MTA MTA Security Fundamentals (98-367)
Which IP address is used on a public network?
- 224.0.0/24
Any server that is not using SMTP for legitimate email transfers should have port __________ disabled.
25
Auditing
A mechanism by which a log tracks who has logged on to a system and what has been accessed on the system.
Which best defines a botnet?
A network full of computers which have been taken over for the purpose of carrying out a DDoS attack
The __________ is a Windows domain management tool that helps organize and authenticate computers across a network or set of subnets.
Active Directory
Which Windows tool stores all users and permissions on a domain-based network?
Active Directory
The Auditing tab in a folder's properties is found through clicking which option?
Advance button on the security tab
Which can be affected by the principle of least privilege?
Agency Regulations
Which is one use of a network sniffing tool?
Analyze network traffic
Which algorithm is used for email filtering?
Bayesian filter
In Microsoft's Control Panel Internet Options, where are the settings to delete cookies and website data?
Browsing History
_________ is the part of the CIA triangle which keeps data secure from unauthorized access.
Confidentiality
Which item that protects against unwanted software installation does so by only allowing trusted applications to be installed on network devices?
Device Guard
Which type of password attack uses common words to attempt to crack a password?
Dictionary Attack
What is the first thing a user should do if a virus is suspected to be on a computer?
Disconnect the computer from the network
Which route looks for a default gateway, decides how best to route traffic, and then automatically builds a routing table?
Dynamic
Availability
Ensures that data is accessible by those who need it and when they need it
Which is an example of separation of services?
Ensuring a domain controller only has what is needed to run that domain controller
Which are examples of tunneling? Choose three answers.
GRE L2TP PPTP
When looking at user or group permissions in the Security tab of a folder, what indicates that the permissions are inherited?
Grey check marks
Which administrative tool is used to set password policies for an entire domain?
Group Policy
The Security Compliance Manager provides which item to users?
Guides for installation
Which IPsec protocol is stored in an SA?
IKE
IP address spoofing is a form of spoofing where __________ are attacked with the intent to forge the source IP address.
IP packets
Regarding security, the buildings within a campus best fall under which security classification?
Internal perimeter
Docking stations are used to add expand ability to which devices?
Laptops
Which administrative tool is used to set audit policies for a local device?
Local Security Policy
Which tool is used to set a password policy on a local machine?
Local Security Policy
Which are possible traits of a software-based firewall? Choose two answers.
Network-based Host-based
Which of the following digital certificate formats can store multiple certificates? Choose two answers.
PKCS #7 PKCS #12
Which part of a honeypot is set up to wait for an IDS to detect attackers and transfer them to an isolated system?
Padded Cell
Principle of Least Privilege
People have what they need privilege wise to do their job but no more.
Which social engineering tactic deceives users into giving up sensitive information?
Phishing
You can disable toolbars and extensions when InPrivate Browsing starts under the _________ tab.
Privacy
Which type of encryption key is often used at the start of a data transmission?
Public
Which item does DNSSEC use to ensure Internet traffic is always sent to the correct server?
Public key encryption
Which of the following is used to distribute keys, but not digital certificates?
RA
One example of a popular stream cipher is __________.
RC4
Which Windows tool stores all Windows settings and app settings?
Registry
An administrator wants to control the time period in which incorrect logon attempts result in an account lockout. Which policy should be set?
Reset account lockout counter after
A stateful firewall inspection inspects data based on which item?
Return traffic
Which tab in the Properties window shows assigned permissions on a folder?
Security
Rerouting Internet traffic away from a tunnel and through an original Internet connection describes which networking concept?
Split Tunneling
Which type of malware involves ads that appear as a result of personal information being collected?
Spyware
Which of the following are types of encryption? Choose three answers.
Symmetric Asymmetric Hash function
Where in the Control Panel can a user control encryption settings for offline files and folders?
Sync Center
What is typically used to audit non-Microsoft products?
Syslog
Which type of authentication server is Cisco proprietary?
TACAS+
Users cannot build rules to __________ and __________ at the same time.
TCP UDP
Which does encryption at a hardware level?
TPM
Confidentiality
The act of keeping data and systems secure from unauthorized access
Who is the default owner on a folder?
The user account that created the folder
Telnet port 23 can be accessed externally even if a firewall has been used to block it internally.
True
Viruses must have a carrier in order to propagate.
True
Windows does not define any software restrictions by default.
True
What should possibly be blocked on computers in order to protect data from being copied or moved without authorization?
USB ports
Which is the best defense against social engineering?
User Awareness
Which is considered the weakest method of securing a wireless network?
WEP
Which is an example of a software router?
Windows Server
When moving a folder from one drive to a different drive, the folder's permissions __________.
are inherited from it's parent's
Integrity
ensures that data is accurate and vaild
The principle of least privilege is a security concept in which users are only granted access to __________ that are relevant to their jobs.
resources
A device that might provide a secondary password to access a system is called a __________.
security token
IPsec is a suite of protocols used to protect data in transit by creating __________.
tunnels
Which authentication combination is considered to be of the same factor?
username and password