MOD D02: Security Policy and Registry - PE problems

Question 1

What is a set of configurations that can be applied on desktops to enhance security?

• Registry Keys
• Active Directory
• Security Policy
• Local Policy

Answer 1

Security Policy

Question 2

How many key levels are in a Root key?

Answer 2

5

Question 3

Which key contains the current hardware configuration settings?

• HKLM
• HKCR
• HKCC
• HKU

Answer 3

HKCC

Note: HKCC - HKEY_CURRENT_CONFIG - A tiny key that describes the current hardware configuration and a few basic system settings.

Question 4

Which key contains many settings for the currently logged-on user?

Answer 4

HKCU

Note: HKCU - HKEY_CURRENT_USER - Controls many settings for the currently logged-on user, from the user’s name to his or her desktop background.

Question 5

Which subkey has boot configuration data?

Answer 5

BCD

Note: BCD – This subkey stores, the boot configuration data.

Question 6

Which sub-key contains information about applications?

Answer 6

Software

Note: SOFTWARE – This area is used by both Windows and application programs to store critical configuration settings.

Question 7

String value icons have what letters on them?

Answer 7

ab

Note: String Value - String values are indicated by a small red icon with the letters “ab” on them. These are the most commonly used values in the registry, and also the most human-readable.

Question 8

How many bits are in a Double Word?

Answer 8

32

Note: 1 word = 16 bits

Question 9

Double word values can be represented in hexadecimal or decimal.

[True / False]

Answer 9

TRUE

Both DWORD (32-bit) values and QWORD (64-bit) values have a blue icon in the Windows Registry. Their values can be expressed in either decimal or hexadecimal format.

Question 10

What command line tool allows you to get the Ethernet computer hardware address from a remote computer?

Answer 10

getmac

Question 11

What Active Directory tool allows you to set policies to disable services on many computers?

• Local Policy
• Group Policy
• Group Management
• User Access Control

Answer 11

Group Policy

Question 12

A digital certificate allows a web server to establish encrypted communication over HTTPS with clients using TLS/SSL.

[True / False]

Answer 12

TRUE

Question 13

Which value in the PowerShell “execution policy” allows loading of all configuration files and scripts?

Answer 13

Unrestricted

Question 14

The first account created on a Windows system during installation is given what level privileges?

Answer 14

Administrator

Question 15

An example of authentication is signing into a computer by supplying a username and password.

[True / False]

Answer 15

TRUE

Question 16

What are the three primary event logs in Windows?

• Application, Presentation, Session
• Server, Client, Network
• User, System, Account
• Application, security, and system

Answer 16

Application, security, and system

Question 17

16,384 Gigabytes is the default minimum System event log size in Windows.

[True / False]

Answer 17

FALSE

Question 18

When does Windows apply Computer Configuration policies by default?

• on startup
• on shutdown
• on update
• manually

Answer 18

On Startup

Question 19

What type of system security malware allows for access to a computer, program, or service without authorization?

Answer 19

Backdoor

Question 20

What kind of software program delivers advertising content in a manner that is unexpected and unwanted by the user, and is typically included in malware?

Answer 20

Adware

Question 21

What is a malicious computer code that reproduces itself on the same computer?

Answer 21

Virus