Net+ 13 14
What is WindowsUpdate.log? Answer A log file that deploys updates to device groups over a deployment timeline. A log file that analyzes Windows Update Service, BITS, and Windows Network Diagnostics Service. A log file that allows you to see enforced policies on your Windows 10 machine. A log file you can create and save in order to locate errors or problems.
A log file you can create and save in order to locate errors or problems.
Which of the following tools can you use to troubleshoot and validate Windows updates? (Select three.) Answer Windows Server Troubleshooter Windows Update Troubleshooter Windows Transfer Service Windows Server Update Service (WSUS) Windows Defender Device Manager PowerShell
PowerShell. Windows Server Update Service (WSUS), Windows Update Troubleshooter
A security analyst is using tcpdump to capture suspicious traffic detected on port 443 of a server. The analyst wants to capture the entire packet with hexadecimal and ASCII output only. Which of the following tcpdump options will achieve this output? Answer src port 443 -SXX port 443 -SX port 443 -SA port 443
-SX port 443 Explanation -SX is the command line option for both full packet capture and hexadecimal and ASCII output of port 443. src port captures source port traffic, but this won't capture the entire packet or output the hexadecimal and ASCII codes. -SA captures full packets, but only ASCII output is included. -SXX performs the same function as -SX, but it also gives the Ethernet header.
You want to make sure that all users have passwords over eight characters in length and that passwords must be changed every 30 days. What should you do? Answer Configure expiration settings in user accounts. Configure day/time settings in user accounts. Configure account policies in Group Policy. Configure account lockout policies in Group Policy.
Configure account policies in Group Policy.
You manage a single domain named widgets.com. Organizational units (OUs) have been created for each company department. User and computer accounts have been moved into their corresponding OUs. Members of the Directors OU want to enforce longer passwords than are required for the rest of the users. You define a new granular password policy with the required settings. All users in the Directors OU are currently members of the DirectorsGG group, which is a global security group in that OU. You apply the new password policy to that group. Matt Barnes is the chief financial officer, and he would like his account to have even stricter password policies than are required for other members in the Directors OU. What should you do? Answer Create a granular password policy for Matt. Apply the new policy directly to Matt's user account. Remove Matt from the DirectorsGG group. Edit the existing password policy. Define exceptions for the required settings. Apply the exceptions to Matt's user account. Create a granular password policy for Matt. Apply the new policy directly to Matt's user account. Create a granular password policy for Matt. Create a new group, make Matt a member of that group, and then apply the new policy directly to the new group. Make sure the new policy has a higher precedence value than the value for the existing policy.
Create a granular password policy for Matt. Apply the new policy directly to Matt's user account To use a different set of policies for a specific user, create a Password Settings Object (PSO) for the user and apply it directly to the user account. If a PSO has been applied directly to a user, that PSO is in effect regardless of the precedence value.
Your Windows system is a member of a domain. Windows Update settings are being controlled through Group Policy. How can you determine whether a specific security update from Windows Update is installed on the computer? Answer Run the wuauclt.exe /listupdates command. Check the Local Security Policy. Run the netsh winhttp import proxy source command. Go to Programs and Features in Control Panel.
Go to Programs and Features in Control Panel.
You want to make sure that a set of servers will only accept traffic for specific network services. You have verified that the servers are only running the necessary services, but you also want to make sure that the servers will not accept packets sent to those services. Which tool should you use? Answer System logs IPS IDS Port scanner Packet sniffer
Use a port scanner to check for open ports on a system or firewall. Compare the list of opened ports with the list of ports allowed by your network design and security policy. Typically, a port is opened when a service starts or is configured on a device. Open ports for unused services expose the server to attacks directed towards that port. Use a packet sniffer to examine packets on your network. With a packet sniffer, you can identify packets directed towards specific ports, but you won't be able to tell if those ports are open. Examine system logs to look for events that have happened on a system, which might include a service starting, but would not likely reflect open ports. An intrusion detection system (IDS) is a special network device that can detect attacks and suspicious activity. A passive IDS monitors, logs, and detects security breaches, but takes no action to stop or prevent the attack. An active IDS (also called an intrusion protection system, or IPS) performs the functions of an IDS, but it can also react when security breaches occur.
An employee named Bob Smith, whose username is bsmith, has left the company. You have been instructed to delete his user account and home directory. Which of the following commands would produce the desired outcome? (Select two.) Answer userdel -r bsmith userdel bsmith;rm -rf /home/bsmith userdel bsmith userdel -x bsmith userdel -h bsmith
userdel -r bsmith userdel bsmith;rm -rf /home/bsmith
Which of the following utilities could you use to lock a user account? (Select two.) Answer userdel ulimit usermod useradd passwd
usermod passwd
You have performed an audit and found an active account for an employee with the username joer. This user no longer works for the company. Which command can you use to disable this account? AnswerCorrect Answer: usermod -L joer usermod -l joer usermod -u joer usermod -d joer
usermod -L joer