Operating Systems Security

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

A signature database that is one month old may potentially expose that computer to how many new threats?

2,100,000

If a regular user is a member of four groups how many SID's will be stored in the user's SAT?

5

Windows checks for new or updates GPO's every _______ minutes?

90-120

Which of the following is the best description of a security control?

A mechanism that protects a resource.

Why is a rootkit do difficult to detect?

A rootkit may have modified the tools used to detect it

Defining GPO's in __________ gives you the ability to centralize security rules and control how windows applies each rule?

Active Directory

Which of the following products does MBSA not analyze?

Adobe acrobat

Which of the following is not a goal of a secure environment?

All required information is available to unauthorized users

Which type of encryption algorithm uses two related keys?

Asymmetric

What is the name of the process that proves you are who you say you are?

Authentication

Which of the following services does communication encryption not provide?

Availability

Which of the tenets of information security most directly serves the needs of authorized users?

Availability

Which type of plan addresses minor interruption such as a power outage lasting several hours?

BCP

A recovery strategy that installs the operating system and all software and data on a completely new physical computer is called a _____.

Bare Metal Recovery

Which windows feature allows you to encrypt entire volumes?

BitLocker

The Morris worm explained this vulnerability

Buffer Overflow

Which of the following terms refers to an alternate recovery site that has the basic infrastructure in place, but no configured hardware and no software installed?

Cold Site

Which of the tenets of information security is most related to need-to-know property?

Confidentiality

What structure does the windows operating system use to store collections of permissions for objects?

DACL

Which Microsoft windows server 2008 R2 edition would be most appropriate for large-scale deployment using extensive virtualization?

Datacenter

Using removable media for backups generally ______ data confidentiality, as opposed to using internal disks?

Decreases

Which windows feature uses keys based on a user's password?

EFS

A baseline is the initial settings in a newly installed system?

False

A local resource is any resource connected to the local LAN/

False

A valid backup is all an organization needs to recover from a disaster?

False

Only the Microsoft backup utilities can create valid backup images for windows computers?

False

The only valid uses for restoring a backup image are to recover lost data and quickly load programs and files on completely new computers?

False

Virtual Image snapshots can backup only virtual machines that are not running?

False

Windows will automatically cause a user logoff or system reboot after applying new or changed GPO's?

False

You can only edit user-specific group policy settings in the windows registry editor?

False

Which of the following could be classified as a logical control?

Firewall

Which type of identified was originally developed to identify ActiveX controls?

GUID

Windows stores each GPO in a subfolder with the same name as the ______ of the GPO?

GUID

Which of the following tools lists information about deployed GPO's and other computer specific attributes?

Gpinventory.exe

Which of the following resources is installed with windows?

Group Policy Best Practices Analyzer?

Which of the following statements best describes the relationship between security policy and group policy?

Group policy should implement security policy

Which of the following terms means identifying malware based on past experience?

Heuristic Analysis

Which of the following devices repeats input received to all ports?

Hub

Using removable media for backups generally _______ data availability, as opposed to using internal disks.

Increases

Which of the following is the strongest reason why operating system access controls are insufficient to secure objects?

It's possible to boot into another operating system and bypass access controls

Which protocol does the windows operating system use by default to authenticate computers to exchange security information?

Kerberos

Which term describes the central component of an operating system?

Kernel

What are the two run modes for windows programs?

Kernel mode and user mode

What piece of information is necessary to encrypt and decrypt data?

Key

Which type of the user account is designed using the principle of least privilege?

LUA

Which tool would you most likely use to edit group policy setting in a standalone computer?

Local group policy editor

Which of the following could be classified as a detective contro?

Log Monitor

Which security scanner looks for weak passwords?

MBSA

The security configuration and analysis tool operates at a snap in to the ______.

MMC

Which of the following best describes a zero-day attack?

Malware that is actively exploiting an unknown vulnerability

Who holds the primary responsibility to ensure the security of an organization's information?

Management

Which of the following options are valid approaches to recovering from lost data?

Manually reconstruct lost data & restore from a backup

Which command-line tool provides the same scanning capability as MBSA?

Mbsacli

A ________ is a network that generally spans several city blocks.

Metropolitan Area Network

Which of the following windows components resides in memory to provide the core operating system services.

Microkernel

When designing an audit strategy, you should log access attempts on the ____ number of objects?

Minimum

Does turning off a computer make the information it contains secure?

No, Because secure data must still be available to authorized users.

If a user, userA, is a member of groupA and groupB, and groupB allows read access to helloWorld.c but groupA denies read access to helloWorld.c can user A read helloWorld.c

No, because groupB denies read access to helloWorld.c

Which security scanner runs in a web browser and doesn't require that you install a product before scanning?

OSI

Which of the following statements best describe the relationship between profiling and auditing?

Profiling is often a part of auditing

Which of the following best describes UAC?

Prompts users before escalating to administrator privileges

What is the main goal of information security?

Protect information from unauthorized use

Which of the following best describes the principle of least privilege?

Providing just the necessary access required to carry out a task?

You can use the _____ tool to view the effective settings after all current GPO's are applied to a specific user.

RSOP

Which of the following is the focus of data availability?

Recovery plan

What is the best first step to take if initial actions to remove malware are not successful?

Rescan for malware

Which type of malware modifies or replaces parts of the operating system to hide the fact that the computer has been compromised?

Rootkit

Which Microsoft tool analyzes a computer's settings and computers its configuration with a baseline?

SCA

Which type of identifier is used to identify user groups?

SID

Which protocol commonly provides a secure channel for HTTPS?

SSL/TLS

Which VPN protocol has the fewest issues with NAT's and firewalls?

SSTP

What does NetChk protect limited do that MBSA does not do?

Scans legacy Microsoft products

Which command-line tool provides the same scanning capability as SCA?

Secedit

Which of the following features allows you to restrict the groups to which a GPO applies?

Security Filter

Stored setting that make up a baseline are stored in which type of files?

Security Template

Where is the most likely place a database management system would run?

Server

Which of the following anti-malware components is also referred to as a real-time scanner?

Shield

Which term describes a unique set of instructions that identify malware code?

Signature

A baseline, also called a ______, is a collection of settings at a specific point in time.

Snapshot

When viewing and object's DACL, which permission indicates that advanced permissions have been set?

Special Permissions

Which type of malware covertly primarily collects pieces of information?

Spyware

Where does BitLocker store encryption keys for transparent mode?

TPM

Which of the following best describes RTO?

The goal for how much time a recovery effort should take

According to the Microsoft EULA what is the extent of the damages that can be recovered due to a windows fault?

The price paid for the software license

What is the main purpose of an audit?

To validate compliance

Which type of malware disguises itself as a useful program?

Trojan

MBSA automatically ranks vulnerabilities by severity?

True

The windows group policy feature provides a centralized set of rules that govern the way windows operates?

True

the wbadmin command-line utility performs the same functions as the Microsoft windows backup and restore utility on windows workstations?

True

Which type of authentication is a smart card?

Type 2

What is the best first step to take when malware is discovered soon after installing new software?

Uninstall the new software

Which of the following is the best description of the defense in depth strategy?

Using multiple layers of security to protect resources

Which of the following terms describes a secure location to store identified malware?

Vault

Which of the following is the weakest wireless protocol?

WEP

Which of the following features allows you to restrict the types of operating systems to which a GPO applies?

WMI Filter

Which of the following do you not need to tell the Microsoft windows backup and restore utility?

What type of backup (full, incremental, blocks versus files)

Which folder does windows use to store AD GPO's on the domain controller?

Windows

Which anti-malware tool is included with windows 7?

Windows Defender

Which operating system does not have BitLocker enabled by default?

Windows Server 2008

Which type of malware is a standalone program that replicates and sends itself to other computers?

Worm


Set pelajaran terkait

105.1-105.20 // Sculpture Cut // Lesson Challenge

View Set

Which of the following is not a coping strategy

View Set

CCC Chapter 12, & 13 review for a & p

View Set

10 Features of the Davidic Kingdom Covenant and how they are fulfilled

View Set

Assessment of Professional Knowledge: Elementary

View Set

Chapter 6 Test - Consumer Awareness?

View Set