8.2.10 Client Pro Practice Questions
During the initial installation of your Windows system, you elected to use a local user account for authentication because you had not set up an online Microsoft account. You now realize that you want to synchronize your desktop theme, browser settings, passwords, and other settings to other computers that you use. To do this, you need to create an online Microsoft account that you can use when authenticating to other computers. Which of the following steps can you use to create the online account and begin using it to sign in? (Select two. Each answer is part of the complete solution.) Access http://www.online.microsoft.com and create a new Microsoft user account. Open the Settings app and click Accounts > Sign in with a Microsoft account instead. Open the Settings app and click Accounts > Sign-in options > Sign in with a Microsoft account instead. Access http://www.live.com and create a new Microsoft user account. Open the Settings app and click Accounts > Sign-in options > Create an online account.
Access http://www.live.com and create a new Microsoft user account. Open the settings app and click Accounts > Sign in with a Microsoft account instead EXPLANATION To create a online Microsoft account and begin using it to sign in, use the following steps: 1. Access http://www.live.com and create a new Microsoft user account. 2. Open the Settings app and select Accounts > Sign in with a Microsoft account instead. 3. Follow the remaining prompts to complete the process. REFERENCES TestOut Client Pro - 8.2 Authentication Management
You manage a Windows system that is shared by several users. The system is currently configured to require password changes every 42 days. But you are concerned that users are reusing their favorite passwords over and over, which violates your organization's security policy. Click the policies you would use in the Local Group Policy Editor to enforce this. (Select two.)
Enforce Password History Minimum Password Age EXPLANATION To keep users from reusing passwords, you need to enable and configure the following password policies: - Enforce password history requires users to input unique passwords. Set this to a high number to keep users from frequently repeating passwords. Windows can remember up to 24 old passwords. - Minimum password age keeps users from changing passwords immediately after they have reset their passwords. This prevents users from circumventing the password history policy by entering multiple passwords to get back to a preferred password. The value must be less than the maximum age and should be a setting greater than 0 (a setting of 0 allows the user to reset the password immediately). The Minimum password length policy prevents users from using passwords that are too short. The Password must meet complexity requirements policy prevents using passwords that are easy to guess or easy to crack. The Store passwords using reversible encryption is essentially equivalent to storing cleartext passwords. This setting should be disabled unless a specific application requires access to the plaintext password. REFERENCES TestOut Client Pro - 8.2 Authentication Management
Your office computer (from which you perform your day-to-day tasks) is a Windows system. You are currently signing into this computer using the account named Mary. However, this computer is also a member of the company's domain. Using the least amount of effort possible, you want to ensure that every time you connect to a shared folder on Server1, you authenticate by using an account named Admin. What should you do to accomplish this? From Credential Manager, click Add a Windows credential From the command line, run net use k: \\Server1\share From User Accounts, click Mange your credentials From Local Security Policy, modify the Access this computer from the network user right From the command line, run runas /user:admin
From Credential Manager, click Add a Windows credential. From User Accounts, click Manage your Credentials EXPLANATION You would use Credential Manager to accomplish this. You can get there directly from Control Panel or from User Accounts > Manage your credentials. Use Credential Manager to save the admin credentials for the network share. Credential Manager stores account credentials for network resources such as file servers and websites. Once saved, Credential Manager uses the same credentials every time the user tries to access the network resource. Note that this may be a security risk and some company policies may not let you do this. You can use the runas /user:admin command, but unless it's used with the /savecred switch the name and password will not be remembered. You would need to reenter it each time. Using the Local Security Policy to adjust the Access this computer from network user right only affects this computer but not the network share. Online identity integration allows users to link their Windows 7 authentication credentials to Windows Live (in the future it may allow you to link to other providers, such as Bing and MSN). The net use command maps a drive, but unless it's used with the /USER switch the name and password will not be remembered. You would log in to the network share as the current user (Mary). REFERENCES TestOut Client Pro - 8.2 Authentication Management
As an IT admin, you have 6 employees that all need the same level of access to the same resources. Using the least amount of effort, which of the following can be used to accomplish this? Group SID ACL Role
Group EXPLANATION A group is a collection of multiple user accounts that share needed rights, policy settings, and permissions. Security groups are given access to system resources through access control lists (ACLs). The security identification (SID) is a unique number used by the system for identification. A role is a collection of access rights. It is usually connected to an employee's responsibilities in an organization. REFERENCES TestOut Client Pro - 8.2 Authentication Management
Your Windows system is used by several people. As such, you want to increase security by requiring each user to create passwords that are at least ten characters long. You also want to prevent a user from signing into the computer after three unsuccessful attempts. What should you do in the Local Security Policy administration tool to configure these account policies? (Select two. Each answer is part of the complete solution.) Set the Enforce password history policy. Set the Account lockout duration policy. Set the Password complexity policy. Set the Minimum password length policy. Set the Account lockout threshold policy.
Set the Account lockout threshold policy Set the Minimum password length policy EXPLANATION Set the Minimum password length policy to require a password equal to or longer than the specified length. Set the Account lockout threshold policy to lock an account after the specified number of incorrect logon attempts. Enforce password history requires users to input a unique (previously unused) password when changing the password. This prevents users from reusing previous passwords. Password complexity prevents using passwords that are easy to guess or easy to crack. It forces passwords to include letters, symbols, and numbers. It also requires passwords of at least seven characters. But you cannot configure a longer password length requirement with this policy. Account lockout duration determines the length of time the account will be disabled (in minutes). The account is unlocked automatically when that time period expires. REFERENCES TestOut Client Pro - 8.2 Authentication Management
You want to prevent users from reusing old passwords. You also want to force them to use a new password for at least five days before changing it again. What should you do in the Local Security Policy administration tool to configure these account policies? (Select two. Each answer is part of the complete solution.) Set the Maximum password age policy. Set the Minimum password age policy. Set the Minimum password length policy. Set the Enforce password history policy. Set the Password must meet complexity requirements policy.
Set the Enforce password history policy Set the Minimum password age policy EXPLANATION You need to set the Enforce password history policy to prevent users from reusing old passwords. You also need to set the Minimum password age policy to prevent users from changing passwords too soon after they are created. Passwords must remain the same for at least the specified time period. You would use the Maximum password age policy to force periodic changes to the password. After the maximum password age has been reached, the user must change the password. You would use the Password complexity policy to require that passwords include letters, numbers, and symbols. This makes it harder for hackers to guess or crack passwords. You would use the Minimum password length policy to ensure that the password has the desired number of characters. REFERENCES TestOut Client Pro - 8.2 Authentication Management
A domain user has had multiple failed login attempts, but the account is not being locked out. You have set up and configured the Group Policy. Which of the following are possible reasons the account is not being locked out? (Select two.) The Group Policy was not applied to the user group The Account lockout threshold policy is set to 0 The Account lockout threshold policy is set to 10 The Account lockout duration policy is set to 0 The Reset account lockout counter after policy is set to 5
The Group Policy was not applied to the user group The Account lockout threshold policy is set to 0. EXPLANATION If the Account lockout threshold policy is set to 0, the account will never be locked out. When creating a Group Policy, it must be applied to the appropriate user group to take effect. If the Account lockout duration policy is set to 0, the account will be locked out until the administrator explicitly unlocks it. The Reset account lockout counter after policy determines the number of minutes that must elapse after a failed logon attempt before the counter resets to 0. If this is set to 5, it means that five minutes must pass to reset the counter to 0. If the Account lockout threshold policy is set to 10, the account will lock out for 10 minutes. REFERENCES TestOut Client Pro - 8.2 Authentication Management
Which of the following terms is a collection of a user's personal settings and data files? User account User profile Domain profile User preferences User rights
User profile EXPLANATION The collection of a user's personal settings and data files is called a user profile. The user profile ensures that the user's computing environment is always the same by restoring that user's custom settings each time they log on. User profiles may be stored either on the local system or on a domain controller. REFERENCES TestOut Client Pro - 8.2 Authentication Management
You are creating a new standard user on a Windows 10 system. By default, to which of the following groups will that user be automatically added? Administrators Users Power Users Remote Desktop Users
Users EXPLANATION If you create a standard user on a Windows system, that user is automatically made a member of the Users group. This user is not automatically added to any of the other groups. REFERENCES TestOut Client Pro - 8.2 Authentication Management
You are using Credential Manager to store usernames and passwords. Which of the following protected areas is used to store this information? Cleartext file Windows Credentials Encrypted text file Vault
Vault EXPLANATION The protected area that Credential Manager stores usernames and passwords in is called a vault. Usernames and passwords are not stored in a cleartext or even in an encrypted text file. Windows Credentials are the username and password used to log in. This is not where Credential Manager stores them. REFERENCES TestOut Client Pro - 8.2 Authentication Management