MTA 98-367 Questions
7.The highest setting that account lockout duration can use is _____.
99,999 minutes
16.Which of the following is used to stop a program from running on a Windows 10 system? a.AppLocker b.Windows Defender c.Microsoft Passport d.Smart card
A.AppLocker
Which of the following is the primary authentication used on Microsoft Active Directory? a.LDAP b.KERBEROS C.NTLAN d.SSO
A.LDAP B.Kerberos D.SSO
Which of the following is the master time keeper and master for password changes in an Active Directory domain? a.PDC Emulator b.RID c.Infrastructure master dSchema master
A.PDC Emulator
9.The three configuration settings for account lockout are _____, _____, and _____.
Account lockout duration Account lockout threshold Reset Account lockout counter after
To track a user's activities in windows, it is necessary to enable____
Auditing (Site security also provides the ability to audit activities within the facility. This can be done through reviewing camera footage, badge reader logs, visitor registration logs, or other mechanisms.)
11.Which of the following uses the processor's virtualization to protect the PC, including data and credential tokens on the system's disks? a.virtual smart cards b.device guard C.credential guard d.windows hello
B.device guard c.credential guard (device guard and credential use Windows 10 virtual secure mode (VSM) which, in turn, uses the processor's virtualization to protect the PC, including data and credential tokens on the system's disks)
The information security acronym CIA stands for which of the following? a.Confidentiality, Identity, Access Control b.Confidentiality, Integrity, Access Control c.Confidentiality, Integrity, Availability D.Control, Identity, Access Control
C. Confidentiality, Integrity, Availability
Which file system offers the best security? a.FAT b.FAT32 c.NTFS d.EFS
C.NTFS (NTFS is the preferred file system because it supports large volumes up to 16 exabytes (EB) and long file names and it offers better security through permissions and encryption.)
Which of the following authorizes a user to perform certain actions on a computer? a.Permissions b.an encryption algorithm. c.Authentication protocol d.A right
D. A right
Which technology is used to encrypt an individual file on an NTFS volume? a.bitLocker b.BitLocker To Go c.PPTP D.EFS
D.EFS - Encrypting File System (can encrypt files on an NTFS volume that cannot be used unless the user has access to the keys required to decrypt the information.
What does DREAD stand for?
Damage potential Reproducibility Exploploitability Affected users Discoverability
4.A type of attack that uses an extensive list of potential passwords is known as a _____.
Dictionary attack
The ___ holds a copy of the centralized database used in Active Directory.
Domain Controller A Windows server that stored a replica of the account and security information of the domain and defines the domain boundaries)
1.A set of rules which allow an administrator granular control over the configuration of objects in Active Directory (AD), including user accounts, operating systems, applications, and other AD objects is known as a _____.
Group Policy Object (GPO)
Specify the correct order of steps necessary for performing threat modeling. Create an architecture overview Identify assets Rate the threats Decompose the security components and applications Identify the threats Document the threats
Identify assets create an architecture overview decompose the security components and applications identity the threats document the threats rate the threats
A business traveler notices that there is an extra connector between the keyboard and the computer in a business center. She has most likely encountered a(n)_____.
Keylogger
10. A _____ is a type of account that might be configured so that the password will not expire.
Maximum password age If the maximum password age is set to 0, the passwords never expire.
As the security manager for a medium-sized bank, you have been asked to design a security solution to keep a bank robber out of the bank after hours. The three areas of the bank that need to be secured are the parking lot, the building perimeter, and the vault. List the technologies that should be used in each area of the bank.
Parking lot-(external perimeter ->parking lot lights, perimeter fence, guard patrols, cameras) building perimeter -(internal perimeter ->security cameras gate with guard, gate with access badge reader) vault - (secure areas->biometric technology, security cameras, security doors, x-ray scanner, metal detectors, intrusion detection system)
3.The setting which determines the number of unique passwords that must be used before a password can be reused is the _____.
Password history
a(n)_____defines the type of access over an object of the properties of an object such as an rtfs file or printer.
Permission (the types of access that is granted to an object (an object can be identified with a security identifier) or object attribute.)
An____is a secret numeric password shared between a user and a system that can be used to authenticate the user to the system.
Pernonal Identification Number (PIN)
Which service is used for centralized authenticaiton, authorization, and accounting? a.VPM B.PGP c.RADIUS D.PKI
RADIUS (and TACACS+ are two protocols for authentication, authorization and accounting)
The centralized database that holds most of the Windows configurations is know as the ____.
Registry (a central, secure database in which Windows stores all hardware configuration information, software configurations information, and system security policies.)
A pocket-sized card with embedded integrated circuits used for authentication is know as a(n)____
Smart Card
What is STRIDE short for?
Spoofing Tampering Repudiation Information disclosure Denial of service Elevation of privilege
As an IT administrator for the Contoso Corporation, your CIO wants you to investigate the corporation using biometrics. The CIO understands what biometrics is and how it can be used. But he does not understand the disadvantages of using biometrics. Describe your recommended solution.
They need to consider th biometric method, consider its performance, difficulty, reliability, acceptance, and cost. also consider false rejection rate (false negative) and false acceptance rate (false positive)
1.The CIO at the Contoso Corporation indicates that he just received a message on his com- puter stating that he must change his password. He wants to know why he should change the password to a relatively long password on a regular basis. Describe your explanation.
To prevent attacks, password cracking, and threats
Which permission is granted directly to the file or older? a.Explicit b.Inherited c.Effective d.Share
a. Explicit permission
Which NTFS permission is needed to change attributes and permissions? a.Full Contril b.Modify c.Read & Execute d.Write
a. full control
4.Which of the following is the best thing to do to protect a computer against malware, besides installing an antivirus software package? (Choose the best answer.) a.keep the computer up-to-date with the latest security patches b.reboot the computer on a regular basis c.change the password on a regular basis d.spoof the ip address
a. keep the computer up-to-date with the latest security patches
When traveling on business and headed out to dinner with a client, which of the following should be done to secure a laptop> (Choose the best answer) a.Lock it in the car trunk b.Store it out of sight in s dresser drawer c.Secure it in to a piece of furniture with a laptop security cable d.Check it at the front desk
a. locking it in the car trunk (keep your equipment with you, use a safe)
Which of the following are valid risk responses? (Choose all that apply) a.Mitigation b.Transfer c.Investment d.Avoidance
a. mitigation b.transfer d.avoidance (avoidance, acceptance, mitigation, and transfer)
Which of the following would not be a biometric device? a.Password reader b.Retina Scanner c.Fingerprint Scanner D.Face scanning
a. password reader
Which of the following technologies could be used to help ensure the confidentiality of proprietary manufacturing techniques for an auto parts manufacturing business? (Choose all that apply) a.Strong encryption B.Guard patrols c.A laptop safe d.Strong authentication
a. strong encryption b.guard patrols d. strong authentication (stringent access controls)
9.Which host-based firewall software comes with Windows 10? a. Windows firewall b.windows protected mode c.UAC d.Windows guardIT
a. windows firewall
Which of the following uses an ACL?(Choose all that apply) a.NTFS folder b.Active directory user c.Registry key d.Logon rights
a.NTFS folder (NTFS files and folders, printers, and active directory objects.)
6.Which technology is used by Windows to prevent unauthorized changes to your system? a.UAC B.Protected mode c.windows defender d.protectGuard
a.UAC - User account control (a feature that was introduced in Windows Vista. Helps prevent unauthorized changes to your computer, thereby helping to protect your system from malware)
5.Which of the following are common password attacks? (Choose all that apply.) a.Cracking b.Phreaking c.Phishing d.Leaking e.Brute force
a.cracking e. brute force
15.Which of the following refers to a social engineering technique in which a user receives an email stating that his account has just expired and he should log on to a legitimate- looking website to fix the problem? a.phishing b.pharming c.phaking D.spoofing the IP address
a.fishing
Which type of network traffic originates from outside the network routers and precedes towards a destination inside the network? a.ingress b.egress c.traverse D.encrypted
a.ingress (Egress traffic is network traffic that begins inside a network and proceeds through its routers to its destination somewhere outside of the network)
7.Which setting should be applied to ensure that a possible dictionary attack against a Windows application server has a limited chance at success? (Choose the best answer.) a.minimum password length b.account lockout theshold c.passworkd history d.maximum password age
a.minimum password length
Which of the following refers to the process of disabling unneeded service and ports to make the system more secure? A.reducing the attack surface area b.mitigating a Trojan horse c.Security avoidance d.Defense in depth
a.reducing the attack surface area
Which physical device is used to authenticate users base on what a user has? a.smart card b. Windows hello c.universal windows platform d.device guard
a.smart card
2.The number of incorrect logon attempts permitted before the system will lock the account is known as _____.
account lockout
A Risk Manager for medium-sized pharmaceutical company who is asked to perform a formal risk analysis would most likely record the result of the risk assessment in a(n)___.
attach surface analysis
_____ refers to the risk of an event that remains after measures have been taken to reduce the likelihood or minimize the effect of the event.
attack surface
If a user is deploying technologies to restrict access to a resource, they are practicing the____security principle
availability core security principle
13.SMTP uses which of the following TCP ports? a.43 B.25 c.80 d.443
b. 25
3.Which of the following is the maximum setting for Minimum Password Age? a.14 b.999 c.998 d.256
b. 998
7.When using UAC, which of the following tasks requires administrative permissions or rights? a.install updates from windows update b.change the date and time c.Reset the network adapter d.install drivers from windows update
b. reset the network adapter (DO NOT require administrative permissions or rights install updates from Windows Update Install drivers from windows update view windows settings pair bluetooth devices with the computer reset the network adapter and perform network diagnostic)
Which type of key has one key for encryption and different key for decryption? a.symmetric b.asymmetric c.hash function D.PKI
b.Asymmetric
Which of the following statements best describes the concept of core security principles? a.Core security principles refer to the internal security perimeter when setting up a layered physical security environment. b.Core security principles refer to the principle of confidentiality, availability, and integrity c.Core security principles refer to leveraging security best practices d.Core security principles refer to the four methods of addressing risk.
b.Core security principles refer to the principle of confidentiality, availability, and integrity
11.Which of the following tasks is recommended if sensitive or confidential information is stored in offline files? a.clear the cache b.encrypt the offline files c.clear the cookies d.execute ipconfig /renewip
b.encrypt the offline files
Which type of account is used with outlook.com and OneDrive and can be used to synchronize a desktop across multiple computers? a.Domain account B.microsoft account b.local account D.virtual account
b.microsoft account
Which of the following would be considered appropriate security measures for a building's external security perimeter? (Choose all that apply) a.Motion detector b.Parking lot lights c.Turnsile d.Guard patrols
b.parking lot lights d.guard patrols (security cameral, perimeter fence, gate with guard, gate with access badge reader)
9.Which two features in Windows Server 2008 and higher permit the use of fine-grained password policies? (Choose two.) a.global policy objective b.password settings container c.password settings object d.password policy
b.password setting container c.password settings object
3.Which of the following is most likely the problem when a computer seems to be slow and a different default web page displays? a.the ISP has slowed the network connection B.the computer has been infected with malware c.the computer has not been updated D.the user accidentally clicked the turbo button
b.the computer has been infected with malware
When copying a file or folder to a new volume, which permissions are acquired? A.the same permissions that it had before b.the same permissions as the target folder c.the same permissions as the source folder. d.no permissions
b.the same permissions as the target folder
1.Which type of malware copies itself onto other computers without the owner's consent and will often delete or corrupt files? a.Virus b.Worm c.Trojan horse D.Spyware
b.worm
Which of the following are not valid password controls? (Choose all that apply.) a.Minimum password age b. Maximum password age c.Maximum Password Length d.Account Lockout Threshold e.Password History
c Maximum password length
2.Which of the following would be an acceptable password on a Windows 10 Pro system with Password Complexity enabled and a minimum password length set to 8? (Choose all that apply. a.Summer2010 b.$$Thx17 c. ^^RGood4U d. Password e. St@rTr3k
c, d
10.Which program can be used to configure IPsec on a computer running Windows Server 2016? a.windows firewall with IPsec Plugin b.IPsec Monitor c.Windows Firewall with Advanced Security d.IPsec Configuration console
c. Windows firewall with advanced security
14. When using IE, how many content zones are there? a.1 b.2 c.4 D.8
c.4
Which infrastructure is used to assign and validate digital certificates? a.asymmetric algorithm b.active directory c.pki d.vpn
c.PKI (Public Key Infrastructure) (a system consisting of hardware, software, policies, and procedures that create, manage, distribute, use, store, and revoke digital certificates
Local user accounts are found in which of the following? a.Active directory b.Registery C.SAM D.LDAP
c.SAM (Security Account Manager)
10.Which of the following explains why a minimum password age would be set? a.To ensure that no one can guess a password b.To stop someone from trying over and over to guess a password c.To make sure a user cannot reset a password multiple times until he or she can reuse his or her original password d.To automatically reset a password
c.To make sure a user cannot reset a password multiple times until he or she can reuse his or her original password
19Which of the following is a free tool that allows administrators to quickly configure and manage desktops and users using Group Policy? a.STRIDE B.DREAD c.Trusted Platform Module d.Security Compliance Manager
c.Trusted Platform Module
Which of the following are considered removable devices or drives? (Choose all that apply) a.iPod b.Notebook c.USB flash drive d.Burnable DVD drive
c.USB flash drive d.burnable DVD drive
12.Which of the following tasks should be performed if legitimate emails are being blocked at a spam-blocking device? a.flush out the quarantined items b.reboot the spam-blocking device c.add the email address or domain to the allow list D.add the email address or domain to the block list.
c.add the email address or domain to the allow list
Which of the following refers to the process of eliminating a risk by choosing to not engage in an action or activity? a.Mitigation b.Residual risk c.Avoidance d.Acceptance
c.avoidance
Which of the following is not a method for authentication? A.Something the user knows B.Something the user owns or possesses c.Encryption d. Something a user is
c.encryption
5.Which of the following refers to a thoroughly tested, cumulative set of hotfixes and other patches? a.recommended update b.hotfix pack c.service pack d.critical update
c.service pack (a tested, cumulative set of hotfixes, security updates, critical updates, and updates, as well as additional fixes for problems found internally since the release of the product)
______ is characteristic of a business resource—ensuring access is restricted to only permitted users, applications, or computer systems.
confidentiality
The consistency, accuracy, and validity of data or information is called____.
core security principles (CIA)
4.Which of the following corresponds with the minimum and maximum password history settings for securing a Windows 10 Pro workstation image? (Choose the best answer.) a.0, 14 b.1, 14 c.0, 14 D.1, 24 e.0, 998
d.0,24
As the Chief Security Officer for a small medical records processing company, you have just finished setting up the physical security for your new office. You have made sure that the parking lot is illuminated that you have guards at the door as well as doing periodic patrols, and you have badge readers throughout the building at key locations. You also have put biometric access technology on the data center door. And of course, you have cameras in the parking lot, building entrances, and the data center entrances. This type of implementation is know as: (Choose the best answer) a.Access Control b.Core Security Principles C.Security best practice d.Defense in depth.
d.Defense in depth (Physical security uses a defense-in-depth or a layered security approach that controls who can physically access resources of an organization.)
8.When attempting to change the display settings, which of the following causes a pop-up that prompts if a user wants to continue? a.windows firewall b.protected mode c.windows update d.UAC
d.UAC
12.In Windows 10, which component is used by Device Guard and Credential Guard to protect the PC? a.windows store b.virtual smart cards c.windows hello d.virtual secure mode
d.Virtual secure mode (VSM) (device guard and credential use Windows 10 virtual secure mode (VSM) which, in turn, uses the processor's virtualization to protect the PC, including data and credential tokens on the system's disks)
6.Which of the following refers to a form of brute force password attack that uses an extensive list of pre-defined passwords? (Choose the best answer.) a.bible b.cracking C.guessing D.dictionary
d.dictionary
8.Which Administrative Tool should be used to configure password control settings on a new standalone server? a.active directory users and computers b.computer management c.security service d.local security policy
d.local security policy
2.Which type of malware collects personal information or browsing history, often without the user's knowledge? a.virus b.worm c.Trojan horse d.Spyware
d.spyware
8.In a Windows Server 2016 Active Directory, the _____ automatically applies in the event that a fine-grained password policy has not been set.
default domain policy
Deploying multiple layers of security technology to defend assets is called_____.
defense in depth
An IT Manager for a Legal Services company with 5,000 employees is in the process of rolling out new mobile devices to the Sales Department, Which technologies and best practices should be used to keep these systems physically secure?
docking station, laptop security cables, laptop alarm, theft recovery software
Which of the following is a two-factor authentication that uses an enrolled device and Windows Hello? a.Device Guard b.Credential Guard c.Virtual secure mode d.Microsoft passport
e.microsoft password (is a two-factor authentication that consists of an enrolled device, such as a smartphone, and a Windows Hello--biometric--or pin)
By default, a computer clock should not be off more than____ minutes or there might be problems with kerberos authentication
five (Kerberos authentication will work if the time interval between the relevant computers is within the maximum enabled time skew)
5.Using special software to read data as it is broadcasted on a network is called _____ the network.
honey net
As an IT administrator for the Contoso Corporation, your CIO needs to know when a particular user accessed a folder. However, the information was not available because auditing was not enabled. To ensure that this does not happen in the future, the CIO asks you to enable auditing for everything. Describe your recommended solution.
idk
The ____permission flow from the parent object to the child object
inherited permission (permission granted to a folder (parent object or container) that flow into child objects (subfolders or files inside the parent folder)
A server called Server1 is running Windows Server 2016. On Server1, a folder called Data is created and shared on the C drive. Within the Data folder, subfolders are created with each user's name within the organization. Each person's electronic paycheck is placed in each user's folder. Later, you find out that John was able to go in and change some of the electronic pay-check amounts, while also deleting some of the electronic paychecks. Explain which one (or more) of the CIA components was not followed.
integrity
1._______ is software that is designed to infiltrate or infect a computer usually with ill intent.
malware
When a folder cannot be accessed because someone removed the permissions so that no one can access it, it is necessary to take ___ to the folder
ownership (the owner of the object controls how permissions are set on the object and to whom permissions are granted. if, for some reason, access to a file or folder has been denied and the permissions need to be reset, take ownership of a file or folder and modify the permissions. all administrators automatically have the Take Ownership permission of all NTFS objects)
Your manager at the Contoso Corporation wants to put a training class together for end user security. He wants you to research the internet for three cases or instances where someone used social engineering to break into a system and describe how they attempted to get access.
phone call-service desk office - pictures spouse
6.The _____ option needs to be less than or equal to the Account Lockout Duration.
reset account lockout threshold
A device that may provide a second password to log on to a system is a(n)____
security token (other security tokens may automatically generate a second code that will have to be entered to get authenticated)
Implementing security measures must always be balanced with ____.
site security and computer security, securing removable devices and drives, access control, mobile device security, disabling the log on locally capability, and identifying and removing keyloggers
______ is a method used to gain access to data, systems, or networks, primarily though misrepresentation.
social engineering
An action or occurrence that could result in a breach is the security, outage, or corruption of a system by exploiting known or unknown vulnerabilities in a(n)_____.
threat
2.A(n) _______ is a self-replicating program that copies itself to other computers while consuming network resources.
worm