ITN 200 MOD 11

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

What is the level of encryption of the public/private key pair that is contained in the domain-server-CA in Microsoft Server 2019?\ 256-bit encryption 257-bit encryption 1024 -bit encryption 2048-bit encryption

2048-bit encryption

Which of the following settings in Windows defender should be enabled to prevent malware and network attacks from accessing high-security processes in systems that support core isolation? The Block Inheritance setting The firewall rules setting The controlled folder access setting The memory integrity setting

The memory integrity setting

A 257-bit encryption key is twice as difficult to guess compared to a 256-bit encryption key. True False

True

Which of the following is true of Group Policy Objects (GPOs)? They do not apply to Active Directory groups. They are not strictly enforced. They allow users to configure settings that are applied by GPOs. They are limited to 500 or less users or computers.

They do not apply to Active Directory groups.

If a newly created firewall allows connection to a program only if the connection is authenticated by IPSec, which of the following options was most likely selected in the Action pane in the New Inbound Rule Wizard at the time of creating the rule? Authentication exemptio Allow the connection Allow the connection if it is secure Block the connection

Allow the connection if it is secure

Alonso, a system administrator, has configured and deployed a new GPO at the domain level in his organization. However, when he checks after a few hours, two of the OUs in the Active Directory do not reflect the change. What is the most likely reason the new GPO configuration did not apply to the two OUs? The OUs were under another domain. The Block Inheritance setting prevented the OUs from applying the GPOs. The users under the OUs declined the domain-level setting when prompted. The GPO link was configured with the Enforced setting.

The Block Inheritance setting prevented the OUs from applying the GPOs.

By default, where are updates synchronized from in WSUS? Microsoft Update servers on the Internet The Windows Internal Database The specified Microsoft SQL Server Windows Server Update Services

Microsoft Update servers on the Internet

Denali wants to store information about all Windows updates on a specific Microsoft SQL Server for security reasons. Which of the following wizards can Denali use to set up SQL Server Connectivity to store update information? The Group Policy Results Wizard The Add Roles and Features Wizard The Windows Server Updates Services Configuration Wizard The Certificate Enrollment wizard

The Add Roles and Features Wizard

To prevent man-in-the-middle attacks, Janet, a network administrator, configures a GPO such that all the traffic sent toward a specific database server is encrypted using IPSec. While most of her colleagues are able to successfully connect to the database via the IPSec authentication process, the connection is not successful for some computers. What do you see to be the problem here? The IP addresses of the computers were not added under Endpoint 1. The connection between the failed computers and the server was protected with IPSec. The rule type was set to Isolation instead of Server-to-server. The computers did not have an IPSec certificate.

The computers did not have an IPSec certificate.

Yosef has configured Windows Server 2019 as an enterprise CA and deployed a GPO to enroll all the users for certificates. He chooses the setting that will enroll the users when they boot their computers. When he checks whether all users and computers have been enrolled, he finds that five users were not enrolled for the certificate. Yosef was able to manually enroll those users for certificates.Which of the following permissions to the certificate template is most likely to be missing for the five users who did not get enrolled? Read Write Enroll Autoenroll

Autoenroll

Amber is a hacker who steals information when people enter their personal details on specific websites. She intercepts the public key as it is sent from the Web server to the Web browser and substitutes her own public key in its place. This enables her to intercept the communication and decrypt the symmetric encryption key using her private key. Which type of hacking attack is Amber perpetrating? A denial-of-service attack A man-in-the-middle attack A drive-by attack A malware attack

A man-in-the-middle attack

Fatima is configuring a Windows Server 2019 system as a RADIUS server for use with 802.1X Wireless. She has configured the Network Policy and Access Services server role. What is the next step Fatima should take once the server role has been configured? Configure the Configure 802.1X wizard Activate the server in Active Directory Edit or remove existing RADIUS clients Choose the EAP authentication method

Activate the server in Active Directory

David, a system administrator, has created specific GPOs for every department in his organization based on the permissions required by the various departments. However, he needs to apply the Default Domain Policy for some managers but not for the rest of the users. How can David ensure that the Default Domain Policy is applied only to specific managers' accounts? By using the Block Inheritance setting on the domain-level GPO By using the Enforced setting on the OU-level GPOs for the OUs that contain the managers' accounts By removing the Authenticated Users group from the Security Filtering section and adding the managers' accounts By using a WMI filter to check for conditions under which the Default Domain Policy must be applied

By removing the Authenticated Users group from the Security Filtering section and adding the managers' accounts

Ramona, the chief technical officer of an engineering company, needs to install software on 32-bit computers using GPO. The system network consists of over 500 computers and has a mix of 32-bit and 64-bit computers. How can Ramona ensure that the software is installed only on the 32-bit computers? By using a WMI filter By using the Security Filtering option By setting Group Policy preferences By modifying Software Settings under Group Policy

By using a WMI filter

If multiple GPOs are linked to the same site, domain, or OU, they will be applied in a random order. True False

False

WPA3 is immune to wireless cracking tools because it uses a Wi-Fi password in a different way than WPA2 does. True False

False

When a CA public/private key pair expires, a system administrator must generate a new CA public/private key pair the same day to ensure a smooth transition. True False

False

Having heard the data theft suffered by a competing company by a man-in-the-middle attack, Finn asks Talia, his server administrator, to implement measures to prevent such attacks in his company. Which of the following should Talia do to ensure that Finn's company is protected from such attacks? Hire the services of a third-party Certification Authority Configure the Block Inheritance setting at OU-level GPOs Run the gpupdate /force command in a Command Prompt window. Run the gpresult /r command in Windows PowerShell.

Hire the services of a third-party Certification Authority

XM GraFix, a graphics design company, has bought new design software. Mason, the system administrator, wants to install the software on all the computers in the design department. However, not all the designers need the software. Using the GPO, Mason uses a deployment method that allows the users to install the program from the network when they need it. Which of the following methods of deployment has Mason most likely used in the given scenario? Published the software under Software Settings in the Computer Configuration Published the software under Software Settings in the User Configuration Assigned the software under Software Settings in the Computer Configuration Assigned the software under Software Settings in the User Configuratio

Published the software under Software Settings in the User Configuration

Sasha is configuring Windows Server 2019 as an enterprise CA. She installs the Active Directory Certificate Services server role and is prompted to choose the role services that she wishes to install. Which of the following role services should Sasha select to ensure that routers are allowed to obtain certificates? The Online Responder role service The Network Device Enrollment Service role service The Certificate Enrollment Policy Web Service role service The Certification Authority Web Enrollment role service

The Network Device Enrollment Service role service

Chynna wants to create two different firewall rules that are applicable depending on whether a computer is connected to a corporate domain or a home network. Which of the following panes in the New Inbound Rule Wizard should Chynna select to specify the conditions that should be met before the rules can be applied? The Profile pane The Action pane The Rule Type pane The Protocol and Ports pane

The Profile pane

Giselle, a systems administrator, creates a file redirection GPO, in the User Configuration section that automatically saves files created by her colleagues to a shared network device instead of the local drives in their computers. However, the computers do not receive the configuration specified in the GPO. She runs the gpupdate /force command in the Command Prompt window of one of her colleagues' computer. Despite her effort, the computer does not receive the GPO, and she decides to rectify the issue the next day. To her surprise, she sees that the computer has been configured as per the GPO. What do you see as the issue with the GPO configuration? The GPO was not backed up before the new settings were applied. The settings can only be applied at the next login. The computer had to be rebooted for the application of the GPO settings. The Block Inheritance setting was enabled for the OU that the computers belonged to.

The settings can only be applied at the next login.

Amina, who works for a pharmaceutical company, configures and issues the Smartcard Logon certificate template with schema version 2. While most of the users get auto-enrolled, some of the users fail to obtain the certificate. Identify the most likely reason auto-enrollment failed for these users. Their operating system is Windows XP. They have the Block Inheritance setting at the OU level. The template did not have the Enforced setting. Their operating system is Windows 2000.

Their operating system is Windows 2000.

Navin wants to reduce the chances of a data breach and monitor and control the traffic on his company's website. Instead of using a NAT router, he sets up an external server that acts as a filter between the organization's website and end users. Which of the following options must Navin select and configure when configuring WSUS? Store updates in the following location Use a proxy server when synchronizin Synchronize from another Windows Server Update Services server Synchronize from Microsoft Update servers

Use a proxy server when synchronizin

While configuring Windows Server 2019 as a WSUS server, which of the following role services would you select to store information about updates in the Windows Internal Database? WID connectivity WSUS services SQL server connectivit Certification authority

WID connectivity

The new system administrator of XYZ company realizes that whenever updates are available for Windows, WSUS redirects computers to the Microsoft Update servers on the Internet to obtain updates instead of storing the update information on the WID. Which of the following is a likely reason for this issue? The WSUS installation is either incomplete or has not been installed properly. While installing WSUS, the option SQL Server Connectivity was selected. While installing WSUS, the option Store updates in the following location was deselected. While configuring WSUS, the option Synchronize from another Windows Server Update Services server was selected.

While installing WSUS, the option Store updates in the following location was deselected.

Stephen sets up manual enrollment for a user certificate from an enterprise CA. However, as he completes the process, he realizes that he has accidently set up the enrollment for a computer certificate rather than a user certificate. Which of the following commands did Stephen most likely type in the Command Prompt window? certmgr.msc certlm.msc wf.msc gpedit.msc

certlm.msc


Ensembles d'études connexes

Final test Introduction hospitality

View Set

II Lecture Chapter 18 Certification Style Exam Quiz

View Set

Chapter 43 Trauma Systems and Mechanism of Injury

View Set

Emergency Medical Responder: First On Scene Chapter 1 & 2

View Set

Chapter 3: Collecting Objective Data: The Physical Examination

View Set