Lesson 07 Exercises for Manage Security Questions and Answers Flashcards
Question 1 : You are the network administrator for your organization.
A new company policy has been released wherein if a user enters their password incorrectly three times within five minutes, they are locked out for 30 minutes.
What three actions do you need to set to comply with this policy?
(Choose all that apply.)
Set Account Lockout Duration to five minutes.
Set Account Lockout Duration to 30 minutes.
Set the Account Lockout Threshold setting to three invalid logon attempts.
Set the Account Lockout Threshold setting to 30 minutes.
Set the Reset Account Lockout Counter setting to five minutes.
Set the Reset Account Lockout Counter setting to three times.
Set Account Lockout Duration to 30 minutes.
Set the Account Lockout Threshold setting to three invalid logon attempts.
Set the Reset Account Lockout Counter setting to five minutes.
Question 2 : Alexis is a system administrator for an Active Directory environment that contains four domains.
Recently, several managers have reported suspicions about user activities and have asked her to increase security in the environment.
Specifically, the requirements are as follows:
• Audit changes to User objects that are contained within a specific OU.
• Allow a special user account called Audit to view and modify all security-related
information about objects in that OU.
Which of the following steps should Alexis take to meet these requirements?
(Choose all that apply.)
Convert all volumes on which Active Directory information resides to NTFS.
Enable auditing with the Active Directory Users and Computers tool.
Create a new Active Directory domain and create restrictive permissions for the suspected users within this domain.
Reconfigure trust settings using the Active Directory Domains and Trusts tool.
Specify auditing options for the OU using the Active Directory Users and Computers tool.
Use the Delegation of Control Wizard to grant appropriate permissions to view and modify objects within the OU to the Audit user account.
Enable auditing with the Active Directory Users and Computers tool.
Specify auditing options for the OU using the Active Directory Users and Computers tool.
Use the Delegation of Control Wizard to grant appropriate permissions to view and modify objects within the OU to the Audit user account.
Question 3 : Crystal is a system administrator for an Active Directory environment that is running in Native mode.
Recently, several managers have reported suspicions about user activities and have asked her to increase security in the environment.
Specifically, the requirements are as follows:
- The accessing of certain sensitive files must be logged.
- Modifications to certain sensitive files must be logged.
- System administrators must be able to provide information about which users accessed sensitive files and when they were accessed.
- All logon attempts for specific shared machines must be recorded.
Which of the following steps should Crystal take to meet these requirements?
(Choose all that apply.)
Enable auditing with the Computer Management tool.
Enable auditing with the Active Directory Users and Computers tool.
Enable auditing with the Active Directory Domains and Trusts tool.
Enable auditing with the Event Viewer tool.
View the audit log using the Event Viewer tool.
View auditing information using the Computer Management tool.
Enable failure and success auditing settings for specific files stored on NTFS volumes.
Enable failure and success auditing settings for logon events on specific computer accounts.
Enable auditing with the Active Directory Users and Computers tool.
View the audit log using the Event Viewer tool.
Enable failure and success auditing settings for specific files stored on NTFS volumes.
Enable failure and success auditing settings for logon events on specific computer accounts.
Question 4 : You create a GPO and link it to the Sales OU.
You want to monitor users in the Sales OU who connect to the file server.
What type of auditing do you enable?
Audit Object Access
Audit Logon Events
Audit System Events
Audit Process Tracking
Audit Logon Events
Question 5 : You create a GPO and link it to the Sales OU.
You want to monitor users in the Sales OU who connect to the file server.
What type of auditing do you enable?
Audit Object Access
Audit Logon Events
Audit System Events
Audit Process Tracking
Audit Logon Events