Chapter 13.9.6 Practice Questions
You use a Windows system that is a member of a domain. The computer is used by several different users belonging to different groups. You have a custom application on the computer, and you want to configure the firewall as follows: -Allow a specific port used by the application. -Open the port only for members of the Sales group. Using Windows Firewall with Advanced Security, what should you do to configure the firewall with the least effort possible?
Add an outbound rule. Require only secure connections for the rule, and add the Sales group to the list of authorized groups.
Which of the following best describes IPsec?
Is used to secure IP communication between network hosts
When setting up a connection security rule, which authentication method requires both computers to be in the same Active Directory forest?
Kerberos
You want to disable all outbound firewall rules using a PowerShell cmdlet. Which command should you use?
disable-netfirewallrule -Direction Outbound
You want to display a list of all disabled firewall rules in PowerShell. Which command should you use
get-netfirewallrule -Enabled False
Your corporate security policy states that a specific connection-oriented application must be blocked from accessing the internet. You must use Windows Firewall with Advanced Security to complete the task. What should you do?
Create an outbound rule blocking the corresponding TCP port on each machine.
As part of your security auditing strategy, you would like a Windows 10 notebook system to record packets that have been dropped by firewall rules on your computer. You want to record only the packets dropped on public interfaces. You do not want to record information about allowed packets. What should you do?
In Windows Firewall with Advanced Security, configure logging for the public profile.
You have a notebook system that is used both on public networks and on your private company network. The private network contains FTP servers that hold sensitive data. To protect the data, you need to ensure that the computer can connect to FTP servers only while it is connected to the private work network. What should you do?
In Windows Firewall with Advanced Security, create a new rule.
You need to create an exception in a Windows 10 workstation's firewall that will allow externally initiated Remote Desktop sessions through. You want to do this from within a PowerShell session. Which command should you use?
New-NetFirewallRule -DisplayName "Allow Remote Desktop" - Direction Inbound -LocalPort 3389 -Protocol TCP -Action Allow
You manage several Windows systems that are connected to the network as shown. Both Comp1 and Comp2 are configured to use static IP addresses. To test the connection between the computers, you enter ping 192.168.23.38 on Comp1's Command Prompt; however, the ping is unsuccessful and times out. You then use the ping 192.168.23.231 command on Comp2's Command Prompt, but the ping times out again. You need the ping commands to succeed between the two computers. What should you do?
Permit ICMPv4 traffic through the firewalls of both computers