4236508
Frage 1
Frage
If you have a web server that needs to be accessible from both your internal network as well as the Internet, the most secure way to do this is to place the server;
Antworten
-
on the internet
-
on your internal network behind a firewall
-
in a DMZ
-
in a dual configuration
Frage 2
Frage
The best way to ensure that a role like DNS is installed on your Windows server using recognized industry practices is to use:
Antworten
-
SCW
-
BPA
-
sconfig
-
winrm
Frage 3
Frage
If you wish to test all your WIndows updates before allowing your clients to install the updates, you should
Antworten
-
Use GPO's to share updates and push them to your clients
-
have your clients download the updates from the Internet
-
Use a WSUS server
-
Use Mac clients, they don't need security updates
Frage 4
Frage
Window's "Core" refers to...
Antworten
-
The main product offerings in the Window's office suite, including Word, Excel, and PowerPoint
-
The Kernel and network configuration of he operating system
-
The parts of the Windows security centre which helps to secure a client machine
-
An installation of Windows Server which has an extremely limited user interface and software installation
Frage 5
Frage
During startup/logon, a Microsoft client will apply policies from different places, effecting how the machine is managed.
What order are these policies applied in?
Antworten
-
OU, Domain, Site, Local
-
Local, Site, Domain, OU
-
Local, Site, OU, Domain
-
Domain, OU, Local, Site
Frage 6
Frage
Fred is logged in as his standard (non-Root) user account. He needs to mount an external drive, fortunately his account is listed in the sudoers file; to run the mount command he can type;
Antworten
-
mount /dev/sda1 /~/usb
-
su -l THEN mount /dev/sda1 /~/usb
-
sudo mount /dev/sda1 /~/usb
-
rootmount /dev/sda1 /~/usb
Frage 7
Frage
In the previous question, assuming fred uses the correct command, and it works as expected, what will the result be?
Antworten
-
The external USB drive will be mounted
-
Fred will be prompted for his password
-
Fred will be prompted for the root password
-
Fred will be informed he cannot perform the action
Frage 8
Frage
You don't need to configure a default gateway to browse Internet websites if you have; *****
Antworten
-
A firewall
-
A proxy server
-
A NAT server
-
You ALWAYS have to have a default gateway to get access of of your network.
Frage 9
Frage
Deploying multiple Honeypots on your network is considered a;
Antworten
-
honeynet
-
beehive
-
honeyfarm
-
masquerade
Frage 10
Frage
What is the advantage of having an IDS system in the DMZ of your network
Antworten
-
It can stop attacks that are occurring against your servers that are hosted there
-
It doesn't slow internal network traffic from reaching the Internet
-
It can lure attacks against your systems away from your actual servers
-
It can log both the types of attacks and where they are originating from against your servers
Frage 11
Frage
To more securely host services that are accessible from the Internet you could;
Antworten
-
Place Internet servers in a screened subnet
-
Place Internet servers behind your Firewall
-
Put your servers in an Intranet
-
Put your servers in a Supernet
Frage 12
Frage
Why would you want to use Direct Access for your remote clients to allow access rather than a Virtual Private Network?
Antworten
-
Direct Access uses Kerberos for authentication, so user credentials are not passed over the Internet
-
Direct Access occurs automatically when a user is not on the internal network, allowing the machine to be updated without user interaction
-
Because Direct Access uses a separate secure tunnel to transmit credentials over the Internet
-
Direct Access uses the PKI of the Active Directory Network, making it more secure than a VPN
Frage 13
Frage
NAT is an example of:
Antworten
-
A stateful firewall
-
IPv4 to IPv6 translation
-
An application firewall
-
An IPSEC concentrator
Frage 14
Frage
In terms of threat assessment, what is a vulnerability?
Antworten
-
An extra gateway onto your network
-
Using Internet Explorer
-
A security weakness that could be exploited by a threat
-
Having low bandwidth and throughput on your gateway
Frage 15
Frage
In Linux, the firewall implements as..
Antworten
-
ipchains
-
natd
-
iptables
-
secured
Frage 16
Frage
On the inside of a properly firewalled network...
Antworten
-
There is no need for a local firewall
-
A local firewall provides depth of defense
-
A local firewall can stop unwanted traffic from compromised internal machines from reaching other machines on the inside
-
Both B and C above
Frage 17
Frage
A way to build a secure server configuration that can be exported to other servers is to;
Antworten
-
Run the BPA
-
Run sconfig
-
run winrm
-
run the SCW
Frage 18
Frage
To build a set of GPO's and policies to secure laptop machines on your network you can use;
Antworten
-
Use the Security Configuration Manager to generate the policies
-
Ghost the laptop with an image
-
Place the laptop in the DMZ
-
make sure the laptop is properly updated
Frage 19
Frage
What is an advantage to installing a Certificate Authority into your Active Directory structure and creating a PKI?
Antworten
-
It will encrypt all the data on your network
-
It stops the use of Kerberos authentication which is not very secure
-
It allows you to browse non-trusted web sites on the Internet securely
-
It can allow for trusted connection to Domains and computers outside your Domain
Frage 20
Frage
What is one of the security challenges of using imaging to setup your systems on the network?
Antworten
-
Images can be modified while getting pushed out to target machines
-
Systems are not updated properly
-
Administrative accounts have the same password on all machine
-
Base images can have rootkits installed into them
Möchten Sie mit GoConqr kostenlos Ihre eigenen Quiz erstellen? eigenen Mehr erfahren.