the purpose of multi-factor authentication (MFA)?

A. To add an extra layer of security to login processes
B. To encrypt data at rest
C. To prevent unauthorized access to physical devices
D. To detect and block malware

A

A. To add an extra layer of security to login processes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following is a common network attack vector?

A. Phishing
B. SQL injection
C. Man-in-the-middle
D. All of the above

A

D. All of the above

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the purpose of network segmentation?

A. To improve network performance
B. To reduce the attack surface
C. To increase network capacity
D. To simplify network management

A

B. To reduce the attack surface

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the primary function of antivirus software?

A. To prevent unauthorized access to a network
B. To detect and remove malware
C. To encrypt data in transit
D. To monitor network traffic for anomalies

A

B. To detect and remove malware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the purpose of application whitelisting?

A. To allow only approved applications to run
B. To block all incoming network traffic
C. To encrypt data at rest
D. To detect and block malware

A

A. To allow only approved applications to run

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the best practice for endpoint hardening?

A. Disabling automatic updates
B. Running as administrator
C. Using strong, unique passwords
D. All of the above

A

C. Using strong, unique passwords

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the purpose of incident response planning?

A. To prevent security incidents
B. To respond to security incidents effectively
C. To identify vulnerabilities in systems
D. To ensure compliance with regulations

A

B. To respond to security incidents effectively

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is the role of a security information and event management (SIEM) system?

A. To prevent unauthorized access to a network
B. To detect and block malware
C. To collect, analyze, and correlate security events
D. To encrypt data in transit

A

C. To collect, analyze, and correlate security events

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is the shared responsibility model in cloud computing?

A. The cloud provider is responsible for all security
B. The customer is responsible for all security
C. The responsibility is shared between the cloud provider and the customer
D. There is no shared responsibility

A

C. The responsibility is shared between the cloud provider and the customer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the purpose of a cloud access security broker (CASB)?

A. To provide secure access to cloud applications
B. To encrypt data in the cloud
C. To detect and block malware in the cloud
D. To monitor cloud usage

A

A. To provide secure access to cloud applications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is the purpose of a security audit?

A. To identify vulnerabilities in systems
B. To assess compliance with regulations
C. To prevent security incidents
D. To respond to security incidents

A

B. To assess compliance with regulations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which of the following is a common security compliance framework?

A. ISO 27001
B. PCI DSS
C. HIPAA
D. All of the above

A

D. All of the above

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is the purpose of a security orchestration, automation, and response (SOAR) platform?

A. To automate security tasks
B. To detect and block malware
C. To encrypt data in transit
D. To monitor network traffic for anomalies

A

A. To automate security tasks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is the difference between a vulnerability and an exploit?

A. A vulnerability is a weakness in a system, while an exploit is a tool used to take advantage of a vulnerability
B. A vulnerability is a tool used to take advantage of a weakness in a system, while an exploit is a weakness in a system
C. There is no difference between a vulnerability and an exploit
D. Both are tools used to prevent security incidents

A

A. A vulnerability is a weakness in a system, while an exploit is a tool used to take advantage of a vulnerability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What is the purpose of a security operations center (SOC)?

A. To prevent unauthorized access to a network
B. To detect and block malware
C. To monitor and respond to security threats
D. To encrypt data in transit

A

C. To monitor and respond to security threats

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is the role of artificial intelligence (AI) in cybersecurity?

A. To automate security tasks
B. To detect and block malware
C. To encrypt data in transit
D. All of the above

A

D. All of the above

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Why are policies, standards, procedures, and guidelines important components of a baseline?

A. They define the roles and responsibilities of security team members
B. They provide a structured approach to security
C. They help to identify potential cyber threats
D. They ensure compliance with industry regulations

A

B. They provide a structured approach to security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

How do policies, standards, procedures, and guidelines interact within a baseline model?

A. They are unrelated concepts
B. Policies are the most important component
C. They work together to create a comprehensive security framework
D. Procedures are the most important component

A

C. They work together to create a comprehensive security framework

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Why is change management important in baseline management?

A. It helps to ensure that the baseline remains up-to-date
B. It defines the roles and responsibilities of security team members
C. It helps to identify potential cyber threats
D. It ensures compliance with industry regulations

A

A. It helps to ensure that the baseline remains up-to-date

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What are some examples of baseline controls for Windows?

A. CIS, Windows security baselines, and Intune’s security baselines
B. Firewalls, intrusion detection systems, and antivirus software
C. Policies, standards, procedures, and guidelines
D. Change management processes

A

A. CIS, Windows security baselines, and Intune’s security baselines

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What is the primary purpose of hardware-based security features in Windows?

A. To protect Windows from malware infections
B. To secure data from lost or stolen devices
C. To prevent unauthorized access to network resources
D. To ensure compliance with industry regulations

A

B. To secure data from lost or stolen devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Why is supply chain security important when purchasing hardware?

A. To ensure that the hardware is compatible with Windows
B. To prevent the purchase of counterfeit hardware
C. To ensure that the hardware is properly certified
D. To reduce the cost of hardware purchases

A

C. To ensure that the hardware is properly certified

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

What is the role of VBS in hardware-based security?

A. It provides a secure environment for running applications
B. It is used to encrypt data at rest
C. It is used to authenticate users
D. It is used to detect and prevent malware infections

A

A. It provides a secure environment for running applications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

What is System Guard used for?

A. To protect Windows from malware infections
B. To secure data from lost or stolen devices
C. To prevent unauthorized access to network resources
D. To ensure compliance with industry regulations

A

B. To secure data from lost or stolen devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

What are some hardware security recommendations and best practices?

A. Regularly update firmware and drivers
B. Use strong passwords and enable two-factor authentication
C. Keep hardware devices physically secure
D. All of the above

A

D. All of the above

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

What are the two primary models used in network communication?

A. OSI and TCP/IP
B. HTTP and HTTPS
C. TCP and UDP
D. DNS and DHCP

A

A. OSI and TCP/IP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Why is network baselining important for Windows devices?

A. To identify and mitigate potential security threats
B. To ensure compliance with industry regulations
C. To optimize network performance
D. All of the above

A

D. All of the above

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

What are some of the network security features available in Windows Defender Firewall?

A. Firewall rules, network protection, and web protection
B. VPN, Wi-Fi, and Bluetooth security
C. DNS and DHCP configuration
D. OSI and TCP/IP protocols

A

A. Firewall rules, network protection, and web protection

33
Q

What is Azure Conditional Access used for?

A. To protect Windows devices from malware infections
B. To enforce access policies for cloud-based resources
C. To optimize network performance
D. To configure firewall rules

A

B. To enforce access policies for cloud-based resources

34
Q

What is the importance of identity and access management in Windows security?

A. It helps to prevent unauthorized access to systems and data
B. It ensures compliance with industry regulations
C. It optimizes network performance
D. All of the above

A

A. It helps to prevent unauthorized access to systems and data

35
Q

What are the four components of IAAA?

A. Identification, authentication, authorization, and accountability
B. Identity, access, authorization, and accountability
C. Identification, authentication, authorization, and assurance
D. Identity, access, assurance, and accountability

A

A. Identification, authentication, authorization, and accountability

36
Q

What is the account life cycle?

A. The process of creating, managing, and deleting user accounts
B. The process of authenticating users to access systems
C. The process of authorizing users to perform specific tasks
D. The process of holding users accountable for their actions

A

A. The process of creating, managing, and deleting user accounts

37
Q

What is the difference between MDM and MAM?

A. MDM manages mobile devices, while MAM manages mobile applications.
B. MDM manages all devices, while MAM manages only mobile devices.
C. MDM manages devices within a domain, while MAM manages devices outside a domain.
D. MDM manages devices using Group Policy, while MAM manages devices using Intune.

A

A. MDM manages mobile devices, while MAM manages mobile applications.

38
Q

What is Conditional Access used for?

A. To protect Windows devices from malware infections
B. To enforce access policies for cloud-based resources
C. To optimize network performance
D. To configure firewall rules

A

B. To enforce access policies for cloud-based resources

39
Q

What is the importance of identity and access management in Windows security?

A. It helps to prevent unauthorized access to systems and data
B. It ensures compliance with industry regulations
C. It optimizes network performance
D. All of the above

A

A. It helps to prevent unauthorized access to systems and data

40
Q

What are the two primary methods for managing Windows devices in an enterprise environment?

A. Configuration Manager and Intune
B. Active Directory and Group Policy
C. MDM and MAM
D. Remote Desktop and PowerShell

A

A. Configuration Manager and Intune

41
Q

What are some of the ways to deploy Windows clients and manage policies and configurations using Configuration Manager?

A. Creating packages and deployments, using Group Policy, and applying software updates
B. Configuring firewall rules, network protection, and web protection
C. Using Azure Conditional Access and Identity Protection
D. Creating baselines, applying policies, and managing accounts

A

A. Creating packages and deployments, using Group Policy, and applying software updates

42
Q

What are some of the scenarios for administering security baselines to managed devices?

A. Deploying hardening images, managing devices with Intune, and using Configuration Manager
B. Configuring firewall rules, network protection, and web protection
C. Using Azure Conditional Access and Identity Protection
D. Creating baselines, applying policies, and managing accounts

A

D. Creating baselines, applying policies, and managing accounts

43
Q

What are the different ways to upgrade Windows?

A. In-place upgrades, migrations, and Windows Autopilot
B. Windows Update for Business, Intune, and BitLocker
C. Windows ADK, WCD, MDT, WDS, and MDT with Configuration Manager
D. Azure Virtual Desktop, Azure Compute Gallery, and Windows 365 Cloud PC

A

A. In-place upgrades, migrations, and Windows Autopilot

43
Q

What tools can be used to build hardened Windows images?

A. Windows Update for Business, Intune, and BitLocker
B. Windows ADK, WCD, MDT, WDS, and MDT with Configuration Manager
C. Azure Virtual Desktop, Azure Compute Gallery, and Windows 365 Cloud PC
D. In-place upgrades, migrations, and Windows Autopilot

A

B. Windows ADK, WCD, MDT, WDS, and MDT with Configuration Manager

44
Q

What is Windows Autopilot used for?

A. To deploy Windows devices
B. To build hardened Windows images
C. To upgrade Windows
D. To manage Windows devices

A

A. To deploy Windows devices

45
Q

What is Azure Virtual Desktop used for?

A. To deploy Windows devices
B. To build hardened Windows images
C. To upgrade Windows
D. To provide virtualized Windows desktops

A

D. To provide virtualized Windows desktops

46
Q

What is the importance of staying updated with Microsoft’s life cycle policy?

A. To ensure compatibility with new features
B. To receive security updates and patches
C. To optimize system performance
D. All of the above

A

D. All of the above

47
Q

How can Windows Updates for Business be deployed using MEM?

A. By creating deployment packages
B. By configuring Delivery Optimization
C. By using Group Policy
D. By using Intune

A

A. By creating deployment packages

48
Q

What is the difference between Configuration Manager and Intune?

A. Configuration Manager is on-premises, while Intune is cloud-based.
B. Configuration Manager manages all devices, while Intune manages only mobile devices.
C. Configuration Manager uses Group Policy, while Intune uses MDM.
D. Configuration Manager is free, while Intune is paid.

A

A. Configuration Manager is on-premises, while Intune is cloud-based.

49
Q

What is BitLocker used for?

A. To encrypt Windows devices
B. To enforce policies and configurations
C. To configure passwordless sign-in
D. To create Windows Security baselines

A

A. To encrypt Windows devices

50
Q

What are some of the advanced protection features of Microsoft Defender for Endpoint?

A. Attack surface reduction, network protection, and cloud application security
B. Windows Update for Business, Intune, and BitLocker
C. Configuration Manager and Group Policy
D. Windows Security baselines

A

A. Attack surface reduction, network protection, and cloud application security

51
Q

Why is a holistic approach to security important for Windows endpoints?

A. To ensure compatibility with new features
B. To receive security updates and patches
C. To optimize system performance
D. To establish a robust layer of protection

A

D. To establish a robust layer of protection

52
Q

What are some baseline recommendations for Edge and Chrome?

A. Managing sign-in settings and controlling extensions
B. Configuring firewall rules and network protection
C. Using Azure Conditional Access and Identity Protection
D. Creating baselines, applying policies, and managing accounts

A

A. Managing sign-in settings and controlling extensions

53
Q

How can Microsoft 365 apps be protected?

A. By using the Office cloud policy service
B. By enabling BitLocker encryption
C. By configuring passwordless sign-in
D. By creating Windows Security baselines

A

A. By using the Office cloud policy service

54
Q

What are some advanced protection features in Microsoft Defender?

A. Attack surface reduction, network protection, and cloud application security
B. Windows Update for Business, Intune, and BitLocker
C. Configuration Manager and Group Policy
D. Windows Security baselines

A

A. Attack surface reduction, network protection, and cloud application security

55
Q

What is Application Guard used for?

A. To encrypt Windows devices
B. To enforce policies and configurations
C. To isolate processes and protect against zero-day threats
D. To create Windows Security baselines

A

C. To isolate processes and protect against zero-day threats

56
Q

What are some common attack vectors for MiTM attacks?

A. LLMNR, NBT-NS, mDNS, and WPAD
B. Kerberos authentication, SMB, LDAP, IPv6, and ARP
C. Golden and silver tickets
D. All of the above

A

A. LLMNR, NBT-NS, mDNS, and WPAD

57
Q

How can relay attacks be mitigated?

A. By configuring security settings to protect against exploits targeting Kerberos authentication, SMB, LDAP, IPv6, and ARP
B. By disabling LLMNR, NBT-NS, mDNS, and WPAD
C. By using advanced protection features in Microsoft Defender
D. By implementing access management solutions

A

A. By configuring security settings to protect against exploits targeting Kerberos authentication, SMB, LDAP, IPv6, and ARP

58
Q

What are some techniques attackers can use to move laterally and escalate privileges?

A. Golden and silver tickets
B. LLMNR, NBT-NS, mDNS, and WPAD
C. Relay attacks
D. All of the above

A

A. Golden and silver tickets

59
Q

How can privacy settings be controlled in Windows?

A. By using Intune
B. By using the Windows Settings app
C. By using Group Policy
D. All of the above

A

D. All of the above

60
Q

What are some local tools for managing Windows Server?

A. Server Manager and Event Viewer
B. WSUS and Windows Admin Center
C. Azure portal, Marketplace, and RBAC
D. Azure Backup, Azure Update Management, and ASR

A

A. Server Manager and Event Viewer

61
Q

What Azure services can be used to manage Windows servers both on-premises and in the cloud?

A. Azure portal, Marketplace, and RBAC
B. Azure Backup, Azure Update Management, and ASR
C. Windows Admin Center and Azure ARC
D. All of the above

A

D. All of the above

62
Q

What is Azure ARC used for?

A. To connect on-premises Windows servers to Azure
B. To manage Windows servers remotely
C. To deploy Windows Updates
D. To configure Windows security settings

A

A. To connect on-premises Windows servers to Azure

63
Q

What is MDE used for?

A. To monitor and report on Windows servers and clients
B. To onboard Windows clients using the Microsoft Intune Connector
C. To collect telemetry data using Azure Monitor Logs
D. To enable Microsoft Defender for Cloud

A

A. To monitor and report on Windows servers and clients

64
Q

How can telemetry data be collected using Azure Monitor Logs?

A. By using Log Analytics workspaces
B. By using Microsoft Endpoint Manager
C. By using the Microsoft 365 Apps admin center
D. By using Azure Monitor for viewing performance insights

A

A. By using Log Analytics workspaces

65
Q

What is Microsoft Defender for Cloud used for?

A. To monitor and report on Windows servers and clients
B. To onboard Windows clients using the Microsoft Intune Connector
C. To collect telemetry data using Azure Monitor Logs
D. To secure cloud-based resources

A

D. To secure cloud-based resources

66
Q

What is the role of the Security Operations Center (SOC)?

A. To investigate potential security threats
B. To monitor and report on Windows servers and clients
C. To collect telemetry data using Azure Monitor Logs
D. To enable Microsoft Defender for Cloud

A

A. To investigate potential security threats

67
Q

Why is business continuity and disaster recovery planning important?

A. To ensure that the organization can continue to operate in the event of a security incident
B. To monitor and report on Windows servers and clients
C. To collect telemetry data using Azure Monitor Logs
D. To enable Microsoft Defender for Cloud

A

A. To ensure that the organization can continue to operate in the event of a security incident

68
Q

What is the role of the SOC and XDR in an enterprise?

A. To manage Windows devices
B. To provide enterprise-class protection
C. To collect telemetry data
D. To configure security settings

A

B. To provide enterprise-class protection

69
Q

What is M365 Defender?

A. A tool for managing Windows devices
B. A data collection tool
C. A vulnerability scanning tool
D. A cloud-based security platform

A

D. A cloud-based security platform

70
Q

What is MDCA?

A. Microsoft’s version of a CASB
B. A cloud-based security platform
C. A tool for managing Windows devices
D. A data collection tool

A

A. Microsoft’s version of a CASB

71
Q

What is BCP?

A. Business continuity planning
B. Disaster recovery planning
C. Cyber incident response planning
D. Microsoft 365 Defender

A

A. Business continuity planning

72
Q

What is a vulnerability scan?

A. A type of penetration test
B. A security awareness training exercise
C. A tabletop exercise
D. A process of identifying and assessing security vulnerabilities

A

D. A process of identifying and assessing security vulnerabilities

73
Q

How can Microsoft Defender for Cloud help with vulnerability scanning?

A. By providing security awareness training
B. By conducting penetration testing
C. By simulating attacks
D. By running assessments against Windows and Linux hosts

A

D. By running assessments against Windows and Linux hosts

74
Q

What is the importance of penetration testing and remediation?

A. To identify and address security vulnerabilities
B. To provide security awareness training
C. To simulate attacks
D. To conduct vulnerability scanning

A

A. To identify and address security vulnerabilities

75
Q

What are some types of penetration tests?

A. Vulnerability scans, penetration tests, and tabletop exercises
B. Microsoft Defender for Cloud, M365 Defender, and MDCA
C. Black box, white box, and gray box
D. Security awareness, training, and testing

A

C. Black box, white box, and gray box

76
Q

Why is it important to review the material in more detail for the 10 key takeaways?

A. To ensure compliance with industry regulations
B. To gain a better understanding of the topics
C. To identify and mitigate potential security threats
D. To establish a standard for future security audits

A

B. To gain a better understanding of the topics

77
Q

What are some essential areas related to securing devices in the future?

A. IoT security and security management
B. Vulnerability scanning and penetration testing
C. Security awareness, training, and testing
D. Microsoft Defender for Cloud

A

A. IoT security and security management

78
Q

How does innovation in new and futuristic technologies impact security?

A. It makes security more expensive
B. It creates new challenges and opportunities for security professionals
C. It makes security less important
D. It has no impact on security

A

B. It creates new challenges and opportunities for security professionals