IS3340 CHAPTER 11 Flashcards
A special mode that allows administrators to created an offline copy of Active Directory is called ___?
DIRECTORY SERVICE RESTORE MODE (DSRM)
A rule that handles addressing and encapsulating is called ___?
ENCAPSULATING PROTOCOL
The process of making configuration changes and deploying controls to reduce the attack surface is called ___?
HARDENING
A solution that defines and implements a policy that describes the requirements to access your network is called ___?
NETWORK ACCESS CONTROL (NAC)
An open source utility used to scan one or more computers or network devices for open ports and other information is called ___?
Nmap
A general approach to handling encryption keys using trusted entities and digital certificates; the hardware, software, policies, and procedures to manage all aspects of digital certificates is called ___?
PUBLIC KEY INFRASTRUCTURE (PKI)
A predefined set of services, programs, and configuration settings that enable a computer to fulfill a specific set of requirements is called ___?
ROLES
A Microsoft utility that provides guidance to administrators and creates policies based on the least privilege principle for the server roles you have selected either during installation or afterward using the server Manager Utility is called ___?
SECURITY CONFIGURATION WIZARD (SCW)
A Windows Server 2008 R2 installation option that provides a minimal environment that only includes programs necessary for the roles you select is called ___?
SERVER CORE INSTALLATION
A technique that creates a virtual encrypted connection and allow applications to use any protocol to communicate with servers and services without having to worry about addressing or privacy concerns is called ___?
TUNNELING
- The term ATTACK SURFACE refers to all of the software a computer runs that is vulnerable to attack.
TRUE OR FALSE
TRUE
- The best way to secure a service is to disable it.
TRUE OR FALSE
FALSE
- The process of making configuration changes and deploying controls to reduce the attack surface is called ___?
Hardening
- Which Windows Server 2008 R2 feature allows you to specify which services you want to include during the operating system installation?
- Edition
- Role
- GPO
- Configuration
Role
- Which Windows Server 2008 R2 installation option only includes a minimal environment to just run selected services?
- Server core
- Foundation
- Standard
- Runtime
Server core
- Which Microsoft tool guides administrators and creates policies based on least privilege to reduce the attack surface of a windows server after installation?
- GPO
- MBSA
- SCW
- NMAP
SCW
- You can use GPOs to reply Windows firewall rules.
TRUE OR FALSE
TRUE
- Which of the following actions is the best action to take to secure an unneeded service?
- Close the port
- Disable the service
- Delete the service from Services
- Create a GPO restriction for the service
Disable the service
- You should disable the ___ user account to make it harder for attackers to access the default escalated-privilege account.
Administrator
- AD makes securing many computers in a network more complex.
TRUE OR FALSE
FALSE
- The ___ tool is a handy open source tool to scan computers for open ports.
Nmap
- Which term describes software that defines and implements a policy that describes the requirements to access your network?
- SCW
- VPN
- GPO
- NAC
NAC
- VPNs increase security of remote connection by guaranteeing all traffic is encrypted.
TRUE OR FALSE
FALSE
- Which new Microsoft VPN protocol makes it easy to use VPNs even through firewalls?
- L2TP
- SSTP
- TLS
- TCP
SSTP
- ___ refers to the hardware, software, policies, and procedures to manage all aspects of digital certificates.
PKI
