Security Fundamentals from Measure Up Flashcards

1
Q

Which type of security service is concerned with preventing or detecting any tampering with data?

Confidentiality
Integrity
Availability
Authentication

A

Integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which is the best way to prevent security compromises through social engineering?

Increased password complexity
User training
Employee ID badges
Internal e-mail servers

A

User training

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which is an example of least privelege?

Ensuring that all services run under the LocalSystem account.
Logging on as administrator for administrative tasks and Web browsing only.
Logging on as a limited user instead of an administrator to run applications.
Assigning administrator priveleges to applications instead of to users.

A

Logging on as a limited user instead of an administrator to run applications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

The principle of least privilege ensures that:

all users must use complex passwords.
data is encrypted.
availability is minimized.
users can only perform required tasks.

A

users can only perform required tasks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which would be an example of a social engineering attack?

Nonrepudiation
Phishing
Eavesdropping attack
Brute force attack

A

Phishing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

You are a network administrator. you need to minimize the attack surface of your network. What would this involve?

Installing a physical lock to protect the servers
Creating shared folders
Ensuring that only required features are enabled
Enabling audit logging

A

Ensuring that only required features are enabled

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is affected when data is modified by mistake?

Confidentiality
Availability
Integrity
Authentication

A

Integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which example best illustrates the IT security principle of least privelege?

A system service running in the security context of a local administrator
A shared folder using default sharing and NTFS permissions
A standard user whose account belongs to the local Administrators group
An administrator logged onto her workstation with a standard user account

A

An administrator logged onto her workstation with a standard user account

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the advantage of preventing a wireless access point (WAP) from broadcasting its service set identifier (SSID)?

It blocks authorized clients from connecting to the WAP.
It enhances the authentication protection provided by the WAP.
It temporarily disable the WAP.
It prevents the WAP from appearing in the list of available wireless networks.

A

It prevents the WAP from appearing in the list of available wireless networks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

You need to secure your wireless network. Which provides the highest level of security?

Hidden SSID
WEP
WPA
MAC filtering

A

WPA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which wireless security method uses Temporal Key Integrity Protocol (TKIP) encryption?

Wired Equivalent Privacy (WEP)
Wi-Fi Protected Access 2 (WPA2)
Wi-Fi Protected Access (WPA)
MAC filtering

A

Wi-Fi Protected Access (WPA)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

You have a wireless network. You need to ensure that only specific client computers are able to access the wireless network. What should you do?

Use a software restriction policy.
Implement MAC filtering.
relocate the wireless access point.
Disable SSID Broadcasting.

A

Implement MAC filtering.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

When you disable SSID broadcasting:

users must know the SSID to be able to connect to your wireless network.
user passwords transmitted over the Internet are not transmitted in a readable format.
wireless access points on you WLAN provide maximum security.
rogue wireless access points cannot be accessed.

A

users must know the SSID to be able to connect to your wireless network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A wireless network that implements WEp:

provides maximum security.
is less secure than one that implements WPA or WPA2.
only allows users with specific IP addresses to communicate.
is not vulnerable to interference.

A

is less secure than one that implements WPA or WPA2.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

To ensure that users cannot connect to a rogue wireless access point, you should:

install a wireless intrusion prevention system.
implement a password lockout policy.
use BitLocker.
require that users have a strong password.

A

install a wireless intrusion prevention system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

You Active Directory domain’s network computers access the Internet through a Network Address Translation (NAT) server deployed on a perimeter network. you need to ensure that the same Internet Explorer (IE) browser security policies are used by all clients. What should you do?

Edit Internet Options individually for each computer.
Configure IE browser security on the NAT server.
Create a domain-level Group Policy object (GPO).
Manually modify each computer’s registry.

A

Create a domain-level Group Policy object (GPO).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Which is a feature of the SmartScreen filter?

It encrypts data communication with then Web server.
It blocks content and files from known malicious Web sites.
It prevents the computer from logging the browser history.
It protects against cross0-site request forgery (CSRF) attacks.

A

It blocks content and files from known malicious Web sites.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Which technology provides security for data that is transmitted over the Internet?

EFS
ARP
SSL
RADIUS

A

SSL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What would you use to ensure that specific Web sites do not have access to user browsing patterns?

Software restriction policies
InPrivate Browsing
InPrivate Filtering
SmartScreen Filtering

A

InPrivate Filtering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Most of your network cabling is routed through secure cable runs. The network is wired with unshielded twisted pair (UTP) cable. One segment of cable will have to pass through an unsecured area as a backbone between two offices. Which action should you take to keep communication secure?

Use shielded twisted pair (STP) cable to wire the unsecured segment.
Route the cable for the unsecured segment through metal conduit.
Route the cable for the unsecured segment through the ceiling.
Use fiber optic cable to wire the unsecured segment.

A

Use fiber optic cable to wire the unsecured segment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

SYSKEY improves physical by requiring a password or special floppy disk to:

boot the server.
logon at the server.
write to removable media.
shut down the server.

A

boot the server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

A keylogger:

tracks Internet browsing history.
maintains a record of operating system generated events.
records every user keystroke.
captures encryption keys.

A

records every user keystroke.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

You want to prevent users who are running Windows Vista and Windows 7 of your corporate network from copying sensitive data to removable media. What should you do?

Remove all floppy disk and CD/DVD drives.
Flag sensitive files as read-only.
Create a media library.
Define a group policy to control write access to removable media.

A

Define a group policy to control write access to removable media.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

For what reason is physical security extremely important with laptops and other mobile devices?

They can be lost or stolen.
They do not provide authentication for users.
They do not support data encryption.
They are shared by multiple users.

A

They can be lost or stolen.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

You work as a network security consultant. One of your clients reports that he suspects some of his electronic correspondence is being capture by a competitor. A security audit of the client’s Windows 10 workstation’s software environment resulted in no suspicious findings. You need to verify the security of the client’s computer. What should you look for on the client’s computer?

Keylogger
Trusted Plaform Module (TPM)
Virtual smart card
Private key

A

Keylogger

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

How does a worm differ from other viruses?

All worms are destructive.
A worm is self-replicating.
All worms are distributed as e-mail attachments.
A worm requires a host program.

A

A worm is self-replicating.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Malicious softward that masquerades as a beneficial utility is known as:

a Trojan horse.
spam.
a virus.
spyware.

A

a Trojan horse.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Which are common symptoms of a virus infection? (Each correct answer presents a complete solution. Choose two.)

An installed antivirus program is disabled and will not restart.
Your network user account is locked out.
Download speed is slow during Internet file download. New icons appear spontaneously on the desktop.
A new utility does not run as expected when executed.

A

An installed antivirus program is disabled and will not restart.
New icons appear spontaneously on the desktop.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Creating an antivirus quarantine area causes:

freeware to not be installed.
all cookies to be permanently deleted.
spyware to be detected.
potential viruses to be isolated.

A

potential viruses to be isolated.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

A Trojan Horse is an example of:

a method of implementing security.
a computer virus.
data corruption.
an attack surface.

A

a computer virus.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

What is an example of malware?

An unauthorized program that gathers information about the user
Hardware that does not have device drivers installed
A program that runs with administrator permissions
A network sniffer

A

An unauthorized program that gathers information about the user

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

With regard to computer security, a worm refers to:

a self-replicating computer virus.
a wireless network intrusion.
an open port on the firewall.
an unauthorized user.

A

a self-replicating computer virus.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

You work as a security consultant. One of your clients informs you that as of today he is unable to access any of his personal files on his Windows 10 computer. The user’s computer displays a message box that prompts him to submit a Bitcoin payment to a third party in exchange for a decryption key that will unlock his files. What type of malware has infected the user’s computer?

Botnet
Ransomware
Rootkit
Adware

A

Ransomware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Which type of malware replicates itself without reliance on a host file?

Trojan horse
worm
virus
bot

A

worm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

A brute force attack is used to:

discover details about network configuration.
discover passwords.
hijack communication sessions.
prevent access to network resources.

A

discover passwords.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

You support a Windows Server 2003 Active Directory forest with multiple domains. Each domain stores user accounts for users at a specific geographic location. You need to apply a consistent password policy to Active Directory users through group policy. You want to keep the effort needed to apply and maintain the policy to a minimum. What should you do?

Define password policy at the domain level in the forest’s root domain.
Define password policy at the site level for each site.
Define password policy at the Users container in each domain.
Define password policy at the domain level in each domain.

A

Define password policy at the domain level in each domain.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Password history is used to enforce:

guesses before locking an account.
maximum time between password changes.
restrictions on password reuse.
minimum time between password changes.

A

restrictions on password reuse.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

You set the Passwords must meet complexity requirements policy to Enabled. Minimum password length is set to 8. Which is a valid password?

$$Pwd##!99
dorWssaP
p1a2s3s4
!@#$%^&*

A

$$Pwd##!99

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

A strong password contains:

a private key.
a minimum of 5 characters.
a history of usage.
letters, numbers, and special characters.

A

letters, numbers, and special characters.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

You need to ensure that users attempting to log in are automatically blocked from logging in after a specific number of failed login attempts. What should you create?

A security group
An account lockout policy
A software restriction policy
A password policy

A

An account lockout policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

You need to create a password policy to ensure that domain account passwords must be reset every two weeks. What should you do?

Define passwords complexity requirements.
Specify a minimum password age.
Specify a maximum password age.
Enforce password history.

A

Specify a maximum password age.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

You enable the audit of successful and failed policy changes. Were can you view entries related to policy change attempts?

Application event log
System event log
Directory services event log
Security event log

A

Security event log

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

Which would you audit to detect attempts to guess user passwords?

Logon/logoff successes
Object access failures
Object access successes
Logon/logoff failures

A

Logon/logoff failures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

You want to implement a consistent audit policy for your Active Directory domain. Which should you use?

Group Policy editor
Services utility
Computer properties
Security Account Manager (SAM)

A

Group Policy editor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

Object access auditing is used to monitor:

which users log on to the network.
the amount of CPU usage.
which users open specific files.
the amount of memory usage.

A

which users open specific files.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

For what purpose would you use security auditing to audit logon events?

To detect a possible password attack
To ensure that only authenticated users are accessing the network
To determine a user’s effective permissions
To know when to reset a user’s password

A

To detect a possible password attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

When you implement a security auditing policy,:

policies are applied at the user level.
all potential security breaches are recorded in the Application log.
auditing is performed only for logged on users.

A

policies are applied at the user level.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

Implementing security auditing allows you to:

force users to use strong passwords.
implement a key logger.
determine if a security breach has occurred.
encrypt files to prevent unauthorized access.
provide physical security for your network.

A

determine if a security breach has occurred.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

You normally log on a s a standard user. You need to occasionally run programs that require administrator privileges. You want to keep the potential security risk to a minimum. What should you do?

Log off and log on as a local administrator.
Log off and log on as a domain administrator.
Use Run As to launch the programs.
Disable User Account Control (UAC).

A

Use Run As to launch the programs.

50
Q

Which is an example of biometric security?

Strong password
Fingerprint scan
Smart card
Locked room

A

Fingerprint scan

51
Q

Smart cards:

are typically used to support logon and authentication without any user interaction.
are typically used as a part of a multifactor authentication solution.
are necessary when using Kerberos.
are necessary when implementing Public Key Infrastructure (PKI) security.

A

are typically used as a part of a multifactor authentication solution.

52
Q

What are two features of a public key in asymmetric encryption? (Choose two)

It is used to decrypt data.
It is seen only by the key's owner.
It is used to encrypt data.
It is distributed by certificate.
It is not related to any private key.
A

It is used to encrypt data.

It is distributed by certificate.

53
Q

To implement multifactor authentication you should use:

a smart card and a PIN.
a username and password.
encryption.
a biometric input device.

A

a smart card and a PIN.

54
Q

The term mutual authentication refers to:

requiring users to provide more than one piece of information to authenticate.
users being authenticated with the server and vice versa.
using biometrics to implement authentication.
forcing users to use more complex passwords.

A

users being authenticated with the server and vice versa.

55
Q

You work as a security analyst for your company. As part of the company’s latest security initiative, all users are required to authenticate to network resources with a second authentication method. All user computers run Windows 8.1 Enterprise Edition. The company’s CIO states that she wants to implement virtual smart cards for all corporate employees. You need to analyze the existing environment to identify solution prerequisites. Which of the following is a requirement for implementing virtual smart cards?

All computers must use BitLocker Drive Encryption.
All employeeds must be issued physical cmart cards.
All computers must be upgraded to Windows 10.
All computers must have an onboard TPM chip.

A

All computers must have an onboard TPM chip.

56
Q

Which protocol can centralize authentication for dial-up, VPN, and IEEE 802.11 Wi-Fi access connections?

EFS
AAA
RADIUS
SSTP

A

RADIUS

57
Q

A website requires a user to enter both a password and a text message-based personal identification number (PIN). Which type of authentication does that website use?

delegation
multifactor authentication
Kerberos authentication
single-sign on

A

multifactor authentication

58
Q

All users have been denied all permissions to a file. You need to access the file as quickly as possible. you are logged on as an administrator. What should you do first?

Copy the file to a different folder with less restrictive permissions.
Change the file permissions.
Restore from the most recent backup.
Take ownership of the file.

A

Take ownership of the file.

59
Q

When securing your network, you would disable inheritance to:

prevent folder permissions on a folder from being used for subfolders.
ensure that users periodically change their passwords.
reduce the likelihood of dictionary attacks.
ensure that all users must enter credentials to log in.

A

prevent folder permissions on a folder from being used for subfolders.

60
Q

You would use a security group to:

allow only specific users to access specific network resources.
ensure that data on laptops is not compromised if the laptop is stolen.
encrypt files stored on the file system.
authenticate users.

A

allow only specific users to access specific network resources.

61
Q

You administer your company’s Windows Server 2012 R2 file server. The file server has two NTFS data volumes, D: and E:. You move a file from drive D: to drive E:. What happens to the file’s original permissions?

All permissions are removed from the file.
Administrative permissions are applied to the file.
Permissions are inherited from the destination folder.
Permissions are retained from the source folder.

A

Permissions are inherited from the destination folder.

62
Q

You work as a domain administrator for your company. All user computers in the organization run Windows 10 Enterprise Edition. One of the company’s employees modified the NTFS permissions on her network-based project folder in such a ways that no administrator has access. You need to ensure that you and other domain administrators can access the employee’s project folder. What should you do first?

Edit the permissions of the folder.
Audit object access to the folder.
Decrypt the folder.
Take ownership of the folder.

A

Take ownership of the folder.

63
Q

What is the minimum shared folder permission that is required for a user to delete a file?

List folder contents
Change
Full Control
Read and Execute

A

Change

64
Q

What will happen when you move a file you encrypted through the encrypting file system (EFS) to an unencrypted folder on an NTFS partition?

An error is generated.
The file remains encrypted.
The file is automatically decrypted.
You are prompted to decrypt the file.

A

The file remains encrypted.

65
Q

A laptop computer running Windows Server 2008 does not have Trusted Platform Module (TPM) installed. you want to protect the data on the computer in case the computer is stolen. Which action should you take?

Install and configure TPM.
Manually encrypt all system files.
Configure Encrypting File System (EFS).
Install and configure BitLocker.

A

Install and configure BitLocker.

66
Q

Which type of certificate authority (CA) issues its own certificates?

Issuing CA
Subordinate CA
Root CA
Policy CA

A

Root CA

67
Q

In which situation would you typically use a stand-alone certificate authority (CA) in your public key infrastructure (PKI) design?

When creating a hierarchy with a third party root.
When issuing certificates to users outside of your domain.
When deploying multiple root CAs in a single domain.
When creating a trust infrastructure between root and subordinate CAs.

A

When issuing certificates to users outside of your domain.

68
Q

Which technology is used to provide file encryption for removable storage devices?

DFS
BitLocker To Go
BitLocker
EFS

A

BitLocker To Go

69
Q

You are a network administrator. you have enabled encryption for a file that is located in a shared folder. What does this ensure?

That the file can only be read by users who are allowed to do so
That the file is marked with the Read-Only attribute
That the file cannot be written to a removable storage device
That the file can only be added as an e-mail attachment

A

That the file can only be read by users who are allowed to do so

70
Q

Using Trusted Platform Module (TPM) ensures:

hardware encryption of data.
a dedicated firewall.
protection from a brute force attack.
data availability.

A

hardware encryption of data.

71
Q

Monitoring network communications to collect information about the network and collect the content of network packets is known as:

sniffing
spoofing
hijacking
flooding

A

sniffing

72
Q

Which is used to validate DNSsec responses?

Desitnation port
Digital signature.
Responding server IP address
Domain IPSec policy

A

Digital signature.

73
Q

Tunneling:

ensures that data packets are encrypted.
encapsulates packets of one protocol inside another protocol.
must be used to communicate over the Internet.
is only used for remote client connectivity.

A

encapsulates packets of one protocol inside another protocol.

74
Q

Which uses digital signaures to provide security for DNS communications and helps to minimize the likelihood of man-in-the-middle attacks?

IPsec
SSL
HTTPS
DNSsec

A

DNSsec

75
Q

For what purpose is a network sniffer used?

To test network connectivity
To capture network transmissions
To audit users who log on to the network
To ensure that only compliant computers log on to the network.

A

To capture network transmissions

76
Q

Which would reduce the likelihood of a sniffer attack?

Implementing a security group
Implementing EFS
Encrypting data transmitted over the network
Performing regular virus scanning

A

Encrypting data transmitted over the network

77
Q

In which situation would you use a Class 1 firewall?

To protect a perimeter network.
To establish a screened subnet.
To create an Internet gateway.
To provide protection for an individual client.

A

To provide protection for an individual client.

78
Q

Software firewalls:

cannot support NAT.
operate as host firewalls only.
must be deployed on the internal network.
are configured from software included with the operating system.

A

are configured from software included with the operating system.

79
Q

Which firewall inspection method logs outgoing connections and checks incoming traffic against that log?

Port filtering
Stateful inspection
Application layer filtering
Circuit-level inspection

A

Stateful inspection

80
Q

What is the primary purpose of a firewall?

To monitor security policy compliance
To prevent users from running specific programs
To store all user data on the file system in an encrypted form
To protect the network by restricting incoming and outgoing network traffic

A

To protect the network by restricting incoming and outgoing network traffic

81
Q

Windows Firewall is a:

hardware firewall.
stateful software firewall.
means of physically protecting a Windows server.
stateless software firewall.

A

stateful software firewall.

82
Q

Which is used to implement packet filtering of packets sent from and received on the network?

A SmartScreen filter
A firewall
MAC filtering
A whitelist

A

A firewall

83
Q

What kind of data does a stateless firewall use to determine which network frames to allow or block?

source and destination IP addresses
forged communications
signature databases
end-to-end traffic streams

A

source and destination IP addresses

84
Q

A computer that is designed to entice hackers to attack it is known as a:

proxy
firewall
honeypot
VLAN

A

honeypot

85
Q

You are setting up server isolation in an Active Directory domain to limit access to select domain members only. You will need to configure:

fiber optic cabling.
a dedicated router.
a virtual local area network (VLAN).
Group Policy settings.

A

Group Policy settings.

86
Q

You want to configure clients and servers in different geographic locations on your network as if they were all part of the same subnet. You need to set up a:

demilitarized zone (DMZ)
virtual private network (VPN)
wide area network (WAN)
virtual local area network (VLAN)

A

virtual local area network (VLAN)

87
Q

You want to provide public access to a Web server. Visitors to the Web server should not have access to your internal network. You need to configure:

an Active Directory domain.
a virtual local area network (VLAN).
a virtual private network (VPN).
a perimeter network.

A

a perimeter network.

88
Q

For what purpose would you use a VPN?

To ensure that users only have read access to folders
To verify that a user’s credentials are valid
To allow corporate users to securely access your internal network from a remote location
To ensure that only specific users can connect to your LAN

A

To allow corporate users to securely access your internal network from a remote location

89
Q

Which is used for the sole purpose of intrusion detection?

A distribution group
An encryption algorithm
A security group
A honeypot

A

A honeypot

90
Q

You have a Web server on your network that will be Internet facing. You need to allow external users to access the Web server, but protect the internal network. What should you use?

Security group
VPN
WLAN
DMZ
Domain isolation
A

DMZ

91
Q

You are a network administrator for your organization. The corporate help desk receive several customer complaints that visits to your organization’s public website redirected them to a known malware site. You need to mitigate this type of network attack. Which technology should you implement?

DNSSEC
VPN
NAP
IPSec

A

DNSSEC

92
Q

Which of the following is an IPSec protocol that provides data confidentiality in addition to authentication?

AH
DNSSEC
PPTP
ESP

A

ESP

93
Q

Your network includes several client computers running Windows XP Service Pack (SP) 2. Which action must you take (at minimum) before the clients can be made Network Access Protection (NAP) compliant?

Upgrade to Windows Vista.
Remove SP2.
Apply Windows XP SP3.
Migrate to Windows 7 Ultimate.

A

Apply Windows XP SP3.

94
Q

Network Access Protection (NAP) is able to check the status of:

password policies.
file and folder access permissions.
user type and effective user permissions.
Windows updates, firewall protection, spyware protection, and antivirus protection.

A

Windows updates, firewall protection, spyware protection, and antivirus protection.

95
Q

Which is the role of a Health Registration Authority (HRA) in Network Access Protection (NAP)?

Validating and requesting a health certificate for compliant clients.
Issuing a statement of health (SoH) for each client.
Saving client health requirements.
Performing client remediation.

A

Validating and requesting a health certificate for compliant clients.

96
Q

To deploy Network Access Protection (NAP), you must have:

a NAP health policy server.
a WSUS server.
all clients configured to use dynamic IP addresses.
a software firewall.

A

a NAP health policy server.

97
Q

You need to ensure that only specific computers are allowed to access specific network resources. What should you use?

DNS
DHCP
EFS
NAP

A

NAP

98
Q

You have a server running Windows Server 2008. you want to deploy NAP to enforce compliance for client computers on the network. Which client operating systems are supported?

Windows XP SP2 or later, Windows Vista, and Windows 7
Only Windows Vista and Windows 7
Only Windows 7
Windows XP SP3 or late, Windows Vista, and Windows 7

A

Windows XP SP3 or late, Windows Vista, and Windows 7

99
Q

Which DNS record is used to prevent hackers from using your network’s e-mail servers as a platform for sending spam with your domain address?

SPF
PTR
SOA
CNAME
MX
A

SPF

100
Q

You regularly do business with the Web site www.bcdtrain.com. You receive an e-mail addressed from bcdtrain.com with a link to verify your account information. When you check the link, you find it actually points to www.fi-print.com. Which type of attack is this?

Malware
Pharming
Phishing
Denial of service

A

Phishing

101
Q

In e-mail, spoofing occurs when:

the e-mail contains unsolicited business offers.
the network mail server is overwhelmed by incoming traffic.
the sender uses a fake From address.
the attachments are actually Trojan horses.
the recipient is tricked into revealing confidential information.

A

the sender uses a fake From address.

102
Q

You use Microsoft outlook as the e-mail client for your company. you use an external e-mail server provided by your Internet service provider. You want to prevent virus infection on computers in your Active Directory domain. Which action would be the most effective?

Install an antivirus programs on each client computer.
Rely on server antivirus scanning.
Configure Junk mail settings on each computer.
Create and deploy a Junk e-mail settings Group policy Object (GPO)

A

Install an antivirus programs on each client computer.

103
Q

A spoofed e-mail is a message:

recieved from a sender on the blacklist.
that will always be detected and blocked by anti-spam filters.
that has a false sender address.
received from a sender on the whitelist.

A

that has a false sender address.

104
Q

Which contains a list of e-mail addresses and domains that the anti-spam filter should always assume to be spam?

Blacklist
Whitelist
SmarScreen Filter
Firewall rule

A

Blacklist

105
Q

What benefit do SPF records provide?

They ensure that all network users have antivirus software installed.
They provide e-mail protection from spoofing and phishing.
They prevent unauthorized clients from logging on.
They provide protection from brute force attacks.

A

They provide e-mail protection from spoofing and phishing.

106
Q

You want to ensure that mobile clients receive timely operating system updates. Some clients rarely connect to the internal business network. Which should you use?

Configuration Manager
Windows Update Agent (WUA)
Windows Server Update Services (WSUS)
Systems Management Server (SMS)

A

Windows Update Agent (WUA)

107
Q

How are software restriction policies used?

To control which software a user can execute.
To control which users can run administrative utilities.
To control which software a user can install or uninstall.
To control which Web sites a user can visit.

A

To control which software a user can execute.

108
Q

When you enable User Access Control (UAC):

standard users are prevented from logging on.
all standard and administrative users run standard applications with standard application permissions.
all standard users are given access to all administrative functions.
administrative users are prevented from logging on.

A

all standard and administrative users run standard applications with standard application permissions.

109
Q

What would be the best approach to minimize the likelihood of a client computer being infected with a virus?

Keep all ports open on the corporate firewall.
Implement InPrivate Browsing.
Restrict the attachments that an e-mail user can receive.
Require each user to set up a quarantine area.

A

Restrict the attachments that an e-mail user can receive.

110
Q

Which feature can provide elevation of privileges if an action requires administrative level access?

NTFS permissions
NAP
Administrative Tools
UAC

A

UAC

111
Q

you need to implement security measures to provide maximum protection for client computers. What is one thing you should do?

Close all ports on the firewall.
Implement a read-only domain controller.
Ensure that all computers have the most recent updates.
Create a perimeter network.

A

Ensure that all computers have the most recent updates.

112
Q

You have a training room with 10 computers. You need to be able to eontrol what software can be run by specific users logging on to the computers. What should you use? (Choose two.)

Software restriction policies
Network Access Protection
SmartScreen Filtering
A firewall filter
AppLocker
A

Software restriction policies

AppLocker

113
Q

You are the security administrator for your company. All users have company-issued laptop computers running Windows 10 Enterprise Edition. The corporate network is organized as a single Active Directory Domain Services (AD DS) domain. You need to enforce a new security policy that requires that all locally cached corporate network data is protected against unauthorized access. What should you do?

configure Windows PowerShell to use the Restricted execution policy.
Configure Windows Firewall to encrypt each user’s home folder.
Configure Group policy to encrypt Offline Files.
Configure Windows Update to encrypt downloaded updates.

A

Configure Group policy to encrypt Offline Files.

114
Q

Which Microsoft technology employs application whitelisting to protect a network?

SCOM
App-V
NAP
AppLocker

A

AppLocker

115
Q

Microsoft Security Baseline Analyser (MSBA) is used to:

identify security misconfigurations and missing security updates on network computers.
determine whether or not network computers have an up-to-date antivirus program installed.
verify that network computer security configurations match administrator-specific configuration requirements.
directly install missing security updates and service packs to network computers.

A

identify security misconfigurations and missing security updates on network computers.

116
Q

Which users can administer a read-only domain controller (RODC)?

Delegated standard domain users and domain administrators.
Local administrators only.
Any domain users.
Domain administrators only.

A

Delegated standard domain users and domain administrators.

117
Q

Which protocol is used for smart card interactive logon to the local Windows Active Directory domain?

EAP-TLS
Kerberos
Digest
NTLM

A

Kerberos

118
Q

you need to ensure that all security updates have been applied to one of your servers. What should you use?

A RADIUS server
Windows Deployment Services
Microsoft Baseline Security Analyzer
ScanState.exe

A

Microsoft Baseline Security Analyzer

119
Q

The process of making changes to the operating system, network, or applications in order to reduce vulnerability is referred to as:

Patching
Auditing
Pharming
Hardening

A

Hardening

120
Q

Which represents a security threat to your DNS environment?

Footprinting
SSID broadcasting
Nonrepudiation
Rogue access point

A

Footprinting

121
Q

For what purpose would you deploy an RDOC?

To allow a server that contains sensitive information to only be accessed by specific users
To prevent illegal DNS zone transfers
To secure dynamic DNS updates
To restrict domain controller access for a physically unsecure remote location.

A

To restrict domain controller access for a physically unsecure remote location.