Windows OS Security Settings Flashcards

1
Q

Which of the following answers refers to a built-in MS Windows account with complete and unrestricted system access?

A

Admin

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which user group in Windows (applies to Windows 7 and earlier versions) had rights and permissions that allowed its members to perform specific administrator-level tasks?

A

Power users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

In MS Windows environments, Guest account is an account for users who do not have a permanent account on a Windows computer or domain. People using this type of account cannot install software or hardware, change settings, create passwords, or access protected files and folders. However, because the Guest account allows the user to log on to a network, browse the Internet, and shut down the computer, it is recommended to keep it disabled when it isn’t being used.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the default local groups in Microsoft Windows has the least amount of system access privileges?

A

Guests

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the user groups in Windows 7/8/8.1/10 can use most software and change system settings that don’t affect other users or computer’s security?

A

Standard Users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What statement describe NTFS permissions in MS Windows? [2]

A
  • Apply to both network and local users

- Can be applied to a folder or individual file

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What statements describe share permissions in MS Windows? [2]

A
  • Apply only to network users

- Can be set on a folder level

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A Windows resource with conflicting NTFS and share permissions applied to it will assume:

A

The most restrictive permission

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

The share permissions on a shared Windows folder grant the user Read access and the local NTFS permissions grant the user Modify access. Which of the following are the effective user permission levels? [2]

A
  • Read when accessing the share remotely

- Modify when accessing the folder locally

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

The share permissions on a shared Windows folder grant the user Full Control access and the local NTFS permissions grant the user Read access. Which of the following are the effective user permission levels? [2]

A
  • Read when accessing the share remotely

- Read when accessing the folder locally

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

In NTFS, permissions inherited from a parent object (e.g. a folder or user group) take precedence over permissions applied directly to an object (explicit permissions).

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is the correct hierarchy of precedence for permissions settings in NTFS?

A

Explicit Deny -> Explicit Allow -> Inherited Deny -> Inherited Allow

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

In NTFS, a folder or file moved from one location to another on the same volume inherits the permissions of its new parent folder.

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

In NTFS, a folder or file copied from one location to another on the same volume retains its original permissions.

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

In NTFS, a folder or file copied or moved from one location to another on a different volume inherits permissions of its new parent folder.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

In MS Windows, the attrib command is used to display or change file attributes. Some of the available options for this command include read-only (R), archive (A), system (S), and hidden (H). With attrib, the “+” symbol sets an attribute for a file, the “-“ sign removes the attribute.

A

True

17
Q

Which of the following answers lists the correct syntax for applying the read-only attribute to a file?

A

attrib +R [drive:] [path] [filename]

18
Q

In the context of MS Windows system management, the term “Administrative share” refers to a hidden network share on a local computer designed to be accessed remotely by network administrators.

A

True

19
Q

Which of the following are examples of administrative share names in Windows? [2]

A
  • print$

- IPC$

20
Q

Permission propagation occurs when a folder or file created inside another folder takes on (inherits) permissions applied to that folder (permissions applied to the so-called parent folder propagate down to its child objects, i.e. folders and files created inside the parent folder).

A

True

21
Q

A type of critical file that a computer system depends on to operate properly is known as a system file. In Microsoft Windows, system files are hidden by default; they might also have Read-only attribute turned on to prevent accidental changes to the file contents. Windows system files can be permanently displayed in Windows Explorer (Windows 7), or File Explorer (Windows 8/8.1/10) after modifying file and folder settings in the Folder Options applet in Windows 7 Control Panel, or File Explorer Options applet in Windows 8/8.1/10 Control Panel.

A

True

22
Q

Which of the following steps enable displaying protected system files in Windows 7? [2]

A
  • Control Panel -> Folder Options -> View tab -> Advanced settings -> clear the checkbox next to Hide protected operating system files
  • Control Panel -> Folder Options -> View tab -> Advanced settings -> select Show hidden files, folders, and drives
23
Q

Which of the following steps enable displaying protected system files in Windows 8/8.1/10? [2]

A
  • Control Panel -> File Explorer Options -> View tab -> Advanced settings -> select Show hidden files, folders, and drives
  • Control Panel -> File Explorer Options -> View tab -> Advanced settings -> clear the checkbox next to Hide protected operating system files
24
Q

An authentication subsystem that enables a user to access multiple, connected system components (such as separate hosts on a network) after a single login on only one of the components is known as:

A

SSO

25
Q

Which of the following authentication protocols can be used to enable SSO in Windows-based network environments?

A

Kerberos

26
Q

The “Run as administrator” option in MS Windows allows users with lower-level permissions to perform tasks reserved for system administrators. This feature requires providing Administrator account credentials and temporarily elevates the current user’s privileges to perform a given task. It also simplifies common system tasks, such as installation of new software, which would otherwise require logging out and switching to an admin account.

A

True

27
Q

Which of the following actions in Windows allow to invoke the User Account Security (UAC) access control feature and run an application with administrator account permissions? [3]

A
  • Right-click on an application icon -> select Run as administrator from the pop-up menu
  • In Windows Start menu press and hold Control + Shift keys -> Left-click on an application icon
  • Launch Windows Run dialog box (Windows logo key + R) -> type in the application’s name -> press Control + Shift + Enter
28
Q

What is the name of a Microsoft Windows feature that allows for encrypting entire drives?

A

Bitlocker

29
Q

A Microsoft Windows feature specifically designed to enable encryption of removable drives is known as:

A

BitLocker To Go

30
Q

Premium versions of the Microsoft OS contain a built-in component that enables encryption of individual files. This feature is known as:

A

Encrypting File System (EFS)