ch 17

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Which remote access solution is built into macOS?

Screen Sharing

Administrative Templates are Registry-based settings that you can configure within a GPO to control a computer system and its overall user experience. Which of the following can you do with an Administrative Template? (Select two.)

Control notifications. Restrict access to Control Panel features.

After creating an FEK (file encryption key) for a file, what does EFS do next to add a greater level of security for the file?

EFS encrypts the FEK by creating a key pair (private and public).

In Windows, _____ apply to a folder or file that has NTFS inherited permissions disabled. Explicit permissions Equivocal permissions Rooted permissions Implicit permissions

Explicit permissions

When an administrator resets a user password with the Network Places Wizard tool, the user retains all EFS encrypted folders and files, as well as personal digital certificates, stored on a Windows 10/11 computer. True False

False

A _____ is a set of policies made by Group Policy and applied to an OU in Windows Server AD. GPO GPMC GUID SGID

GPO

What defines a collection of user groups and computers in Windows Server AD? Organizational Units Functional Units Administrative Units Operational Units

Organizational Units

Which of the following must be set up before you can register a facial or fingerprint scan for your account?

PIN

Which of the following was developed by Microsoft as one of the first VPN protocols and supports only TCP/IP?

PPTP

Windows 10/11 offers the _____ group only for backward compatibility with legacy applications. Power Guests Administrators Users

Power

Which remote access solution provides you with full remote access to the graphical desktop of a Windows system, including the ability to run programs, manipulate files, and restart or power down the computer?

Remote Desktop

You have used EFS to encrypt a directory of highly sensitive company files on your hard drive. You then decide to copy one of the files in the directory to a thumb drive to edit the files on a laptop computer while you are travelling to an industry conference. What is the result of copying the file to the thumb drive?

The file will no longer be encrypted.

Which of the following is true of Remote Assistance?

The user initiates the session.

Which of the following components is a special hardware chip included on a computer's motherboard that contains software that generates and stores cryptographic keys?

Trusted Platform Module (TPM)

When NTFS and share permissions are used on the local file server, can a user signed in on a Windows 10 Home computer access these shares? No, Windows 10 Home does not have the Local Users and Groups console. No, Windows 10 Home does not support NTFS permissions. Yes, the user is authenticated on the file server to access its shares. Yes, Windows 10 Home can join a Windows domain.

Yes, the user is authenticated on the file server to access its shares.

You have decided to use BitLocker as your whole disk encryption solution for the hard drive on your laptop. The laptop includes a TPM chip. What happens if you store the startup key required to unlock the hard drive in the TPM chip?

You can boot the hard drive without providing the startup key.

You have just installed Windows 11 on your laptop, purchased an infrared camera, and set up Windows Hello facial recognition as your login option. As part of the setup process, you enter a PIN as a backup login method. After a few weeks of using facial recognition login, your infrared camera fails, and you are asked to enter your PIN. Because it has been several weeks, you have forgotten the exact number. You attempt to enter your PIN at least 24 times, but are never locked out. What is the MOST likely reason that you have not been locked out after several failed PIN login attempts?

Your laptop does not have a TPM chip, and you have not set up BitLocker for lockout.

You recently installed a Windows 11 system. During the installation process, you elected to sign in to the system with a local user account. After using the system for a time, you decide to begin using an online Microsoft account to authenticate to the system instead. Click the Settings app option you would use to do this.

click accounts

In Windows Server terminology, what technique does AD use for fast logons and easy backups to a network share instead of the user's Home folder from the local computer? file synchronization soft linking folder redirection symbolic linking

folder redirection

A user has a problem accessing several shared folders on the network. After determining that the issue is not from his computer's IP configuration, you suspect that the shared folders are not currently connected. Which of the following commands will MOST likely confirm your suspicions?

net use

What command do you run in the Windows terminal to verify a printer shared on a network is online and its IP address is correct? netstat tracert ipconfig ping

ping

What methods does Windows offer to share a folder over the network? (Choose two.) Public permissions NTFS permissions NFS permissions Share permissions

NTFS permissions Share permissions

You need to use a common USB flash drive to transport important sensitive information for your organization. Which of the following would be the BEST program for protecting the data on the flash drive with encryption?

BitLocker To Go

Which of the following is true of the Windows BitLocker program?

BitLocker is designed to protect files against offline access only.

When you arrive at your company, you discover that a hard drive with your customers' sensitive information has been stolen. You feel confident that the thief will not be able to view the data on the hard drive because you had previously taken security precautions to protect the data in case the hard drive was stolen. Which of the following precautions is the MOST likely solution you used to protect the data on the hard drive?

BitLocker with TPM

You want to configure User Account Control so that you see the permission prompt only when programs try to make changes to your computer (not when you make changes). You do not want the desktop to be dimmed when the prompt is shown. What should you do?

Disable the Secure Desktop.

Which of the following VPN protocols was developed by Cisco and can be used to route any Layer 3 protocol across an IP network?

GRE

As the textbook recommends, all of the following are proprietary password manager apps that keep your passwords safe in the cloud or on your own device EXCEPT for which one? KeePass Sticky Password Dashlane LastPass

KeePass

Which security features are available on Windows 10 Home? (Choose two.) NTFS permissions Local Group Policy Active Directory Share permissions

NTFS permissions Share permissions

Which of the following is true about NTFS permissions and share permissions? If share permissions and NTFS permissions are in conflict, NTFS permissions win. If you set NTFS permissions but do not set share permissions, NTFS permissions apply on the network. Share permissions do not work on an NTFS volume. NTFS permissions work only on an NTFS volume.

NTFS permissions work only on an NTFS volume.

Which of the following protocols establish a secure connection and encrypt data for a VPN? (Select three.)

PPTP L2TP IPsec

Which Active Directory service simplifies how users log in to all the systems and applications that they need?

SSO

What is a VPN's primary purpose?

Support secure communications over an untrusted network.

When you create, copy, or move an object, such as file or folder, with NTFS in Windows that has inherited permissions enabled into a parent folder, the new object takes on the permissions of the parent folder. True False

True

Which of the following statements are true regarding administrative shares? (Select two.)

To connect to an administrative share, you must use the UNC path. By default, Windows automatically creates an administrative share for every volume.

ou are the owner of a small startup company that consists of only five employees. Each employee has their own computer. Due to the type of services your company offers, you don't foresee the employee count increasing much in the next year or two. As a startup company, you want to keep costs low and facilitate easier file sharing and internet, printer, and local network resource access. Which of the following would be the BEST implementation for your business?

A workgroup

Which of the following Active Directory (AD) services in Windows Server authenticates and authorizes accounts on a domain? AD DS AD CS AD LDS AD FS

AD DS

A user works primarily in your organization's production area. However, she frequently needs to access data stored on the Windows 11 desktop system in her office while on the production floor. She would like to be able to use a Remote Desktop connection in the production area to remotely access her desktop system over the network. Which desktop user groups should you make her user account a member of in order to enable this Remote Desktop connection? (Select two.)

Administrators Remote Desktop Users

Your computer has a single NTFS partition that is used for the C: drive with the folders below. C:\Confidential C:\PublicReports You configure NTFS permissions on the C:\Confidential folder and deny the Read permission to the Users group. For the C:\PublicReports folder, you allow the Full Control permission for the Users group. You have not configured any permissions other than the defaults on any other folders or files. You take the following actions. You: Move Reports.doc from C:\Confidential to C:\PublicReports. Copy Costs.doc from C:\Confidential to C:\PublicReports. Which of the following BEST describes the permission the members of the Users group will have for the two files in the C:\PublicReports folder?

Allow Full Control for both.

What does Windows 11 do when you log in with an administrator account with elevated privileges?

Assign you a user and an administrator token.

In Windows10/11 professional and enterprise editions, what native program locks down a hard drive allowing access only by way an encryption key stored in the motherboard's Trusted Platform Module? FileVault miniLock BitLocker Encryptionizer

BitLocker

Bob is a member of the Accounting group. The Accounting group has been granted the Read and Write NTFS permissions for the WeeklyReport.xls file. Bob is also a member of the Everyone group, which has been given the Full Control permission for the WeeklyReport.xls file. Which of the following statements MOST correctly describes Bob's ability to access the WeeklyReport.xls file?

Bob can open, read, and write changes to the file.

Where in Group Policy can you locate one that requires a smart card to authenticate a user for Windows? Computer Configuration, Administrative Templates, System, Logon Computer Configuration, Windows Settings, Security Settings, Local Policies, Security Options Computer Configuration, Windows Settings, Security Settings, Local Policies, Biometrics User Configuration, Administrative Templates, System, Logon

Computer Configuration, Windows Settings, Security Settings, Local Policies, Security Options

You have a folder that you would like members of your development team to access. You want to restrict network and local access to only specific users. All other users must not be able to view or modify the files in the folder. Which of the following would be the BEST actions for you to take next? (Select two.)

Configure both share and NTFS permissions. Place the files on an NTFS partition.

A salesperson in your organization spends most of her time traveling between customer sites. After a customer visit, she must complete various managerial tasks, such as updating your organization's order database. Because she rarely comes back to the home office, she usually accesses the network from her notebook computer using Wi-Fi access provided by hotels, restaurants, and airports. Many of these locations provide unencrypted public Wi-Fi access, and you are concerned that sensitive data could be exposed. To remedy this situation, you decide to configure her notebook to use a VPN when accessing the home network over an open wireless connection. Which of the following key steps should you take as you implement this configuration? (Select two. Each option is part of the complete solution.)

Configure the VPN connection to use IPsec. Configure the browser to send HTTPS requests through the VPN connection.

Which of the following are best practices for Windows 10/11 local security policies? (Choose two.) Disable AutoRun. Disable Microsoft account resources. Enable Guest account. Enable AutoPlay.

Disable AutoRun. Disable Microsoft account resources.

A user has a file that contains sensitive data. Which of the following security technologies should he or she use to encrypt the single file?

EFS

Which of the following security solutions would prevent you from reading a file that you did not create?

EFS

_____ encrypts files and folders stored on drives using the NTFS file system and enterprise and professional editions of Windows 10/11. TPM VPN EFS NFS

EFS

What tag in the management of Group Policy Objects overrides all others? Site Enforced Domain Organizational Unit

Enforced

You provide desktop support for a small company. The company has two locations in the same city, but they are several miles away. You get a call from an employee who is having problems with an application. He tries to describe what he is doing in the application, but you just can't understand what might be causing the problem. Which of the following is the BEST way to provide the assistance the employee needs? (Select two.)

Establish a Remote Assistance connection and watch what the employee is doing. Establish a Quick Assist session with the employee and watch what he is doing.

As the network administrator managing Windows Server AD, Ann needs to create a backup system on the domain for all folders that authorized users store their data. Which tasks should she do first before you configure the backup routine? (Choose two.) Evaluate backup software and storage requirements. Apply folder redirection to the Home folder for each user. Provide end-user training. Apply all available updates to Windows Server.

Evaluate backup software and storage requirements. Apply folder redirection to the Home folder for each user.

Which of the following NTFS permission levels can read, change, delete, and create files and subfolders, read file and folder attributes, read, and change permissions, and take ownership of a file or folder in Windows? Modify List folder contents Full control Read & execute

Full control

A user has complained about not being able to remove a program that is no longer needed on a computer. The Programs option is not available in Control Panel. You suspect that a policy is enabled that hides this option from the user. But after opening the Local Group Policy Editor, you see that the policy to hide Programs is not configured. You know that other users in this domain can access the Programs option. Where should you look next to determine whether the policy is enabled?

GPOs linked to organizational units that contain this user's object.

Account security can be further improved by configuring Windows _____, a feature that allows a user to sign in to Windows 10/11 computer using their face, iris, fingerprint, or PIN. Hey Cortana Siri Hello

Hello

Bob wants to encrypt a folder on his Home edition of Windows 11. He opens the folder's Properties dialog box and clicks the Advanced tab. However, much to his dismay, the option for Encrypt contents to secure data is a dim gray and unresponsive. What is most likely the reason for this? Home edition of Windows lacks support for encryption. All the files inside the folder must be encrypted first. Encryption is disabled in the Computer Management console. A Trojan has infected the system that prevents this and other features.

Home edition of Windows lacks support for encryption.

What app configures the security level for network connections on Windows 10/11 computer. Network configuration console Network and Sharing center Manage your networks Network Preferences

Network and Sharing center

Jane, an employee in the human resources department, has created several important PDF documents on her computer that all office managers in her building must read. She would like to make locating these files simple and maintain them as little as possible. It is important that no other users are permitted to view these documents. As the IT technician for your company, Jane has asked you to make this possible. Which of the following would MOST likely fulfill Jane's request?

Network share

You manage the two folders listed below on your computer. C:\Confidential D:\PublicReports The C:\ drive is formatted with NTFS, and the D:\ drive is formatted with FAT32. On the C:\Confidential folder, you edit the properties for the following two files and assign the Deny Read permission to the Users group: Reports.doc Costs.doc You then take the following actions. You: Move Reports.doc from C:\Confidential to D:\PublicReports. Copy Costs.doc from C:\Confidential to D:\PublicReports. Which of the following BEST describes what happens to the permissions for both files as they are created in the D:\PublicReports folder?

Permissions are removed from both files.

You are a network administrator for a large financial institution. There are several account advisors who are constantly on the road with their Windows laptop devices. You want to be able to occasionally check on the health of these laptops, including the ability to receive automated alerts for any unusual activity that may indicate some kind of security breach. Which of the following remote management technologies would BEST help you monitor these laptops?

RMM

How do you access the Disable inheritance option for editing the NTFS permissions on folder in Windows 10? Right-click folder, open Properties dialog box, select Sharing tab, and press the Advanced sharing button. Right-click folder, open Properties dialog box, select General tab and press the Advanced button. Right-click folder, open Properties dialog box, select Security tab, and press the Advanced button. Right-click folder, open Properties dialog box, select Customize tab and press the Choose File button.

Right-click folder, open Properties dialog box, select Security tab, and press the Advanced button.

Which tab in the Properties dialog box of folder shows the NTFS permissions on a Windows 10 computer? General Sharing Security Customize

Security

The _____ console, also available in Windows 10/11, contains the tools used to manage AD. Connection Manager System Manager Server Manager Resource Manager

Server Manager

Which of the following Windows 11 options lets you associate your local user account with an online Microsoft account?

Sign in with a Microsoft account instead

The Hide Programs setting is configured for a specific user as follows: After logging in, the user is able to see the Programs and Features option. Why did this happen?

The GPO linked to the user's organizational unit is applied last, so this setting takes precedence.

Rachel wants to use Screen Sharing to allow a system administrator to remotely access her Apple iMac. However, when she initiates the Screen Sharing session, the administrator is not able to access her iMac desktop from his iMac computer. What is the MOST likely reason that the administrator cannot access the Screen Sharing session?

The administrator is not included in her Specific Users Only list.

As a Help Desk Level 2 operator, you are attempting to use Remote Desktop to connect to an employee's Windows desktop to resolve a printing issue that has been escalated from a Level 1 operator. You know that both your Windows computer and the employee's Windows computer are configured correctly for this Remote Desktop connection. You also have the correct connection information. However, you are having problems accessing the employee's desktop. Which of the following is the MOST likely reason that you cannot connect to the desktop?

The remote session from the Level 1 operator has not been disconnected.

By default a shared folder that has a program file in it, a user on another Windows computer can double-click the program file and execute it remotely. True False

True

From the BIOS/UEFI setup, firmware can create a drive lock password stored on the hard drive controlling access even if it is removed from the computer and installed in another. True False

True

A help desk technician determines that a user's issue is caused by a corrupt file on their computer. Which of the following would be the FASTEST way to transfer a good file to the computer?

Use the C$ administrative share to copy the file.

Which of the following actions should you take to BEST secure your video conferencing software? (Select two.)

Use waiting room features. Use strong passwords.

Which of the following statements about an SSL VPN are true? (Select two.)

Uses port 443. Encrypts the entire communication session.

While on a business trip, an employee accesses the company's internal network and transfers files using an encrypted connection. Which of the following digital security methods is the employee MOST likely using?

VPN

Your organization employs a group of traveling salespeople who need to access the corporate home network through the internet while they are on the road. You want to funnel remote access to the internal network through a single server. Which of the following solutions would be BEST to implement?

VPN concentrator

You have recently purchased a third-party application and installed it on your workstation. However, after doing some maintenance work on the users and groups on your Windows system, the application begins to display error messages each time you try to run it. What is the MOST likely cause of the issue?

You deleted a group that was created by the third-party application.

You want to use the Universal Naming Convention (UNC) format to access a shared folder called Pictures on a computer named Home1. Which of the following is an example of the UNC format?

\\Home1\Pictures

Use the _____ console to create a new local user account on a Windows 10/11 PC. lusrmgr.msc compmgmt.msc fsmgmt.msc gpedit.msc

compmgmt.msc

A _____ is the entire enterprise of users and resources managed by AD in Windows Server. forest federation site domain

forest

Use the _____ in Windows command prompt to find out which group policies are currently applied to a system for the computer or user. gpedit grep gpresult gpupdate

gpresult

How do you open, activate, and set the password C0+admin for the Administrator account in Windows 10/11 elevated command prompt? Get-LocalUser -Name "Administrator" | Enable-LocalUser Set-LocalUser Administrator - C0+admin net user Administrator /active:yes net user Administrator C0+admin sudo passwd rootpasswd C0+admin net use Administrator /active:yes net use Administrator C0+admin

net user Administrator /active:yes net user Administrator C0+admin

What Windows program is used to reset the password for a user's account? credwiz.exe netcfg.exe chglogon.exe netplwiz.exe

netplwiz.exe

When typed in the Explorer navigation bar or Windows command prompt, what path identifies a resource on the network and must include two backslashes, the computer name, one backslash, and the folder name? local absolute network relative

network

The _____ console that displays the policies set for a computer or user in Windows. fsmgmt.msc gpedit.msc lusrmgr.msc rsop.msc

rsop.msc

Which of the following Microsoft consoles launches Local Security Policy in Windows? secpol.msc gpedit.msc lusrmgr.msc rsop.msc

secpol.msc

When added to a share name, what character hides a folder in Windows Explorer? $ % ~ *

$

According to the textbook, which of the following types of logon scripts are supported by Windows Server AD? (Choose all that apply.) .bat .vbs .ps2 .sh

.bat .vbs .ps2

When a computer is on a Windows domain, _____ is responsible for AAA services. Accounting Directory Authentication Directory Active Directory Authorization Directory

Active Directory

Bob, a user, works in the accounting department and saves his Excel files to a network drive on the company's server. Upon his most recent attempt to save a spreadsheet to the drive, he gets the error message: "You do not have access to the folder 'E:\'. See your administrator for access to this folder." Bob calls Ann, a technician, and asks for help. What should she advise Bob to do first? Have him to verify his connection to the network with the ping command. Escalate the issue to network administrator. Advise him to save the spreadsheet to his local hard drive. Tell him to reboot his PC.

Advise him to save the spreadsheet to his local hard drive.

A user group named Accounting is set up for its personnel. They have permission to use the Financial folder on a file server. Ann, a support technician, needs to create a subfolder named Payroll under the Financial folder. Bob, payroll manager, is the only employee in the Accounting department with access to the Financial folder. What is the best way for Ann to configure this new share for Bob? Create a new user group named Management outside of the Financial folder, add Bob to the group, assign group read/write permissions to the Payroll folder. Assign Bob read/write permissions to the Accounting folder and add him to the Payroll folder. Assign Bob read/write permissions to the Financial folder and add him to Payroll folder. Create a new user group named Payroll, put Bob in the group, and assign group read/write permissions to the Payroll folder.

Create a new user group named Payroll, put Bob in the group, and assign group read/write permissions to the Payroll folder.

What are the general strategies for managing shared files and folders, or directories, in Windows 11? (Choose two.) Workgroup sharing Homegroup sharing Officegroup sharing Domain controlling

Domain controlling Workgroup sharing

The D:\ drive in your computer has been formatted with NTFS. The Sales group on your computer has been granted Allow Full Control for the D:\Sales folder. The Rachel user account is a member of the Sales group. Which of the following will BEST prevent Rachel from accessing the D:\Sales\2010sales.doc file without affecting her ability to access any other files in that folder and without affecting the abilities of any other users?

Edit the file properties and assign Rachel the Deny Full Control permission.

You provide desktop support for a small company. The company has two locations in the same city, but they are several miles away. You get a call from a user who is having problems installing a new device. You try to tell the user how to update the device driver over the phone, but he is having a hard time understanding your directions and is becoming frustrated. What is the BEST method for resolving the user's issue?

Establish a Remote Desktop connection and update the driver.

Which of the following built-in user groups does Windows automatically assign to an account when determining permissions assigned to a file or folder? (Choose all that apply.) Everyone Anonymous Super Users Authenticated Users

Everyone Anonymous Authenticated Users

Which of the following is true of groups on a Windows system?

Group members have the access rights that are assigned to the group.

A user calls to report a problem. She is trying to install an application on her new Windows 11 system, but the installation will not proceed. Her user account is a member of the Users group. What is MOST likely causing the installation issue?

Her group membership does not allow her to install new software.

Which of the following protocols provides authentication and encryption services for VPN traffic?

IPsec

Which of the following protocols can your portable computer use to connect to your company's network via a virtual tunnel through the internet? (Select two.)

L2TP PPTP

The _____ (gpedit.msc) console contains a subset of policies in Group Policy and applies only to a local Windows 10/11 computer or user. Local Group Policy Configuration Profiles Resultant Set of Policy Computer Management

Local Group Policy

You manage a workstation that is not part of a Windows domain. Users on this computer should not be permitted to download applications from the Windows Store. Which administrative tool can you use to enable a policy that turns off the Store application for all users on this computer?

Local Group Policy Editor

Which of the following is a valid distinguished name for the MarketSpace common domain name?

MarketSpace.org

You are your company's Active Directory system administrator. The company has branch offices in several countries, including Mexico, Argentina, Canada, and the UK. The company only has a total of 250 employees organized in the same departments in each office. However, the company is projected to expand rapidly in the next two years. You want to create a tree of organizational units (OUs) that can adapt to the rapid growth without re-organizing the OU structure in the near future. You also want to be able to easily assign rights to certain network resources based on departmental organizational roles. Which of the following solutions would BEST meet your requirements?

Organize the OUs at the top level by office (country); then use group accounts to help control resource rights.

You want to use a VPN tunneling protocol that can encapsulate other LAN protocols and carry the data securely over an IP network. Which of the following protocols is suitable for this task?

PPTP

According to the textbook, what is the difference between privileges and permissions with Windows systems? Privileges are assigned to all accounts, files and folders, while permissions are assigned strictly to groups. Permissions are assigned to all accounts, files and folders, while privileges are assigned strictly to groups. Privileges are assigned to an account, and permissions are assigned to data files and folders. Permissions are assigned to an account, and privileges are assigned to data files and folders.

Privileges are assigned to an account, and permissions are assigned to data files and folders.

A new computer has been added to the sales department and needs to be joined to the CorpNet domain. Which of the following System Properties settings must you use to make the change? System Properties > Computer Name System Properties > Advanced System Properties > Remote System Properties > System Protection

System Properties > Computer Name

According to the textbook, which of the following fails to meet the criteria for a strong password? Have at least one symbol. Use 16 or more characters. Use the same password for all accounts. Combine uppercase and lowercase letters, numbers, and symbols.

Use the same password for all accounts.

What Windows utility is used to view a list of shared folders and volumes by default on a network domain with an administrator account? diskmgmt.msc fsmgmt.msc devmgmt.msc lusrmgr.msc

fsmgmt.msc

For Windows 10/11 Enterprise and Pro, you can use the _____ console to manage local users and groups. fsmgmt.msc lusrmgr.msc rsop.msc secpol.msc

lusrmgr.msc

A _____ makes client computer appear to have a new hard drive, as for example E:\, on the storage space of a host computer or server. (Choose two.) network share mapped drive hard disk drive solid state drive

mapped drive network share


Ensembles d'études connexes

Organic Chemistry Ch. 8 study guide

View Set

Unit Test review- English "How Sugar Changed the World"

View Set

CH. 11 Treatment of Psychological Disorders Smartbook

View Set