M7-12
Windows Update delivers several different types of updates. Which of the following best describes a Cumulative update?
A set of multiple patches or hotfixes released up until a particular time
Your Windows 10 system is no longer bootable after experiencing a failure. You want to access the Recovery Environment to be able to restore your system, but have lost the Windows 10 installation media. How can you accomplish this?
Boot from the Recovery Drive you created when you originally set up the system
Select the three permissions that can be set on a shared folder
Change Full Control Read
Acts as a fabric that can be used to connect to devices all over the world
The "Cloud"
Installed from a Store
Windows Store Apps
Command line utility for installing desktop applications
msiexec
Windows Update delivers several different types of updates. Which of the following best describes a Hotfix update?
A patch that addresses one specific problem
A paging file is:
An area on the hard disk that Windows uses as if it were RAM.
Windows Update delivers several different types of updates. Which of the following best describes a Build or Feature update?
An update that installs a new version of Windows
A feature built into Enterprise or Education editions of Windows that allows for more advanced control over applications based on a combination of application properties and the groups that users are members of - Application Control Policies
AppLocker
Choose three ways an Admin can restrict access to applications
AppLocker Windows Defender Application Control NTFS permissions
Options available to run applications in a way similar to older versions of Windows
Application Compatibility
Windows Defender feature that allows organizations to control what drivers and applications are allowed to run on their Windows 10 clients
Application Control
Windows Defender feature designed to provide a layer of security between a Windows system and potentially malicious websites
Application Guard
A file __________ specifies which application opens a type of file.
Association
Encrypts an entire volume
BitLocker
Encrypts removable storage devices like USB flash drives
BitLocker To Go
Which edition of BitLocker is used to encrypt USB removable drives?
BitLocker To Go
What is the main difference between Encrypting File System (EFS) and BitLocker?
BitLocker encrypts entire volumes whereas EFS encrypts specific folders
As Admin you find yourself constantly filtering the Event Viewer logs to look at a few specific types of events that are common on your organizations computers. What is the best option that would allow you to save some time when looking through these Event Viewer logs?
Create and save a Custom View for future use
Windows Defender feature designed to protect user authentication credentials
Credential Guard
Can be downloaded and installed from anywhere on the Internet
Desktop Applications
Desktop Applications
Desktop Applications
An Admin can configure __________ to control how much storage space a user can take up on a volume.
Disk Quotas
Windows Defender feature designed to help reduce the attack surface of applications
Exploit Guard
Because Microsoft focusing more on mobile devices and Microsoft Store Apps, Windows 10 no longer supports desktop applications
False
BitLocker is considered such a valuable security tool so it is available on every edition of Windows
False
Data transmissions in a VPN tunnel are secured using encapsulation
False
Newer Windows Apps can only be installed from the Microsoft Store
False
System Restore will protect and allow restoration of user files
False
The NTFS inheritance feature does not impact effective share access
False
Specifies which application opens which type of file, based on the file extension
File Association
It is recommended to turn off UAC when performing important tasks because it can make tasks less efficient
Flase
A user is a member of two groups. One group is granted the Read permission to a network share, and the other group is granted the Full Control share permission. What is the effective Share permission on the shared folder for this user?
Full Control
When configuring event subscriptions, it's important to create a firewall exception for ___________ to allow forwarded events to be allowed through the firewall.
HTTP or HTTPS
Which of the following best describes the UAC tool
Helps avoid unintended actions and software installations by notifying users of system changes and making it possible for an administrator to only elevate their credentials when necessary
Which power saving method will completely power down your system, but stores contents of open files and system memory to the hard disk so that you can resume your work when powering the computer back on?
Hibernation
Which power saving method will enable your PC to keep the memory powered on, but will also store the contents of memory on the hard disk to protect them from corruption if the battery runs out?
Hybrid Sleep
Choose three VPN protocols that can be used with Windows for VPN connections
IKEv2 SSTP L2TP with IPSec
Why is it important to backup the BitLocker recovery key to a safe location separate from the system BitLocker is configured on?
If the recovery key is lost, it could result in a complete loss of the data on that system
Configuring application restrictions, a firewall, or antivirus software
Implementing protections
Configuring application restrictions, a firewall, or antivirus software would be an example of
Implementing protections
Choose the two main facets an Admin should consider when hardening a Windows system
Implementing protections Reducing exposure
Cloud management system for Windows devices
InTune
Why is authentication an important requirement when using VPNs?
It can be used to verify that the sender of a VPN packet is a legitimate device and not one used by a hacker
What impact does adding a $ symbol to the end of a share name?
It effectively hides the share to avoid confusion for non-admin users
You decide to research to see if it is possible for one computer to gather event log entries from multiple other computers to make it easier to keep track of your system issues. What do you find?
It is possible, you need to configure it as an Event Collector
When restoring a System Image backup:
It will completely replace all files on the system drive, including yours
Choose three threats that impact mobile devices
Lack of centralized security enforcement Theft Loss
Which password based authentication protocol is considered the most secure without using EAP
MS-CHAP-v2
Allows an Admin to compare current security settings against recommended settings
Microsoft SCT
When combining Share and NTFS permissions, the ___________________ permission of the two applies
Most restrictive
What feature of Windows Defender allows for the removal of malware that can't be removed from a running system?
Offline scanning
You are working with a software vendor to troubleshoot performance problems with their software. They requested to see information on specific performance counters starting at a specific time of day and over a longer period of time. Which utility will provide that functionality?
Performance Monitor with a data collector set
Select the three default power plans available in Windows
Power Saver High Performance Balanced
Increasing the privilege level of an application from a standard user to an administrative user
Privilege escalation
Covered by levels 4-5 of the Microsoft SecCon security framework
Privileged Access Workstations
Which of the following performance and resource monitoring tools is not built into Windows, but is instead available as a free download from Microsoft?
Process Explorer
Covered by levels 1-3 of the Microsoft SecCon security framework
Productivity Devices
The Microsoft SecCon framework divides devices into which two main categories when assigning configuration levels
Productivity device Privileged access workstation
Which of the following best explains the purpose of a security baseline
Provides a group of recommended settings or configurations that can be used to meet standards of security
Which of the following best explains the purpose of a security framework
Provides a set of best practices an organization can adopt to better secure their information systems
If a user has the effective NTFS permission of Modify to a folder, and has Read permissions to the network share for this folder, what is their effective access when accessing the folder via the share?
Read
If a user has the effective NTFS permission of Read to a folder, and has Modify permissions to the network share for this folder, what is their effective access when accessing the folder via the share?
Read
What feature of Windows Defender will alert you if spyware or other malware attempts to run on the computer, even when a normal scan is not running?
Real-time scanning
Turning off, disabling, or uninstalling unneeded settings, permissions, or software
Reducing Exposure
Turning off, disabling, or uninstalling unneeded settings, permissions, or software is an example of
Reducing Exposure
Two main facets of system hardening
Reducing exposure and Implement protections
Which of the following tools can be used to connect to or manage remote systems across a network? (choose three)
Remote Desktop Computer Management PowerShell
Feature used to run software using another user's login and permissions
RunAs
What windows feature allows one user to run an application with another user's permissions
RunAs
Which UAC feature allows the desktop to be made unavailable when the UAC prompt is triggered, helping to make sure malicious software doesn't trick a user into performing other tasks.
Secured Desktop
Group of recommended settings or configurations that meet standards for security
Security Baseline
Best practices an organization can adopt to better guide their approach to securing their information systems
Security Framework
Which power saving method will enable your PC to keep the memory powered on, but will lose the contents of memory and potentially corrupt your data if the battery runs out?
Sleep
A built-in feature for Professional and Enterprise editions of Windows that allows an Admin to control access to applications based on properties of the applications themselves
Software Restriction Policies
You are looking to configure Event forwarding Subscriptions on a large number of computers. Which type of subscriptions best fit your scenario?
Source-initiated subscriptions
You want to create a complete backup of your Windows installation including all user files, applications, and settings as they were when the backup was taken. What type of backup do you need?
System Image
You need to configure a Windows client to create a point-in-time snapshot of the Windows Operating System files each time a major event occurs on the system such as installation of updates or other configuration changes, and if possible enable you to create a manual snapshots as well. Which of the following Windows utilities do you need to configure?
System Restore
Tool used to manage which applications can start when Windows starts
TaskManager
You suspect that your computer is having errors related to the hardware or drivers recently modified on the system. Where do you look to verify your suspicions?
The System Event Log
A TPM chip is required to use BitLocker unless an Admin makes specific configuration changes to otherwise allow it to work without a TPM
True
InTune can be used to remotely wipe data or the entire device if it is lost of stolen
True
NTFS permissions can be an effective option for getting some older applications to work correctly
True
The version of BitLocker intended for use with removable storage devices does not require a TPM
True
Windows InTune supports non-Microsoft devices
True
Windows Update runs automatically in Windows 10 by default.
True
You can attach a task to an event in Event Viewer to start a program when a specific event occurs on the system
True
non-security specific tools like Services, Local Users and Groups, and NTFS permissions can play a vital role in securing Windows systems
True
Devices that can encrypt and decrypt VPN packets are referred to as
Tunnel endpoints
VPNs use a _________ protocol to encapsulate LAN data with within protected packets that can be sent through an untrusted network
Tunneling
Encapsulates LAN data within encrypted packets that can be send securely though an untrusted network
Tunneling protocol
Provides protection from users executing software with their administrative privileges
UAC
Windows network shares are accessible by their
UNC path
You need to use Windows Update on systems at a branch location. The branch location has a slow Internet connection that makes it difficult to download updates from the Microsoft Update servers all at once. How can you make the update process more efficient than waiting for all the devices to download their updates from Microsoft?
Use Windows Update Delivery Optimization to allow systems at the branch location to download updates from other systems on the local network
Choose the methods that can be used to access the Windows Recovery Environment (choose three)
Use the 'shutdown' command with the o and r command switches Using the Recovery option in the Settings app Booting off of Windows installation media
You are running Windows 10 and want to stop a certain program from loading at startup. What can you do to accomplish this?
Use the Startup tab in Task Manager to enable or disable startup applications
It's Thursday afternoon and the CEO of your organization just had a computer failure. His Windows 10 system is not bootable, but his user data is still on the hard disk. He is demanding that his computer be up and running as quickly as possible without losing his user files or settings from this week. The last scheduled system image backup completed last Friday. Which of the following options will accomplish this?
Using the 'Reset this PC' with the 'Keep my Files' option in the Windows Recovery Environment.
What tool can you use to install desktop applications from the command line?
msiexec
What CLI tool can be used to manage power plans in Windows
powercfg
