Windows Security

Question 1

Windows local sign in

Answer 1

Uses LSA (Local Security Authority)
Aka interactive login

Question 2

SAM database

Answer 2

Security Accounts Manager database
Stores credentials for local login

Question 3

Network sign in

Answer 3

Uses Kerberos
TGT system

Question 4

Remote sign in

Answer 4

Uses VPN or web portal
SSL/TLS

Question 5

Windows hello

Answer 5

Facial recognition
Fingerprint
Pin (stored on tpm and encrypted)

Question 6

SSO authentication

Answer 6

One sign on authenticates multiple services or apps
(used in a domain or cloud)

Question 7

Local account

Answer 7

Only exists on one computer
Stored in SAM (security account manager)
Inside of HKEY_LOCAL_MACHINE registry

Question 8

Microsoft account

Answer 8

Created online
Can be used to sign in to multiple devices

Question 9

Domain account

Answer 9

Works like a local account but stored inside of Active Directory

Question 10

4 basic user groups in windows

Answer 10

User
Admin
Guest (disabled)
Power

Question 11

UAC

Answer 11

User account control
Windows feature to protect against malicious programs

Admins run programs with user permissions so programs don’t get root privileges

Question 12

(EFS) encrypting file system

Answer 12

NTFS feature (data at rest)
Single file or folder encryption

Question 13

BitLocker and BitLocker to go

Answer 13

Full disk encryption
Removable encryption

Question 14

NTFS file permissions
(Security and share tabs)

Answer 14

Can be set for local and network file and folder

Can assign users or groups

Implicit and explicit permissions

Question 15

Viruses and malware are caught using signature patterns called..

Answer 15

Definitions

Question 16

Heuristical scanning

Answer 16

Antivirus that looks at behaviors

Question 17

Windows defender firewall

Answer 17

Host based or software based firewall