Security Fundamentals from Measure Up Flashcards by Shawn Graver

Which type of security service is concerned with preventing or detecting any tampering with data?

Confidentiality
Integrity
Availability
Authentication

Integrity

How well did you know this?

Not at all

Perfectly

Which is the best way to prevent security compromises through social engineering?

Increased password complexity
User training
Employee ID badges
Internal e-mail servers

User training

How well did you know this?

Not at all

Perfectly

Which is an example of least privelege?

Ensuring that all services run under the LocalSystem account.
Logging on as administrator for administrative tasks and Web browsing only.
Logging on as a limited user instead of an administrator to run applications.
Assigning administrator priveleges to applications instead of to users.

Logging on as a limited user instead of an administrator to run applications.

How well did you know this?

Not at all

Perfectly

The principle of least privilege ensures that:

all users must use complex passwords.
data is encrypted.
availability is minimized.
users can only perform required tasks.

users can only perform required tasks.

How well did you know this?

Not at all

Perfectly

Which would be an example of a social engineering attack?

Nonrepudiation
Phishing
Eavesdropping attack
Brute force attack

Phishing

How well did you know this?

Not at all

Perfectly

You are a network administrator. you need to minimize the attack surface of your network. What would this involve?

Installing a physical lock to protect the servers
Creating shared folders
Ensuring that only required features are enabled
Enabling audit logging

Ensuring that only required features are enabled

How well did you know this?

Not at all

Perfectly

What is affected when data is modified by mistake?

Confidentiality
Availability
Integrity
Authentication

Integrity

How well did you know this?

Not at all

Perfectly

Which example best illustrates the IT security principle of least privelege?

A system service running in the security context of a local administrator
A shared folder using default sharing and NTFS permissions
A standard user whose account belongs to the local Administrators group
An administrator logged onto her workstation with a standard user account

An administrator logged onto her workstation with a standard user account

How well did you know this?

Not at all

Perfectly

What is the advantage of preventing a wireless access point (WAP) from broadcasting its service set identifier (SSID)?

It blocks authorized clients from connecting to the WAP.
It enhances the authentication protection provided by the WAP.
It temporarily disable the WAP.
It prevents the WAP from appearing in the list of available wireless networks.

It prevents the WAP from appearing in the list of available wireless networks.

How well did you know this?

Not at all

Perfectly

You need to secure your wireless network. Which provides the highest level of security?

Hidden SSID
WEP
WPA
MAC filtering

WPA

How well did you know this?

Not at all

Perfectly

Which wireless security method uses Temporal Key Integrity Protocol (TKIP) encryption?

Wired Equivalent Privacy (WEP)
Wi-Fi Protected Access 2 (WPA2)
Wi-Fi Protected Access (WPA)
MAC filtering

Wi-Fi Protected Access (WPA)

How well did you know this?

Not at all

Perfectly

You have a wireless network. You need to ensure that only specific client computers are able to access the wireless network. What should you do?

Use a software restriction policy.
Implement MAC filtering.
relocate the wireless access point.
Disable SSID Broadcasting.

Implement MAC filtering.

How well did you know this?

Not at all

Perfectly

When you disable SSID broadcasting:

users must know the SSID to be able to connect to your wireless network.
user passwords transmitted over the Internet are not transmitted in a readable format.
wireless access points on you WLAN provide maximum security.
rogue wireless access points cannot be accessed.

users must know the SSID to be able to connect to your wireless network.

How well did you know this?

Not at all

Perfectly

A wireless network that implements WEp:

provides maximum security.
is less secure than one that implements WPA or WPA2.
only allows users with specific IP addresses to communicate.
is not vulnerable to interference.

is less secure than one that implements WPA or WPA2.

How well did you know this?

Not at all

Perfectly

To ensure that users cannot connect to a rogue wireless access point, you should:

install a wireless intrusion prevention system.
implement a password lockout policy.
use BitLocker.
require that users have a strong password.

install a wireless intrusion prevention system.

How well did you know this?

Not at all

Perfectly

You Active Directory domain’s network computers access the Internet through a Network Address Translation (NAT) server deployed on a perimeter network. you need to ensure that the same Internet Explorer (IE) browser security policies are used by all clients. What should you do?

Edit Internet Options individually for each computer.
Configure IE browser security on the NAT server.
Create a domain-level Group Policy object (GPO).
Manually modify each computer’s registry.

Create a domain-level Group Policy object (GPO).

How well did you know this?

Not at all

Perfectly

Which is a feature of the SmartScreen filter?

It encrypts data communication with then Web server.
It blocks content and files from known malicious Web sites.
It prevents the computer from logging the browser history.
It protects against cross0-site request forgery (CSRF) attacks.

It blocks content and files from known malicious Web sites.

How well did you know this?

Not at all

Perfectly

Which technology provides security for data that is transmitted over the Internet?

EFS
ARP
SSL
RADIUS

SSL

How well did you know this?

Not at all

Perfectly

What would you use to ensure that specific Web sites do not have access to user browsing patterns?

Software restriction policies
InPrivate Browsing
InPrivate Filtering
SmartScreen Filtering

InPrivate Filtering

How well did you know this?

Not at all

Perfectly

Most of your network cabling is routed through secure cable runs. The network is wired with unshielded twisted pair (UTP) cable. One segment of cable will have to pass through an unsecured area as a backbone between two offices. Which action should you take to keep communication secure?

Use shielded twisted pair (STP) cable to wire the unsecured segment.
Route the cable for the unsecured segment through metal conduit.
Route the cable for the unsecured segment through the ceiling.
Use fiber optic cable to wire the unsecured segment.

Use fiber optic cable to wire the unsecured segment.

How well did you know this?

Not at all

Perfectly

SYSKEY improves physical by requiring a password or special floppy disk to:

boot the server.
logon at the server.
write to removable media.
shut down the server.

boot the server.

How well did you know this?

Not at all

Perfectly

A keylogger:

tracks Internet browsing history.
maintains a record of operating system generated events.
records every user keystroke.
captures encryption keys.

records every user keystroke.

How well did you know this?

Not at all

Perfectly

You want to prevent users who are running Windows Vista and Windows 7 of your corporate network from copying sensitive data to removable media. What should you do?

Remove all floppy disk and CD/DVD drives.
Flag sensitive files as read-only.
Create a media library.
Define a group policy to control write access to removable media.

Define a group policy to control write access to removable media.

How well did you know this?

Not at all

Perfectly

For what reason is physical security extremely important with laptops and other mobile devices?

They can be lost or stolen.
They do not provide authentication for users.
They do not support data encryption.
They are shared by multiple users.

They can be lost or stolen.

How well did you know this?

Not at all

Perfectly

You work as a network security consultant. One of your clients reports that he suspects some of his electronic correspondence is being capture by a competitor. A security audit of the client's Windows 10 workstation's software environment resulted in no suspicious findings. You need to verify the security of the client's computer. What should you look for on the client's computer? Keylogger Trusted Plaform Module (TPM) Virtual smart card Private key

Keylogger

How does a worm differ from other viruses? All worms are destructive. A worm is self-replicating. All worms are distributed as e-mail attachments. A worm requires a host program.

A worm is self-replicating.

Malicious softward that masquerades as a beneficial utility is known as: a Trojan horse. spam. a virus. spyware.

a Trojan horse.

Which are common symptoms of a virus infection? (Each correct answer presents a complete solution. Choose two.) An installed antivirus program is disabled and will not restart. Your network user account is locked out. Download speed is slow during Internet file download. New icons appear spontaneously on the desktop. A new utility does not run as expected when executed.

An installed antivirus program is disabled and will not restart. New icons appear spontaneously on the desktop.

Creating an antivirus quarantine area causes: freeware to not be installed. all cookies to be permanently deleted. spyware to be detected. potential viruses to be isolated.

potential viruses to be isolated.

A Trojan Horse is an example of: a method of implementing security. a computer virus. data corruption. an attack surface.

a computer virus.

What is an example of malware? An unauthorized program that gathers information about the user Hardware that does not have device drivers installed A program that runs with administrator permissions A network sniffer

An unauthorized program that gathers information about the user

With regard to computer security, a worm refers to: a self-replicating computer virus. a wireless network intrusion. an open port on the firewall. an unauthorized user.

a self-replicating computer virus.

You work as a security consultant. One of your clients informs you that as of today he is unable to access any of his personal files on his Windows 10 computer. The user's computer displays a message box that prompts him to submit a Bitcoin payment to a third party in exchange for a decryption key that will unlock his files. What type of malware has infected the user's computer? Botnet Ransomware Rootkit Adware

Ransomware

Which type of malware replicates itself without reliance on a host file? Trojan horse worm virus bot

worm

A brute force attack is used to: discover details about network configuration. discover passwords. hijack communication sessions. prevent access to network resources.

discover passwords.

You support a Windows Server 2003 Active Directory forest with multiple domains. Each domain stores user accounts for users at a specific geographic location. You need to apply a consistent password policy to Active Directory users through group policy. You want to keep the effort needed to apply and maintain the policy to a minimum. What should you do? Define password policy at the domain level in the forest's root domain. Define password policy at the site level for each site. Define password policy at the Users container in each domain. Define password policy at the domain level in each domain.

Define password policy at the domain level in each domain.

Password history is used to enforce: guesses before locking an account. maximum time between password changes. restrictions on password reuse. minimum time between password changes.

restrictions on password reuse.

You set the Passwords must meet complexity requirements policy to Enabled. Minimum password length is set to 8. Which is a valid password? $$Pwd##!99 dorWssaP p1a2s3s4 !@#$%^&*

$$Pwd##!99

A strong password contains: a private key. a minimum of 5 characters. a history of usage. letters, numbers, and special characters.

letters, numbers, and special characters.

You need to ensure that users attempting to log in are automatically blocked from logging in after a specific number of failed login attempts. What should you create? A security group An account lockout policy A software restriction policy A password policy

An account lockout policy

You need to create a password policy to ensure that domain account passwords must be reset every two weeks. What should you do? Define passwords complexity requirements. Specify a minimum password age. Specify a maximum password age. Enforce password history.

Specify a maximum password age.

You enable the audit of successful and failed policy changes. Were can you view entries related to policy change attempts? Application event log System event log Directory services event log Security event log

Security event log

Which would you audit to detect attempts to guess user passwords? Logon/logoff successes Object access failures Object access successes Logon/logoff failures

Logon/logoff failures

You want to implement a consistent audit policy for your Active Directory domain. Which should you use? Group Policy editor Services utility Computer properties Security Account Manager (SAM)

Group Policy editor

Object access auditing is used to monitor: which users log on to the network. the amount of CPU usage. which users open specific files. the amount of memory usage.

which users open specific files.

For what purpose would you use security auditing to audit logon events? To detect a possible password attack To ensure that only authenticated users are accessing the network To determine a user's effective permissions To know when to reset a user's password

To detect a possible password attack

When you implement a security auditing policy,: policies are applied at the user level. all potential security breaches are recorded in the Application log. auditing is performed only for logged on users.

policies are applied at the user level.

Implementing security auditing allows you to: force users to use strong passwords. implement a key logger. determine if a security breach has occurred. encrypt files to prevent unauthorized access. provide physical security for your network.

determine if a security breach has occurred.

You normally log on a s a standard user. You need to occasionally run programs that require administrator privileges. You want to keep the potential security risk to a minimum. What should you do? Log off and log on as a local administrator. Log off and log on as a domain administrator. Use Run As to launch the programs. Disable User Account Control (UAC).

Use Run As to launch the programs.

Which is an example of biometric security? Strong password Fingerprint scan Smart card Locked room

Fingerprint scan

Smart cards: are typically used to support logon and authentication without any user interaction. are typically used as a part of a multifactor authentication solution. are necessary when using Kerberos. are necessary when implementing Public Key Infrastructure (PKI) security.

are typically used as a part of a multifactor authentication solution.

What are two features of a public key in asymmetric encryption? (Choose two) ``` It is used to decrypt data. It is seen only by the key's owner. It is used to encrypt data. It is distributed by certificate. It is not related to any private key. ```

It is used to encrypt data. | It is distributed by certificate.

To implement multifactor authentication you should use: a smart card and a PIN. a username and password. encryption. a biometric input device.

a smart card and a PIN.

The term mutual authentication refers to: requiring users to provide more than one piece of information to authenticate. users being authenticated with the server and vice versa. using biometrics to implement authentication. forcing users to use more complex passwords.

users being authenticated with the server and vice versa.

You work as a security analyst for your company. As part of the company's latest security initiative, all users are required to authenticate to network resources with a second authentication method. All user computers run Windows 8.1 Enterprise Edition. The company's CIO states that she wants to implement virtual smart cards for all corporate employees. You need to analyze the existing environment to identify solution prerequisites. Which of the following is a requirement for implementing virtual smart cards? All computers must use BitLocker Drive Encryption. All employeeds must be issued physical cmart cards. All computers must be upgraded to Windows 10. All computers must have an onboard TPM chip.

All computers must have an onboard TPM chip.

Which protocol can centralize authentication for dial-up, VPN, and IEEE 802.11 Wi-Fi access connections? EFS AAA RADIUS SSTP

RADIUS

A website requires a user to enter both a password and a text message-based personal identification number (PIN). Which type of authentication does that website use? delegation multifactor authentication Kerberos authentication single-sign on

multifactor authentication

All users have been denied all permissions to a file. You need to access the file as quickly as possible. you are logged on as an administrator. What should you do first? Copy the file to a different folder with less restrictive permissions. Change the file permissions. Restore from the most recent backup. Take ownership of the file.

Take ownership of the file.

When securing your network, you would disable inheritance to: prevent folder permissions on a folder from being used for subfolders. ensure that users periodically change their passwords. reduce the likelihood of dictionary attacks. ensure that all users must enter credentials to log in.

prevent folder permissions on a folder from being used for subfolders.

You would use a security group to: allow only specific users to access specific network resources. ensure that data on laptops is not compromised if the laptop is stolen. encrypt files stored on the file system. authenticate users.

allow only specific users to access specific network resources.

You administer your company's Windows Server 2012 R2 file server. The file server has two NTFS data volumes, D: and E:. You move a file from drive D: to drive E:. What happens to the file's original permissions? All permissions are removed from the file. Administrative permissions are applied to the file. Permissions are inherited from the destination folder. Permissions are retained from the source folder.

Permissions are inherited from the destination folder.

You work as a domain administrator for your company. All user computers in the organization run Windows 10 Enterprise Edition. One of the company's employees modified the NTFS permissions on her network-based project folder in such a ways that no administrator has access. You need to ensure that you and other domain administrators can access the employee's project folder. What should you do first? Edit the permissions of the folder. Audit object access to the folder. Decrypt the folder. Take ownership of the folder.

Take ownership of the folder.

What is the minimum shared folder permission that is required for a user to delete a file? List folder contents Change Full Control Read and Execute

Change

What will happen when you move a file you encrypted through the encrypting file system (EFS) to an unencrypted folder on an NTFS partition? An error is generated. The file remains encrypted. The file is automatically decrypted. You are prompted to decrypt the file.

The file remains encrypted.

A laptop computer running Windows Server 2008 does not have Trusted Platform Module (TPM) installed. you want to protect the data on the computer in case the computer is stolen. Which action should you take? Install and configure TPM. Manually encrypt all system files. Configure Encrypting File System (EFS). Install and configure BitLocker.

Install and configure BitLocker.

Which type of certificate authority (CA) issues its own certificates? Issuing CA Subordinate CA Root CA Policy CA

Root CA

In which situation would you typically use a stand-alone certificate authority (CA) in your public key infrastructure (PKI) design? When creating a hierarchy with a third party root. When issuing certificates to users outside of your domain. When deploying multiple root CAs in a single domain. When creating a trust infrastructure between root and subordinate CAs.

When issuing certificates to users outside of your domain.

Which technology is used to provide file encryption for removable storage devices? DFS BitLocker To Go BitLocker EFS

BitLocker To Go

You are a network administrator. you have enabled encryption for a file that is located in a shared folder. What does this ensure? That the file can only be read by users who are allowed to do so That the file is marked with the Read-Only attribute That the file cannot be written to a removable storage device That the file can only be added as an e-mail attachment

That the file can only be read by users who are allowed to do so

Using Trusted Platform Module (TPM) ensures: hardware encryption of data. a dedicated firewall. protection from a brute force attack. data availability.

hardware encryption of data.

Monitoring network communications to collect information about the network and collect the content of network packets is known as: sniffing spoofing hijacking flooding

sniffing

Which is used to validate DNSsec responses? Desitnation port Digital signature. Responding server IP address Domain IPSec policy

Digital signature.

Tunneling: ensures that data packets are encrypted. encapsulates packets of one protocol inside another protocol. must be used to communicate over the Internet. is only used for remote client connectivity.

encapsulates packets of one protocol inside another protocol.

Which uses digital signaures to provide security for DNS communications and helps to minimize the likelihood of man-in-the-middle attacks? IPsec SSL HTTPS DNSsec

DNSsec

For what purpose is a network sniffer used? To test network connectivity To capture network transmissions To audit users who log on to the network To ensure that only compliant computers log on to the network.

To capture network transmissions

Which would reduce the likelihood of a sniffer attack? Implementing a security group Implementing EFS Encrypting data transmitted over the network Performing regular virus scanning

Encrypting data transmitted over the network

In which situation would you use a Class 1 firewall? To protect a perimeter network. To establish a screened subnet. To create an Internet gateway. To provide protection for an individual client.

To provide protection for an individual client.

Software firewalls: cannot support NAT. operate as host firewalls only. must be deployed on the internal network. are configured from software included with the operating system.

are configured from software included with the operating system.

Which firewall inspection method logs outgoing connections and checks incoming traffic against that log? Port filtering Stateful inspection Application layer filtering Circuit-level inspection

Stateful inspection

What is the primary purpose of a firewall? To monitor security policy compliance To prevent users from running specific programs To store all user data on the file system in an encrypted form To protect the network by restricting incoming and outgoing network traffic

To protect the network by restricting incoming and outgoing network traffic

Windows Firewall is a: hardware firewall. stateful software firewall. means of physically protecting a Windows server. stateless software firewall.

stateful software firewall.

Which is used to implement packet filtering of packets sent from and received on the network? A SmartScreen filter A firewall MAC filtering A whitelist

A firewall

What kind of data does a stateless firewall use to determine which network frames to allow or block? source and destination IP addresses forged communications signature databases end-to-end traffic streams

source and destination IP addresses

A computer that is designed to entice hackers to attack it is known as a: proxy firewall honeypot VLAN

honeypot

You are setting up server isolation in an Active Directory domain to limit access to select domain members only. You will need to configure: fiber optic cabling. a dedicated router. a virtual local area network (VLAN). Group Policy settings.

Group Policy settings.

You want to configure clients and servers in different geographic locations on your network as if they were all part of the same subnet. You need to set up a: demilitarized zone (DMZ) virtual private network (VPN) wide area network (WAN) virtual local area network (VLAN)

virtual local area network (VLAN)

You want to provide public access to a Web server. Visitors to the Web server should not have access to your internal network. You need to configure: an Active Directory domain. a virtual local area network (VLAN). a virtual private network (VPN). a perimeter network.

a perimeter network.

For what purpose would you use a VPN? To ensure that users only have read access to folders To verify that a user's credentials are valid To allow corporate users to securely access your internal network from a remote location To ensure that only specific users can connect to your LAN

To allow corporate users to securely access your internal network from a remote location

Which is used for the sole purpose of intrusion detection? A distribution group An encryption algorithm A security group A honeypot

A honeypot

You have a Web server on your network that will be Internet facing. You need to allow external users to access the Web server, but protect the internal network. What should you use? ``` Security group VPN WLAN DMZ Domain isolation ```

DMZ

You are a network administrator for your organization. The corporate help desk receive several customer complaints that visits to your organization's public website redirected them to a known malware site. You need to mitigate this type of network attack. Which technology should you implement? DNSSEC VPN NAP IPSec

DNSSEC

Which of the following is an IPSec protocol that provides data confidentiality in addition to authentication? AH DNSSEC PPTP ESP

ESP

Your network includes several client computers running Windows XP Service Pack (SP) 2. Which action must you take (at minimum) before the clients can be made Network Access Protection (NAP) compliant? Upgrade to Windows Vista. Remove SP2. Apply Windows XP SP3. Migrate to Windows 7 Ultimate.

Apply Windows XP SP3.

Network Access Protection (NAP) is able to check the status of: password policies. file and folder access permissions. user type and effective user permissions. Windows updates, firewall protection, spyware protection, and antivirus protection.

Windows updates, firewall protection, spyware protection, and antivirus protection.

Which is the role of a Health Registration Authority (HRA) in Network Access Protection (NAP)? Validating and requesting a health certificate for compliant clients. Issuing a statement of health (SoH) for each client. Saving client health requirements. Performing client remediation.

Validating and requesting a health certificate for compliant clients.

To deploy Network Access Protection (NAP), you must have: a NAP health policy server. a WSUS server. all clients configured to use dynamic IP addresses. a software firewall.

a NAP health policy server.

You need to ensure that only specific computers are allowed to access specific network resources. What should you use? DNS DHCP EFS NAP

NAP

You have a server running Windows Server 2008. you want to deploy NAP to enforce compliance for client computers on the network. Which client operating systems are supported? Windows XP SP2 or later, Windows Vista, and Windows 7 Only Windows Vista and Windows 7 Only Windows 7 Windows XP SP3 or late, Windows Vista, and Windows 7

Windows XP SP3 or late, Windows Vista, and Windows 7

Which DNS record is used to prevent hackers from using your network's e-mail servers as a platform for sending spam with your domain address? ``` SPF PTR SOA CNAME MX ```

SPF

You regularly do business with the Web site www.bcdtrain.com. You receive an e-mail addressed from bcdtrain.com with a link to verify your account information. When you check the link, you find it actually points to www.fi-print.com. Which type of attack is this? Malware Pharming Phishing Denial of service

Phishing

In e-mail, spoofing occurs when: the e-mail contains unsolicited business offers. the network mail server is overwhelmed by incoming traffic. the sender uses a fake From address. the attachments are actually Trojan horses. the recipient is tricked into revealing confidential information.

the sender uses a fake From address.

You use Microsoft outlook as the e-mail client for your company. you use an external e-mail server provided by your Internet service provider. You want to prevent virus infection on computers in your Active Directory domain. Which action would be the most effective? Install an antivirus programs on each client computer. Rely on server antivirus scanning. Configure Junk mail settings on each computer. Create and deploy a Junk e-mail settings Group policy Object (GPO)

Install an antivirus programs on each client computer.

A spoofed e-mail is a message: recieved from a sender on the blacklist. that will always be detected and blocked by anti-spam filters. that has a false sender address. received from a sender on the whitelist.

that has a false sender address.

Which contains a list of e-mail addresses and domains that the anti-spam filter should always assume to be spam? Blacklist Whitelist SmarScreen Filter Firewall rule

Blacklist

What benefit do SPF records provide? They ensure that all network users have antivirus software installed. They provide e-mail protection from spoofing and phishing. They prevent unauthorized clients from logging on. They provide protection from brute force attacks.

They provide e-mail protection from spoofing and phishing.

You want to ensure that mobile clients receive timely operating system updates. Some clients rarely connect to the internal business network. Which should you use? Configuration Manager Windows Update Agent (WUA) Windows Server Update Services (WSUS) Systems Management Server (SMS)

Windows Update Agent (WUA)

How are software restriction policies used? To control which software a user can execute. To control which users can run administrative utilities. To control which software a user can install or uninstall. To control which Web sites a user can visit.

To control which software a user can execute.

When you enable User Access Control (UAC): standard users are prevented from logging on. all standard and administrative users run standard applications with standard application permissions. all standard users are given access to all administrative functions. administrative users are prevented from logging on.

all standard and administrative users run standard applications with standard application permissions.

What would be the best approach to minimize the likelihood of a client computer being infected with a virus? Keep all ports open on the corporate firewall. Implement InPrivate Browsing. Restrict the attachments that an e-mail user can receive. Require each user to set up a quarantine area.

Restrict the attachments that an e-mail user can receive.

Which feature can provide elevation of privileges if an action requires administrative level access? NTFS permissions NAP Administrative Tools UAC

UAC

you need to implement security measures to provide maximum protection for client computers. What is one thing you should do? Close all ports on the firewall. Implement a read-only domain controller. Ensure that all computers have the most recent updates. Create a perimeter network.

Ensure that all computers have the most recent updates.

You have a training room with 10 computers. You need to be able to eontrol what software can be run by specific users logging on to the computers. What should you use? (Choose two.) ``` Software restriction policies Network Access Protection SmartScreen Filtering A firewall filter AppLocker ```

Software restriction policies | AppLocker

You are the security administrator for your company. All users have company-issued laptop computers running Windows 10 Enterprise Edition. The corporate network is organized as a single Active Directory Domain Services (AD DS) domain. You need to enforce a new security policy that requires that all locally cached corporate network data is protected against unauthorized access. What should you do? configure Windows PowerShell to use the Restricted execution policy. Configure Windows Firewall to encrypt each user's home folder. Configure Group policy to encrypt Offline Files. Configure Windows Update to encrypt downloaded updates.

Configure Group policy to encrypt Offline Files.

Which Microsoft technology employs application whitelisting to protect a network? SCOM App-V NAP AppLocker

AppLocker

Microsoft Security Baseline Analyser (MSBA) is used to: identify security misconfigurations and missing security updates on network computers. determine whether or not network computers have an up-to-date antivirus program installed. verify that network computer security configurations match administrator-specific configuration requirements. directly install missing security updates and service packs to network computers.

identify security misconfigurations and missing security updates on network computers.

Which users can administer a read-only domain controller (RODC)? Delegated standard domain users and domain administrators. Local administrators only. Any domain users. Domain administrators only.

Delegated standard domain users and domain administrators.

Which protocol is used for smart card interactive logon to the local Windows Active Directory domain? EAP-TLS Kerberos Digest NTLM

Kerberos

you need to ensure that all security updates have been applied to one of your servers. What should you use? A RADIUS server Windows Deployment Services Microsoft Baseline Security Analyzer ScanState.exe

Microsoft Baseline Security Analyzer

The process of making changes to the operating system, network, or applications in order to reduce vulnerability is referred to as: Patching Auditing Pharming Hardening

Hardening

Which represents a security threat to your DNS environment? Footprinting SSID broadcasting Nonrepudiation Rogue access point

Footprinting

For what purpose would you deploy an RDOC? To allow a server that contains sensitive information to only be accessed by specific users To prevent illegal DNS zone transfers To secure dynamic DNS updates To restrict domain controller access for a physically unsecure remote location.

To restrict domain controller access for a physically unsecure remote location.