True/False
Indicate whether the sentence or statement is true
or false.
|
|
|
1.
|
Implementing security always involves finding the right balance between both business
and technical factors.
|
|
|
2.
|
Trust
relationships require users in domain environments to authenticate themselves each time they wish to
access resources across other domains and forests.
|
|
|
3.
|
Users
should generally only be granted the lowest level of access to resources that they require to carry
out necessary functions.
|
|
|
4.
|
A
Windows Server 2003 environment does nothing to encrypt files or folders as they traverse a
network.
|
|
|
5.
|
Microsoft only sends critical updates to customers as e-mail
attachments.
|
|
|
6.
|
A
computer running Windows NT can take advantage of security template configurations and
deployments.
|
|
|
7.
|
Security templates can be applied to either the local machine or the
domain.
|
|
|
8.
|
Monitoring network events provides evidence of security breaches if or when they
occur.
|
|
|
9.
|
The
configuration of an audit policy is determined by the role of the computer on the
network.
|
|
|
10.
|
Auditing object access is always beneficial to system performance, and should be used
whenever possible.
|
Modified True/False
Indicate
whether the sentence or statement is true or false. If false, change the identified word or
phrase to make the sentence or statement true.
|
|
|
11.
|
Printer access settings extend the concept of access control to printers and
associated print devices. _________________________
|
|
|
12.
|
EFS
is only available for use with files stored on FAT32 partitions and volumes.
_________________________
|
|
|
13.
|
The
Security Configuration and Analysis tool uses a(n) database to store imported templates to be
compared to the current system. _________________________
|
|
|
14.
|
In
Windows Server 2003, the SECEDIT.EXE tool is used to manually refresh computer and user Group
Policy settings. _________________________
|
|
|
15.
|
Event Viewer is used to view the audit entries stored in the security
log. _________________________
|
|
|
16.
|
A(n)
log monitor defines the events on a network that Windows Server 2003 records in the
security log as they occur. _________________________
|
|
|
17.
|
For
domain controllers, audit policy settings are implemented via the Local Security Policy
applied to the Domain Controllers OU. _________________________
|
|
|
18.
|
To
configure an audit policy, the files and folders to be audited must reside on a(n) NTFS
volume. _________________________
|
|
|
19.
|
When
configuring auditing of object access, you should generally audit access by the All Users
group to ensure that all access attempts are recorded. _________________________
|
|
|
20.
|
Once
an audit policy has been created, an entry is written to the security log each time an event
occurs that is defined within the policy. _________________________
|
Multiple Choice
Identify the
letter of the choice that best completes the statement or answers the question.
|
|
|
21.
|
Windows Server 2003 _____ processes require a user to submit a valid user name and
password combination to gain access to desktop systems or domain environments. a. | encryption | c. | authentication | b. | security | d. | access control | | | | |
|
|
|
22.
|
_____
literally controls which users, groups, and computers can access resources, along with the level of
access granted. a. | Encryption | c. | Authentication | b. | Security | d. | Access control | | | | |
|
|
|
23.
|
If a
user only needs to be able to read a file and not make changes, they should be granted no more than
the _____ permission to that file. a. | Read | c. | Modify | b. | Write | d. | Execute | | | | |
|
|
|
24.
|
The
concept of only granting users the lowest level of resource access they require is known
as a. | access
restriction. | c. | low level
access. | b. | the principle of least
privilege. | d. | the principle of
resource restriction. | | | | |
|
|
|
25.
|
In
Windows Server 2003, the ability to encrypt confidential files is provided by a. | the Encryption
Access. | c. | Access
control. | b. | the Encrypting File System. | d. | the File Security System. | | | | |
|
|
|
26.
|
_____
is an open-standard security protocol used to encrypt the contents of packets sent across a TCP/IP
network. a. | NTFS | c. | IPSec | b. | EFS | d. | TCPIPSec | | | | |
|
|
|
27.
|
When
implemented between network clients and servers, IPSec is running in _____ mode, and can fully secure
communications sessions across a network. a. | open | c. | tunnel | b. | secure | d. | transport | | | | |
|
|
|
28.
|
_____
mode is when IPSec is used in such a way that data is secured between two pre-defined endpoints
only. a. | Open | c. | Tunnel | b. | Secure | d. | Transport | | | | |
|
|
|
29.
|
An
administrator can analyze policy settings by using the _____ command line utility. a. | SECEDIT | c. | ANALPOL | b. | GPUPDATE | d. | SECPOL | | | | |
|
|
|
30.
|
In
the Microsoft world, updates are released as _____ as soon as a security flaw or other issue is
identified and corrected. a. | service packs | c. | hot fixes | b. | system
updates | d. | bug
fixes | | | | |
|
|
|
31.
|
Service packs and hot fixes can be downloaded and installed via a. | email. | c. | Microsoft
executables. | b. | Windows Updates. | d. | network proxy. | | | | |
|
|
|
32.
|
The
Security Configuration Manager tools consist of _____ core components.
|
|
|
33.
|
_____
help(s) ensure that a consistent security setting can be applied to multiple machines and be easily
maintained. a. | Security
templates | b. | The Security Configuration and Analysis
tool | c. | Security
settings in Group Policy objects | d. | The SECEDIT command-line tool | | |
|
|
|
34.
|
A
computer running _____ can take advantage of security template configurations and
deployments. a. | Windows ME
| c. | Windows
NT | b. | Windows
98 | d. | Windows
2000 | | | | |
|
|
|
35.
|
When
Windows Server 2003 is installed, the default security settings applied to the computer are stored in
a template called a. | Security
Install.exe. | c. | Security
Setup.inf. | b. | Setup Security.inf. | d. | Default Security.exe. | | | | |
|
|
|
36.
|
The
purpose of the _____ template is to provide a single file in which all of the original computer
security settings are stored. a. | factory | c. | default | b. | incremental | d. | analysis | | | | |
|
|
|
37.
|
The
_____ template weakens the default security to allow legacy applications to run under Windows Server
2003. a. | Securews.inf | c. | Hisecws.inf | b. | Compatws.inf | d. | Iesacls.inf | | | | |
|
|
|
38.
|
The
_____ template contains settings to lock down Internet Explorer security settings. a. | Hisecws.inf | c. | Iesacls.inf | b. | Rootsec.inf | d. | Compatws.inf | | | | |
|
|
|
39.
|
The
_____ template should only be incrementally applied to domain controllers, which must be running
Windows 2000 or Windows Server 2003. a. | Securews.inf | c. | Rootsec.inf | b. | Compatws.inf | d. | Hisecdc.inf | | | | |
|
|
|
40.
|
The
_____ template is used in reapplying security permissions to resources on the system drive that have
been changed in one way or another. a. | Hisecws.inf | c. | Iesacls.inf | b. | Rootsec.inf | d. | Compatws.inf | | | | |
|
|
|
41.
|
To
apply a security template to a local machine, open the Local Security Settings MMC snap-in by
running a. | GPUPDATE.EXE. | c. | SECTEMP.MMC. | b. | SECPOL.MSC. | d. | SECTEMP.EXE. | | | | |
|
|
|
42.
|
_____
security settings are refreshed any time the machine is rebooted. a. | Local
Policy | c. | Group
Policy | b. | Initial System | d. | Incremental | | | | |
|
|
|
43.
|
Even
if there have been no changes to Group Policy, the security settings are refreshed
every a. | 30
minutes | c. | 8
hours | b. | 90 minutes | d. | 16 hours | | | | |
|
|
|
44.
|
The
_____ snap-in allows administrators to compare current system settings to a previously
configured security template. a. | Security Configuration and
Analysis | c. | Security
Templates | b. | Group Policy Object Editor MMC | d. | Local Security Policy | | | | |
|
|
|
45.
|
_____, along with the Task Scheduler, can ensure that every computer in the workgroup
maintains consistent security policy settings. a. | GPUPDATE | c. | SECSCHEDULE | b. | SECEDIT | d. | SECPOLICY | | | | |
|
|
|
46.
|
The
SECEDIT command uses _____ main switches.
|
|
|
47.
|
The
_____ SECEDIT switch configures a system with database and template settings. a. | /analyze | c. | /dbsettings | b. | /configure | d. | /validate | | | | |
|
|
|
48.
|
The
_____ SECEDIT switch examines database settings and compares them to a computer
configuration. a. | /configure | c. | /compare | b. | /validate | d. | /analyze | | | | |
|
|
|
49.
|
The
_____ SECEDIT switch creates a template that can be used to return to previous security settings in
the event that settings are changed. a. | /InitialSettings | c. | /GenerateRollback | b. | /compare | d. | /validate | | | | |
|
|
|
50.
|
_____
helps detect potential threats, increases user accountability, and provides evidence of security
breaches if or when they occur. a. | Monitoring | c. | Accounting | b. | Auditing | d. | Securing | | | | |
|
|
|
51.
|
_____
specific resources, such as printer and file shares, can tell you how often users are accessing
them. a. | Monitoring | c. | Accounting | b. | Auditing | d. | Securing | | | | |
|
|
|
52.
|
Which
of the following is first in the order in which Group Policy settings are applied? a. | Organizational
Unit | c. | Domain | b. | Local | d. | Site | | | | |
|
|
|
53.
|
Which
of the following comes last in the order in which Group Policy settings are applied? a. | Organizational
Unit | c. | Domain | b. | Local | d. | Site | | | | |
|
|
|
54.
|
_____
includes determining the computers for which auditing should be configured, what objects need to be
audited, the type of events to audit, and whether to audit the successes, failures, or
both. a. | Monitoring | c. | Planning | b. | Accounting | d. | Securing | | | | |
|
|
|
55.
|
By
default, the security log shows events that occurred on the a. | remote
host. | c. | domain
controller. | b. | local computer. | d. | monitored computer. | | | | |
|
Yes/No
Indicate whether you agree with the sentence or
statement.
|
|
|
56.
|
Is it
possible to allow users access to a network without authentication?
|
|
|
57.
|
Does
allowing users access to a network without authentication implement a secure policy?
|
|
|
58.
|
Does
Windows Server 2003 support the ability to encrypt even confidential files?
|
|
|
59.
|
Is it
easy to check the security settings for a network on a regular basis?
|
|
|
60.
|
Does
having more than one administrator in charge of applying and maintaining security settings make it
easier to keep track of configuration changes to the policy?
|
|
|
61.
|
If
there is a unique situation where a pre-configured template is not suitable, can you create a custom
security template to meet your needs?
|
|
|
62.
|
Is it
possible to begin auditing security events without setting up an audit policy?
|
|
|
63.
|
Is
file and folder auditing available on FAT volumes?
|
|
|
64.
|
Does
auditing unnecessary events increase system overhead?
|
|
|
65.
|
Can
auditing the use of user rights assignment help to make administrative users more accountable for
their actions?
|