CET 1168-C Chapter 12: Manage Security
You have a public computer named Public1 that runs Windows 10. Users use Public1 to browse the internet by using Microsoft Edge. You need to view events associated with website phishing attacks on Public1.Which Event Viewer log should you view?
Applications and Services Logs > Microsoft > Windows > SmartScreen > Debug
Diego has the Windows 10 Home edition installed on his personal laptop. As an avid gamer, he prefers having his computer update with the latest feature updates from Microsoft. He usually plays games at specific times, and he wants to prevent his computer from restarting to install an update during these time slots.Which of the following Windows Update settings should Diego modify?
Change active hours Download updates over metered connections Correct. When you define active hours, your computer will not be automatically restarted during those active hours. You can change these active hours to match when you use the device so that it does not restart when you want to use it.
Oshane is configuring security settings on his computer. Recently, his friend's computer was attacked by malware that encrypted data on all the hard disks and demanded a cryptocurrency ransom to decrypt this data.Which of the following options in Windows 10 is the best option to help Oshane avoid a similar situation? Windows Defender Smartscreen ---0 Windows Defender Application Guard Controlled folder access Secure boot
Controlled folder access Correct. To protect his Windows 10 computer against ransomware, Oshane should use controlled folder access. This will not prevent him from opening a data file using Word or Excel, but it does stop unknown applications from modifying or deleting files.
The process of taking data and rendering it unreadable is known as which of the following?
Encryption Correct. Encryption is the process of taking data and rendering it unreadable.
You need to enable Windows Defender Credential Guard on computers that run Windows 10.What should you install on the computers?
Hyper-V
Shawn signs into a Windows 10 system with administrative user privileges. The system has UAC enabled. Shawn accidently launches a malicious application that is infected with malware.If the malware is able to access and corrupt the system files, which of the following must be true?
On a prompt to continue or cancel running the program, Shawn selected to continue. Correct. Admin Approval Mode ensures that the access token with administrative privileges is used only when required. When you use an application that requires administrative privileges, you are prompted to continue or cancel running the program with administrative privileges. If you select to continue, the program is run using the access token with administrative privileges.
You are the administrator for StormWind Studios. You are trying to set up your Windows Defender Firewall to allow FTP traffic. Which two port numbers would you setup?
Port 20 and 21 To configure your Windows Defender Firewall to allow FTP traffic, you would set up ports 20 and 21. Port 25 is for mail and Port 53 is for DNS. Port 80 is HTTP, and Port 443 is for HTTPS.
You are the administrator for StormWind Studios. You are trying to set up your Windows Defender Firewall to allow SMTP inbound and outbound rules. Which port number would you setup?
Port 25 To configure your Windows Defender Firewall to allow SMTP inbound and outbound traffic, you would set up port 25. Port 20 is for FTP data, Port 53 is for DNS, and Port 80 is HTTP.
You are the administrator for StormWind Studios. You are trying to set up your Windows Defender Firewall to allow DNS inbound and outbound rules. Which port number would you set up?
Port 53 To configure your Windows Firewall to allow DNS inbound and outbound traffic, you would set up port 53. Port 20 is for FTP data, port 25 is for SMTP (mail), and port 80 is HTTP.
TropicMaze is a manufacturer of processed foods. The packaging at the plant is automated by machines that are controlled by a Windows 10 computer.Which of the following indicates that this computer receives updates using Long Term Servicing Branch? The operating system on the computer will receive Windows Updates for 10 years. The computer receives Windows Updates at irregular intervals. The updates applied to the operating system come with version numbers such as 1909. The computer receives the latest feature updates from Microsoft every six months.---0
The operating system on the computer will receive Windows Updates for 10 years. Correct. Long Term Servicing Branch is a specific edition of Windows 10 that does not receive feature updates. Windows Updates are provided for Long Term Servicing Branch for 10 years.
You have an Azure Active Directory (Azure AD) tenant and 100 Windows 10 devices that are Azure AD joined and managed by using Microsoft Intune. You need to configure Microsoft Defender Firewall and Microsoft Defender Antivirus on the devices. The solution must minimize administrative effort. Which two actions should you perform? Each correct answer presents part of the solution
To configure Microsoft Defender Antivirus, create a device configuration profile and configure the Endpoint protection settings.
You are the administrator for a large organization and all computers run Windows 10. These computers are all joined to Microsoft Azure Active and all computers are enrolled in Microsoft Intune with EMS. You need to ensure that all applications installed on the Windows 10 systems are only applications that are approved by the IT department. What should you implement to ensure this?
Windows Defender Application Control Administrators can use Windows Defender Application Control to ensure that only applications that you explicitly allow can run on Windows 10 computers.
You are the administrator for an organization with 275 computers that all run Windows 10. These computers are all joined to Microsoft Azure Active and all computers are enrolled in Microsoft Intune with EMS. You need to make sure that only approved applications are allowed to run on all of these computers. What should you implement to ensure this?
Windows Defender Application Control Administrators can use Windows Defender Application Control to ensure that only applications that you explicitly allow can run on Windows 10 computers.
You have 200 computers that run Windows 10. The computers are joined to Microsoft Azure Active Directory (Azure AD) and enrolled in Microsoft Intune.You need to ensure that only applications that you explicitly allow can run on the computers.What should you use?
Windows Defender Application Guard
You are the administrator for an organization where all computers run Windows 10. You need to make sure that critical files are isolated so that only system software with privileges can access those critical files. What should you implement to ensure this?
Windows Defender Credential Guard Administrators can use Windows Defender Credential Guard to help isolate critical files so that only system software with proper privileges can access those critical files.
You have a shared computer that runs Windows 10. The computer is infected with a virus.You discover that a malicious TTF font was used to compromise the computer. You need to prevent this type of threat from affecting the computer in the future.What should you use?
Windows Defender Exploit Guard
You have computers that run Windows 10 and are managed by using Microsoft Intune.Users store their files in a folder named D:\Folder1.You need to ensure that only a trusted list of applications is granted write access to D:\Folder1.What should you configure in the device configuration profile?
Windows Defender Exploit Guard
You are the IT Manager for ProfTaylor.com (Links to an external site.). The company has an Active Directory domain and a cloud-based Azure Active Directory. You need to protect your systems from common malware hacks that use executable files and scripts that attack applications like Microsoft Office (for example, Outlook). What do you need to do to accomplish this?
Windows Defender Exploit Guard Windows Defender Exploit Guard helps protect your system from common malware hacks that use executable files and scripts that attack applications like Microsoft Office (for example, Outlook). Windows Defender Exploit Guard also looks for suspicious scripts or behavior that is not normal on the Windows 10 system.
You are the administrator of a large publishing company. All of your corporate machines run Windows 10. You need to ensure that no software will affect the Windows 10 machines from common malware hacks that use executable files and scripts to attack applications. What should you use?
Windows Defender Exploit Guard Windows Defender Exploit Guard helps protect your system from common malware hacks that use executable files and scripts to attack applications like Microsoft Office (for example, Outlook). Windows Defender Exploit Guard also looks for suspicious scripts or behavior that is not normal on the Windows 10 system.
You are the administrator of a large training company. All of your machines run Windows 10. You have a Windows 10 machine that has a virus that was caused by a malicious font. You need to stop this type of threat from affecting your corporate computers in the future. What should you use?
Windows Defender Exploit Guard Windows Defender Exploit Guard helps protect your system from common malware hacks that use executable files and scripts to attack applications like Microsoft Office (for example, Outlook). Windows Defender Exploit Guard also looks for suspicious scripts or behavior that is not normal on the Windows 10 system.
You are the IT Director for a large school system. You need to set up inbound and outbound rules on the Windows 10 machines. What do you need to do to accomplish this?
Windows Defender Firewall with Advanced Security Windows Defender Firewall with Advanced Security allows you to set up inbound and outbound rules by using Windows Firewall.
Your network contains an Active Directory domain that is synced to Microsoft Azure Active Directory (Azure AD). The domain contains computers that runWindows 10. The computers are enrolled in Microsoft Intune and Windows Analytics.Your company protects documents by using Windows Information Protection (WIP).You need to identify non-approved apps that attempt to open corporate documents.What should you use?
the App protection status report in Intune