Microsoft Security Exam Prep
Cookies impact security by enabling:
1. Storage of Web site passwords. 2. Web sites to track browsing habits.
To prevent users from copying data to removable media, you should: Select one: 1. Lock the computer cases 2. Apply a group policy 3. Disable copy and paste 4. Store media in a locked room
2. Apply a group policy
Which type of firewall allows for inspection of all characteristics of a packet? Select one: 1. NAT 2. Stateful 3. Stateless 4. Windows Defender
2. Stateful
You are an intern and are working remotely. You need a solution that meets the following requirements: Allows you to access data on the company network securely, Gives you the same privileges and access as if you were in the office, What are two connection methods you could use? (Choose two.) 1. Forward Proxy 2. Virtual Private Network (VPN) 3. Remote Access Service (RAS) 4. Roaming Profiles
2. Virtual Private Network (VPN) 4. Roaming Profiles
Which attack listens to network traffic of a computer resource? Select one: 1. Resource gathering 2. Denial of service 3. ARP poisoning 4. Eavesdropping 5. Logic bomb
4. Eavesdropping
What is an example of non-propagating malicious code?
A backdoor
The ______________ controls, enforces, and assigns security policies and access rights for all users.
Active Directory
What enables access to all of the logged-in user's capabilities on a computer?
ActiveX controls
Network Access Protection (NAP) enables administrators to control access to network resources based on a computer's:
Configuration
Passwords that contain recognizable words are vulnerable to a:
Dictionary Attack
_____ refers to a physical threat that a hacker might use to look for information about a computer network.
Dumpster Diving
Keeping a server updated:
Fixes security holes
This question requires that you evaluate the underlined text to determine if it is correct. The first line of defense against attacks from the Internet is a ________________.
Hardware Firewall
You create a web server for your school. When users visit your site, they get a certificate error that says your site is not trusted. What should you do to fix this problem?
Install a certificate from a trusted Certificate Authority (CA).
How does the sender policy framework (SPF) aim to reduce spoofed email?
It provides a list of IP address ranges for particular domains so senders can be verified.
The purpose of User Account Control (UAC) is to:
Limit the privileges of software
The purpose of Microsoft Baseline Security Analyzer is to:
List system vulnerabilities.
Windows Server Update Services (WSUS) is a tool that:
Manages updates for Microsoft software
To implement WPA2 Enterprise, you would need a/an:
RADIUS server
The WPA2 PreShared Key (PSK) is created by using a ___________________ and salting it with the WPS PIN.
Service Set Identifier (SSID)
For each of the following statements, select Yes if the statement is true. Otherwise, select No. Each correct selection is worth one point. There are several built-in audit policies and advanced audit policies in Windows. Advanced audit policies applied by a Group Policy are compatible with a basic audit policy A system access control list (SACL) enables administrators to log attempts to access a secured object
YES No yes
For each of the following statements, select Yes if the statement is true. Otherwise, select No. Each correct selection is worth one point. Honey pots are primarily used to attract potential attackers or hackers By setting up a honey pot, an administrator can get insightful information about the attacker, such as IP address A honey pot is an appliance or piece of software that allows or denies network access based on a preconfigured set of rules
YES Yes no
YES OR NO: DNSSEC prevents spoofing of query responses Clients can verify that the DNS server that they are communicating with is legitimate DNSSEC prevents man-in-the-middle attacks for DNS queries
YES Yes yes