Security Fundamentals from Measure Up

Question 1

Which type of security service is concerned with preventing or detecting any tampering with data?

Confidentiality
Integrity
Availability
Authentication

Answer 1

Integrity

Question 2

Which is the best way to prevent security compromises through social engineering?

Increased password complexity
User training
Employee ID badges
Internal e-mail servers

Answer 2

User training

Question 3

Which is an example of least privelege?

Ensuring that all services run under the LocalSystem account.
Logging on as administrator for administrative tasks and Web browsing only.
Logging on as a limited user instead of an administrator to run applications.
Assigning administrator priveleges to applications instead of to users.

Answer 3

Logging on as a limited user instead of an administrator to run applications.

Question 4

The principle of least privilege ensures that:

all users must use complex passwords.
data is encrypted.
availability is minimized.
users can only perform required tasks.

Answer 4

users can only perform required tasks.

Question 5

Which would be an example of a social engineering attack?

Nonrepudiation
Phishing
Eavesdropping attack
Brute force attack

Answer 5

Phishing

Question 6

You are a network administrator. you need to minimize the attack surface of your network. What would this involve?

Installing a physical lock to protect the servers
Creating shared folders
Ensuring that only required features are enabled
Enabling audit logging

Answer 6

Ensuring that only required features are enabled

Question 7

What is affected when data is modified by mistake?

Confidentiality
Availability
Integrity
Authentication

Answer 7

Integrity

Question 8

Which example best illustrates the IT security principle of least privelege?

A system service running in the security context of a local administrator
A shared folder using default sharing and NTFS permissions
A standard user whose account belongs to the local Administrators group
An administrator logged onto her workstation with a standard user account

Answer 8

An administrator logged onto her workstation with a standard user account

Question 9

What is the advantage of preventing a wireless access point (WAP) from broadcasting its service set identifier (SSID)?

It blocks authorized clients from connecting to the WAP.
It enhances the authentication protection provided by the WAP.
It temporarily disable the WAP.
It prevents the WAP from appearing in the list of available wireless networks.

Answer 9

It prevents the WAP from appearing in the list of available wireless networks.

Question 10

You need to secure your wireless network. Which provides the highest level of security?

Hidden SSID
WEP
WPA
MAC filtering

Answer 10

WPA

Question 11

Which wireless security method uses Temporal Key Integrity Protocol (TKIP) encryption?

Wired Equivalent Privacy (WEP)
Wi-Fi Protected Access 2 (WPA2)
Wi-Fi Protected Access (WPA)
MAC filtering

Answer 11

Wi-Fi Protected Access (WPA)

Question 12

You have a wireless network. You need to ensure that only specific client computers are able to access the wireless network. What should you do?

Use a software restriction policy.
Implement MAC filtering.
relocate the wireless access point.
Disable SSID Broadcasting.

Answer 12

Implement MAC filtering.

Question 13

When you disable SSID broadcasting:

users must know the SSID to be able to connect to your wireless network.
user passwords transmitted over the Internet are not transmitted in a readable format.
wireless access points on you WLAN provide maximum security.
rogue wireless access points cannot be accessed.

Answer 13

users must know the SSID to be able to connect to your wireless network.

Question 14

A wireless network that implements WEp:

provides maximum security.
is less secure than one that implements WPA or WPA2.
only allows users with specific IP addresses to communicate.
is not vulnerable to interference.

Answer 14

is less secure than one that implements WPA or WPA2.

Question 15

To ensure that users cannot connect to a rogue wireless access point, you should:

install a wireless intrusion prevention system.
implement a password lockout policy.
use BitLocker.
require that users have a strong password.

Answer 15

install a wireless intrusion prevention system.

Question 16

You Active Directory domain’s network computers access the Internet through a Network Address Translation (NAT) server deployed on a perimeter network. you need to ensure that the same Internet Explorer (IE) browser security policies are used by all clients. What should you do?

Edit Internet Options individually for each computer.
Configure IE browser security on the NAT server.
Create a domain-level Group Policy object (GPO).
Manually modify each computer’s registry.

Answer 16

Create a domain-level Group Policy object (GPO).

Question 17

Which is a feature of the SmartScreen filter?

It encrypts data communication with then Web server.
It blocks content and files from known malicious Web sites.
It prevents the computer from logging the browser history.
It protects against cross0-site request forgery (CSRF) attacks.

Answer 17

It blocks content and files from known malicious Web sites.

Question 18

Which technology provides security for data that is transmitted over the Internet?

EFS
ARP
SSL
RADIUS

Answer 18

SSL

Question 19

What would you use to ensure that specific Web sites do not have access to user browsing patterns?

Software restriction policies
InPrivate Browsing
InPrivate Filtering
SmartScreen Filtering

Answer 19

InPrivate Filtering

Question 20

Most of your network cabling is routed through secure cable runs. The network is wired with unshielded twisted pair (UTP) cable. One segment of cable will have to pass through an unsecured area as a backbone between two offices. Which action should you take to keep communication secure?

Use shielded twisted pair (STP) cable to wire the unsecured segment.
Route the cable for the unsecured segment through metal conduit.
Route the cable for the unsecured segment through the ceiling.
Use fiber optic cable to wire the unsecured segment.

Answer 20

Use fiber optic cable to wire the unsecured segment.

Question 21

SYSKEY improves physical by requiring a password or special floppy disk to:

boot the server.
logon at the server.
write to removable media.
shut down the server.

Answer 21

boot the server.

Question 22

A keylogger:

tracks Internet browsing history.
maintains a record of operating system generated events.
records every user keystroke.
captures encryption keys.

Answer 22

records every user keystroke.

Question 23

You want to prevent users who are running Windows Vista and Windows 7 of your corporate network from copying sensitive data to removable media. What should you do?

Remove all floppy disk and CD/DVD drives.
Flag sensitive files as read-only.
Create a media library.
Define a group policy to control write access to removable media.

Answer 23

Define a group policy to control write access to removable media.

Question 24

For what reason is physical security extremely important with laptops and other mobile devices?

They can be lost or stolen.
They do not provide authentication for users.
They do not support data encryption.
They are shared by multiple users.

Answer 24

They can be lost or stolen.

Question 25

You work as a network security consultant. One of your clients reports that he suspects some of his electronic correspondence is being capture by a competitor. A security audit of the client’s Windows 10 workstation’s software environment resulted in no suspicious findings. You need to verify the security of the client’s computer. What should you look for on the client’s computer?

Keylogger
Trusted Plaform Module (TPM)
Virtual smart card
Private key

Answer 25

Keylogger

Question 26

How does a worm differ from other viruses?

All worms are destructive.
A worm is self-replicating.
All worms are distributed as e-mail attachments.
A worm requires a host program.

Answer 26

A worm is self-replicating.

Question 27

Malicious softward that masquerades as a beneficial utility is known as:

a Trojan horse.
spam.
a virus.
spyware.

Answer 27

a Trojan horse.

Question 28

Which are common symptoms of a virus infection? (Each correct answer presents a complete solution. Choose two.)

An installed antivirus program is disabled and will not restart.
Your network user account is locked out.
Download speed is slow during Internet file download. New icons appear spontaneously on the desktop.
A new utility does not run as expected when executed.

Answer 28

An installed antivirus program is disabled and will not restart.
New icons appear spontaneously on the desktop.

Question 29

Creating an antivirus quarantine area causes:

freeware to not be installed.
all cookies to be permanently deleted.
spyware to be detected.
potential viruses to be isolated.

Answer 29

potential viruses to be isolated.

Question 30

A Trojan Horse is an example of:

a method of implementing security.
a computer virus.
data corruption.
an attack surface.

Answer 30

a computer virus.

Question 31

What is an example of malware?

An unauthorized program that gathers information about the user
Hardware that does not have device drivers installed
A program that runs with administrator permissions
A network sniffer

Answer 31

An unauthorized program that gathers information about the user

Question 32

With regard to computer security, a worm refers to:

a self-replicating computer virus.
a wireless network intrusion.
an open port on the firewall.
an unauthorized user.

Answer 32

a self-replicating computer virus.

Question 33

You work as a security consultant. One of your clients informs you that as of today he is unable to access any of his personal files on his Windows 10 computer. The user’s computer displays a message box that prompts him to submit a Bitcoin payment to a third party in exchange for a decryption key that will unlock his files. What type of malware has infected the user’s computer?

Botnet
Ransomware
Rootkit
Adware

Answer 33

Ransomware

Question 34

Which type of malware replicates itself without reliance on a host file?

Trojan horse
worm
virus
bot

Answer 34

worm

Question 35

A brute force attack is used to:

discover details about network configuration.
discover passwords.
hijack communication sessions.
prevent access to network resources.

Answer 35

discover passwords.

Question 36

You support a Windows Server 2003 Active Directory forest with multiple domains. Each domain stores user accounts for users at a specific geographic location. You need to apply a consistent password policy to Active Directory users through group policy. You want to keep the effort needed to apply and maintain the policy to a minimum. What should you do?

Define password policy at the domain level in the forest’s root domain.
Define password policy at the site level for each site.
Define password policy at the Users container in each domain.
Define password policy at the domain level in each domain.

Answer 36

Define password policy at the domain level in each domain.

Question 37

Password history is used to enforce:

guesses before locking an account.
maximum time between password changes.
restrictions on password reuse.
minimum time between password changes.

Answer 37

restrictions on password reuse.

Question 38

You set the Passwords must meet complexity requirements policy to Enabled. Minimum password length is set to 8. Which is a valid password?

$$Pwd##!99
dorWssaP
p1a2s3s4
!@#$%^&*

Answer 38

$$Pwd##!99

Question 39

A strong password contains:

a private key.
a minimum of 5 characters.
a history of usage.
letters, numbers, and special characters.

Answer 39

letters, numbers, and special characters.

Question 40

You need to ensure that users attempting to log in are automatically blocked from logging in after a specific number of failed login attempts. What should you create?

A security group
An account lockout policy
A software restriction policy
A password policy

Answer 40

An account lockout policy

Question 41

You need to create a password policy to ensure that domain account passwords must be reset every two weeks. What should you do?

Define passwords complexity requirements.
Specify a minimum password age.
Specify a maximum password age.
Enforce password history.

Answer 41

Specify a maximum password age.

Question 42

You enable the audit of successful and failed policy changes. Were can you view entries related to policy change attempts?

Application event log
System event log
Directory services event log
Security event log

Answer 42

Security event log

Question 43

Which would you audit to detect attempts to guess user passwords?

Logon/logoff successes
Object access failures
Object access successes
Logon/logoff failures

Answer 43

Logon/logoff failures

Question 44

You want to implement a consistent audit policy for your Active Directory domain. Which should you use?

Group Policy editor
Services utility
Computer properties
Security Account Manager (SAM)

Answer 44

Group Policy editor

Question 45

Object access auditing is used to monitor:

which users log on to the network.
the amount of CPU usage.
which users open specific files.
the amount of memory usage.

Answer 45

which users open specific files.

Question 46

For what purpose would you use security auditing to audit logon events?

To detect a possible password attack
To ensure that only authenticated users are accessing the network
To determine a user’s effective permissions
To know when to reset a user’s password

Answer 46

To detect a possible password attack

Question 47

When you implement a security auditing policy,:

policies are applied at the user level.
all potential security breaches are recorded in the Application log.
auditing is performed only for logged on users.

Answer 47

policies are applied at the user level.

Question 48

Implementing security auditing allows you to:

force users to use strong passwords.
implement a key logger.
determine if a security breach has occurred.
encrypt files to prevent unauthorized access.
provide physical security for your network.

Answer 48

determine if a security breach has occurred.

Question 49

You normally log on a s a standard user. You need to occasionally run programs that require administrator privileges. You want to keep the potential security risk to a minimum. What should you do?

Log off and log on as a local administrator.
Log off and log on as a domain administrator.
Use Run As to launch the programs.
Disable User Account Control (UAC).

Answer 49

Use Run As to launch the programs.

Question 50

Which is an example of biometric security?

Strong password
Fingerprint scan
Smart card
Locked room

Answer 50

Fingerprint scan

Question 51

Smart cards:

are typically used to support logon and authentication without any user interaction.
are typically used as a part of a multifactor authentication solution.
are necessary when using Kerberos.
are necessary when implementing Public Key Infrastructure (PKI) security.

Answer 51

are typically used as a part of a multifactor authentication solution.

Question 52

What are two features of a public key in asymmetric encryption? (Choose two)

It is used to decrypt data.
It is seen only by the key's owner.
It is used to encrypt data.
It is distributed by certificate.
It is not related to any private key.

Answer 52

It is used to encrypt data.

It is distributed by certificate.

Question 53

To implement multifactor authentication you should use:

a smart card and a PIN.
a username and password.
encryption.
a biometric input device.

Answer 53

a smart card and a PIN.

Question 54

The term mutual authentication refers to:

requiring users to provide more than one piece of information to authenticate.
users being authenticated with the server and vice versa.
using biometrics to implement authentication.
forcing users to use more complex passwords.

Answer 54

users being authenticated with the server and vice versa.

Question 55

You work as a security analyst for your company. As part of the company’s latest security initiative, all users are required to authenticate to network resources with a second authentication method. All user computers run Windows 8.1 Enterprise Edition. The company’s CIO states that she wants to implement virtual smart cards for all corporate employees. You need to analyze the existing environment to identify solution prerequisites. Which of the following is a requirement for implementing virtual smart cards?

All computers must use BitLocker Drive Encryption.
All employeeds must be issued physical cmart cards.
All computers must be upgraded to Windows 10.
All computers must have an onboard TPM chip.

Answer 55

All computers must have an onboard TPM chip.

Question 56

Which protocol can centralize authentication for dial-up, VPN, and IEEE 802.11 Wi-Fi access connections?

EFS
AAA
RADIUS
SSTP

Answer 56

RADIUS

Question 57

A website requires a user to enter both a password and a text message-based personal identification number (PIN). Which type of authentication does that website use?

delegation
multifactor authentication
Kerberos authentication
single-sign on

Answer 57

multifactor authentication

Question 58

All users have been denied all permissions to a file. You need to access the file as quickly as possible. you are logged on as an administrator. What should you do first?

Copy the file to a different folder with less restrictive permissions.
Change the file permissions.
Restore from the most recent backup.
Take ownership of the file.

Answer 58

Take ownership of the file.

Question 59

When securing your network, you would disable inheritance to:

prevent folder permissions on a folder from being used for subfolders.
ensure that users periodically change their passwords.
reduce the likelihood of dictionary attacks.
ensure that all users must enter credentials to log in.

Answer 59

prevent folder permissions on a folder from being used for subfolders.

Question 60

You would use a security group to:

allow only specific users to access specific network resources.
ensure that data on laptops is not compromised if the laptop is stolen.
encrypt files stored on the file system.
authenticate users.

Answer 60

allow only specific users to access specific network resources.

Question 61

You administer your company’s Windows Server 2012 R2 file server. The file server has two NTFS data volumes, D: and E:. You move a file from drive D: to drive E:. What happens to the file’s original permissions?

All permissions are removed from the file.
Administrative permissions are applied to the file.
Permissions are inherited from the destination folder.
Permissions are retained from the source folder.

Answer 61

Permissions are inherited from the destination folder.

Question 62

You work as a domain administrator for your company. All user computers in the organization run Windows 10 Enterprise Edition. One of the company’s employees modified the NTFS permissions on her network-based project folder in such a ways that no administrator has access. You need to ensure that you and other domain administrators can access the employee’s project folder. What should you do first?

Edit the permissions of the folder.
Audit object access to the folder.
Decrypt the folder.
Take ownership of the folder.

Answer 62

Take ownership of the folder.

Question 63

What is the minimum shared folder permission that is required for a user to delete a file?

List folder contents
Change
Full Control
Read and Execute

Answer 63

Change

Question 64

What will happen when you move a file you encrypted through the encrypting file system (EFS) to an unencrypted folder on an NTFS partition?

An error is generated.
The file remains encrypted.
The file is automatically decrypted.
You are prompted to decrypt the file.

Answer 64

The file remains encrypted.

Question 65

A laptop computer running Windows Server 2008 does not have Trusted Platform Module (TPM) installed. you want to protect the data on the computer in case the computer is stolen. Which action should you take?

Install and configure TPM.
Manually encrypt all system files.
Configure Encrypting File System (EFS).
Install and configure BitLocker.

Answer 65

Install and configure BitLocker.

Question 66

Which type of certificate authority (CA) issues its own certificates?

Issuing CA
Subordinate CA
Root CA
Policy CA

Answer 66

Root CA

Question 67

In which situation would you typically use a stand-alone certificate authority (CA) in your public key infrastructure (PKI) design?

When creating a hierarchy with a third party root.
When issuing certificates to users outside of your domain.
When deploying multiple root CAs in a single domain.
When creating a trust infrastructure between root and subordinate CAs.

Answer 67

When issuing certificates to users outside of your domain.

Question 68

Which technology is used to provide file encryption for removable storage devices?

DFS
BitLocker To Go
BitLocker
EFS

Answer 68

BitLocker To Go

Question 69

You are a network administrator. you have enabled encryption for a file that is located in a shared folder. What does this ensure?

That the file can only be read by users who are allowed to do so
That the file is marked with the Read-Only attribute
That the file cannot be written to a removable storage device
That the file can only be added as an e-mail attachment

Answer 69

That the file can only be read by users who are allowed to do so

Question 70

Using Trusted Platform Module (TPM) ensures:

hardware encryption of data.
a dedicated firewall.
protection from a brute force attack.
data availability.

Answer 70

hardware encryption of data.

Question 71

Monitoring network communications to collect information about the network and collect the content of network packets is known as:

sniffing
spoofing
hijacking
flooding

Answer 71

sniffing

Question 72

Which is used to validate DNSsec responses?

Desitnation port
Digital signature.
Responding server IP address
Domain IPSec policy

Answer 72

Digital signature.

Question 73

Tunneling:

ensures that data packets are encrypted.
encapsulates packets of one protocol inside another protocol.
must be used to communicate over the Internet.
is only used for remote client connectivity.

Answer 73

encapsulates packets of one protocol inside another protocol.

Question 74

Which uses digital signaures to provide security for DNS communications and helps to minimize the likelihood of man-in-the-middle attacks?

IPsec
SSL
HTTPS
DNSsec

Answer 74

DNSsec

Question 75

For what purpose is a network sniffer used?

To test network connectivity
To capture network transmissions
To audit users who log on to the network
To ensure that only compliant computers log on to the network.

Answer 75

To capture network transmissions

Question 76

Which would reduce the likelihood of a sniffer attack?

Implementing a security group
Implementing EFS
Encrypting data transmitted over the network
Performing regular virus scanning

Answer 76

Encrypting data transmitted over the network

Question 77

In which situation would you use a Class 1 firewall?

To protect a perimeter network.
To establish a screened subnet.
To create an Internet gateway.
To provide protection for an individual client.

Answer 77

To provide protection for an individual client.

Question 78

Software firewalls:

cannot support NAT.
operate as host firewalls only.
must be deployed on the internal network.
are configured from software included with the operating system.

Answer 78

are configured from software included with the operating system.

Question 79

Which firewall inspection method logs outgoing connections and checks incoming traffic against that log?

Port filtering
Stateful inspection
Application layer filtering
Circuit-level inspection

Answer 79

Stateful inspection

Question 80

What is the primary purpose of a firewall?

To monitor security policy compliance
To prevent users from running specific programs
To store all user data on the file system in an encrypted form
To protect the network by restricting incoming and outgoing network traffic

Answer 80

To protect the network by restricting incoming and outgoing network traffic

Question 81

Windows Firewall is a:

hardware firewall.
stateful software firewall.
means of physically protecting a Windows server.
stateless software firewall.

Answer 81

stateful software firewall.

Question 82

Which is used to implement packet filtering of packets sent from and received on the network?

A SmartScreen filter
A firewall
MAC filtering
A whitelist

Answer 82

A firewall

Question 83

What kind of data does a stateless firewall use to determine which network frames to allow or block?

source and destination IP addresses
forged communications
signature databases
end-to-end traffic streams

Answer 83

source and destination IP addresses

Question 84

A computer that is designed to entice hackers to attack it is known as a:

proxy
firewall
honeypot
VLAN

Answer 84

honeypot

Question 85

You are setting up server isolation in an Active Directory domain to limit access to select domain members only. You will need to configure:

fiber optic cabling.
a dedicated router.
a virtual local area network (VLAN).
Group Policy settings.

Answer 85

Group Policy settings.

Question 86

You want to configure clients and servers in different geographic locations on your network as if they were all part of the same subnet. You need to set up a:

demilitarized zone (DMZ)
virtual private network (VPN)
wide area network (WAN)
virtual local area network (VLAN)

Answer 86

virtual local area network (VLAN)

Question 87

You want to provide public access to a Web server. Visitors to the Web server should not have access to your internal network. You need to configure:

an Active Directory domain.
a virtual local area network (VLAN).
a virtual private network (VPN).
a perimeter network.

Answer 87

a perimeter network.

Question 88

For what purpose would you use a VPN?

To ensure that users only have read access to folders
To verify that a user’s credentials are valid
To allow corporate users to securely access your internal network from a remote location
To ensure that only specific users can connect to your LAN

Answer 88

To allow corporate users to securely access your internal network from a remote location

Question 89

Which is used for the sole purpose of intrusion detection?

A distribution group
An encryption algorithm
A security group
A honeypot

Answer 89

A honeypot

Question 90

You have a Web server on your network that will be Internet facing. You need to allow external users to access the Web server, but protect the internal network. What should you use?

Security group
VPN
WLAN
DMZ
Domain isolation

Answer 90

DMZ

Question 91

You are a network administrator for your organization. The corporate help desk receive several customer complaints that visits to your organization’s public website redirected them to a known malware site. You need to mitigate this type of network attack. Which technology should you implement?

DNSSEC
VPN
NAP
IPSec

Answer 91

DNSSEC

Question 92

Which of the following is an IPSec protocol that provides data confidentiality in addition to authentication?

AH
DNSSEC
PPTP
ESP

Answer 92

ESP

Question 93

Your network includes several client computers running Windows XP Service Pack (SP) 2. Which action must you take (at minimum) before the clients can be made Network Access Protection (NAP) compliant?

Upgrade to Windows Vista.
Remove SP2.
Apply Windows XP SP3.
Migrate to Windows 7 Ultimate.

Answer 93

Apply Windows XP SP3.

Question 94

Network Access Protection (NAP) is able to check the status of:

password policies.
file and folder access permissions.
user type and effective user permissions.
Windows updates, firewall protection, spyware protection, and antivirus protection.

Answer 94

Windows updates, firewall protection, spyware protection, and antivirus protection.

Question 95

Which is the role of a Health Registration Authority (HRA) in Network Access Protection (NAP)?

Validating and requesting a health certificate for compliant clients.
Issuing a statement of health (SoH) for each client.
Saving client health requirements.
Performing client remediation.

Answer 95

Validating and requesting a health certificate for compliant clients.

Question 96

To deploy Network Access Protection (NAP), you must have:

a NAP health policy server.
a WSUS server.
all clients configured to use dynamic IP addresses.
a software firewall.

Answer 96

a NAP health policy server.

Question 97

You need to ensure that only specific computers are allowed to access specific network resources. What should you use?

DNS
DHCP
EFS
NAP

Answer 97

NAP

Question 98

You have a server running Windows Server 2008. you want to deploy NAP to enforce compliance for client computers on the network. Which client operating systems are supported?

Windows XP SP2 or later, Windows Vista, and Windows 7
Only Windows Vista and Windows 7
Only Windows 7
Windows XP SP3 or late, Windows Vista, and Windows 7

Answer 98

Windows XP SP3 or late, Windows Vista, and Windows 7

Question 99

Which DNS record is used to prevent hackers from using your network’s e-mail servers as a platform for sending spam with your domain address?

SPF
PTR
SOA
CNAME
MX

Answer 99

SPF

Question 100

You regularly do business with the Web site www.bcdtrain.com. You receive an e-mail addressed from bcdtrain.com with a link to verify your account information. When you check the link, you find it actually points to www.fi-print.com. Which type of attack is this?

Malware
Pharming
Phishing
Denial of service

Answer 100

Phishing

Question 101

In e-mail, spoofing occurs when:

the e-mail contains unsolicited business offers.
the network mail server is overwhelmed by incoming traffic.
the sender uses a fake From address.
the attachments are actually Trojan horses.
the recipient is tricked into revealing confidential information.

Answer 101

the sender uses a fake From address.

Question 102

You use Microsoft outlook as the e-mail client for your company. you use an external e-mail server provided by your Internet service provider. You want to prevent virus infection on computers in your Active Directory domain. Which action would be the most effective?

Install an antivirus programs on each client computer.
Rely on server antivirus scanning.
Configure Junk mail settings on each computer.
Create and deploy a Junk e-mail settings Group policy Object (GPO)

Answer 102

Install an antivirus programs on each client computer.

Question 103

A spoofed e-mail is a message:

recieved from a sender on the blacklist.
that will always be detected and blocked by anti-spam filters.
that has a false sender address.
received from a sender on the whitelist.

Answer 103

that has a false sender address.

Question 104

Which contains a list of e-mail addresses and domains that the anti-spam filter should always assume to be spam?

Blacklist
Whitelist
SmarScreen Filter
Firewall rule

Answer 104

Blacklist

Question 105

What benefit do SPF records provide?

They ensure that all network users have antivirus software installed.
They provide e-mail protection from spoofing and phishing.
They prevent unauthorized clients from logging on.
They provide protection from brute force attacks.

Answer 105

They provide e-mail protection from spoofing and phishing.

Question 106

You want to ensure that mobile clients receive timely operating system updates. Some clients rarely connect to the internal business network. Which should you use?

Configuration Manager
Windows Update Agent (WUA)
Windows Server Update Services (WSUS)
Systems Management Server (SMS)

Answer 106

Windows Update Agent (WUA)

Question 107

How are software restriction policies used?

To control which software a user can execute.
To control which users can run administrative utilities.
To control which software a user can install or uninstall.
To control which Web sites a user can visit.

Answer 107

To control which software a user can execute.

Question 108

When you enable User Access Control (UAC):

standard users are prevented from logging on.
all standard and administrative users run standard applications with standard application permissions.
all standard users are given access to all administrative functions.
administrative users are prevented from logging on.

Answer 108

all standard and administrative users run standard applications with standard application permissions.

Question 109

What would be the best approach to minimize the likelihood of a client computer being infected with a virus?

Keep all ports open on the corporate firewall.
Implement InPrivate Browsing.
Restrict the attachments that an e-mail user can receive.
Require each user to set up a quarantine area.

Answer 109

Restrict the attachments that an e-mail user can receive.

Question 110

Which feature can provide elevation of privileges if an action requires administrative level access?

NTFS permissions
NAP
Administrative Tools
UAC

Answer 110

UAC

Question 111

you need to implement security measures to provide maximum protection for client computers. What is one thing you should do?

Close all ports on the firewall.
Implement a read-only domain controller.
Ensure that all computers have the most recent updates.
Create a perimeter network.

Answer 111

Ensure that all computers have the most recent updates.

Question 112

You have a training room with 10 computers. You need to be able to eontrol what software can be run by specific users logging on to the computers. What should you use? (Choose two.)

Software restriction policies
Network Access Protection
SmartScreen Filtering
A firewall filter
AppLocker

Answer 112

Software restriction policies

AppLocker

Question 113

You are the security administrator for your company. All users have company-issued laptop computers running Windows 10 Enterprise Edition. The corporate network is organized as a single Active Directory Domain Services (AD DS) domain. You need to enforce a new security policy that requires that all locally cached corporate network data is protected against unauthorized access. What should you do?

configure Windows PowerShell to use the Restricted execution policy.
Configure Windows Firewall to encrypt each user’s home folder.
Configure Group policy to encrypt Offline Files.
Configure Windows Update to encrypt downloaded updates.

Answer 113

Configure Group policy to encrypt Offline Files.

Question 114

Which Microsoft technology employs application whitelisting to protect a network?

SCOM
App-V
NAP
AppLocker

Answer 114

AppLocker

Question 115

Microsoft Security Baseline Analyser (MSBA) is used to:

identify security misconfigurations and missing security updates on network computers.
determine whether or not network computers have an up-to-date antivirus program installed.
verify that network computer security configurations match administrator-specific configuration requirements.
directly install missing security updates and service packs to network computers.

Answer 115

identify security misconfigurations and missing security updates on network computers.

Question 116

Which users can administer a read-only domain controller (RODC)?

Delegated standard domain users and domain administrators.
Local administrators only.
Any domain users.
Domain administrators only.

Answer 116

Delegated standard domain users and domain administrators.

Question 117

Which protocol is used for smart card interactive logon to the local Windows Active Directory domain?

EAP-TLS
Kerberos
Digest
NTLM

Answer 117

Kerberos

Question 118

you need to ensure that all security updates have been applied to one of your servers. What should you use?

A RADIUS server
Windows Deployment Services
Microsoft Baseline Security Analyzer
ScanState.exe

Answer 118

Microsoft Baseline Security Analyzer

Question 119

The process of making changes to the operating system, network, or applications in order to reduce vulnerability is referred to as:

Patching
Auditing
Pharming
Hardening

Answer 119

Hardening

Question 120

Which represents a security threat to your DNS environment?

Footprinting
SSID broadcasting
Nonrepudiation
Rogue access point

Answer 120

Footprinting

Question 121

For what purpose would you deploy an RDOC?

To allow a server that contains sensitive information to only be accessed by specific users
To prevent illegal DNS zone transfers
To secure dynamic DNS updates
To restrict domain controller access for a physically unsecure remote location.

Answer 121

To restrict domain controller access for a physically unsecure remote location.