net security q2

Beschreibung

information technology
Ali Sahar
Quiz von Ali Sahar, aktualisiert more than 1 year ago
Ali Sahar
Erstellt von Ali Sahar vor fast 9 Jahre
3
0

Zusammenfassung der Ressource

Frage 1

Frage
If you have a web server that needs to be accessible from both your internal network as well as the Internet, the most secure way to do this is to place the server;
Antworten
  • on the internet
  • on your internal network behind a firewall
  • in a DMZ
  • in a dual configuration

Frage 2

Frage
The best way to ensure that a role like DNS is installed on your Windows server using recognized industry practices is to use:
Antworten
  • SCW
  • BPA
  • sconfig
  • winrm

Frage 3

Frage
If you wish to test all your WIndows updates before allowing your clients to install the updates, you should
Antworten
  • Use GPO's to share updates and push them to your clients
  • have your clients download the updates from the Internet
  • Use a WSUS server
  • Use Mac clients, they don't need security updates

Frage 4

Frage
Window's "Core" refers to...
Antworten
  • The main product offerings in the Window's office suite, including Word, Excel, and PowerPoint
  • The Kernel and network configuration of he operating system
  • The parts of the Windows security centre which helps to secure a client machine
  • An installation of Windows Server which has an extremely limited user interface and software installation

Frage 5

Frage
During startup/logon, a Microsoft client will apply policies from different places, effecting how the machine is managed. What order are these policies applied in?
Antworten
  • OU, Domain, Site, Local
  • Local, Site, Domain, OU
  • Local, Site, OU, Domain
  • Domain, OU, Local, Site

Frage 6

Frage
Fred is logged in as his standard (non-Root) user account. He needs to mount an external drive, fortunately his account is listed in the sudoers file; to run the mount command he can type;
Antworten
  • mount /dev/sda1 /~/usb
  • su -l THEN mount /dev/sda1 /~/usb
  • sudo mount /dev/sda1 /~/usb
  • rootmount /dev/sda1 /~/usb

Frage 7

Frage
In the previous question, assuming fred uses the correct command, and it works as expected, what will the result be?
Antworten
  • The external USB drive will be mounted
  • Fred will be prompted for his password
  • Fred will be prompted for the root password
  • Fred will be informed he cannot perform the action

Frage 8

Frage
You don't need to configure a default gateway to browse Internet websites if you have; *****
Antworten
  • A firewall
  • A proxy server
  • A NAT server
  • You ALWAYS have to have a default gateway to get access of of your network.

Frage 9

Frage
Deploying multiple Honeypots on your network is considered a;
Antworten
  • honeynet
  • beehive
  • honeyfarm
  • masquerade

Frage 10

Frage
What is the advantage of having an IDS system in the DMZ of your network
Antworten
  • It can stop attacks that are occurring against your servers that are hosted there
  • It doesn't slow internal network traffic from reaching the Internet
  • It can lure attacks against your systems away from your actual servers
  • It can log both the types of attacks and where they are originating from against your servers

Frage 11

Frage
To more securely host services that are accessible from the Internet you could;
Antworten
  • Place Internet servers in a screened subnet
  • Place Internet servers behind your Firewall
  • Put your servers in an Intranet
  • Put your servers in a Supernet

Frage 12

Frage
Why would you want to use Direct Access for your remote clients to allow access rather than a Virtual Private Network?
Antworten
  • Direct Access uses Kerberos for authentication, so user credentials are not passed over the Internet
  • Direct Access occurs automatically when a user is not on the internal network, allowing the machine to be updated without user interaction
  • Because Direct Access uses a separate secure tunnel to transmit credentials over the Internet
  • Direct Access uses the PKI of the Active Directory Network, making it more secure than a VPN

Frage 13

Frage
NAT is an example of:
Antworten
  • A stateful firewall
  • IPv4 to IPv6 translation
  • An application firewall
  • An IPSEC concentrator

Frage 14

Frage
In terms of threat assessment, what is a vulnerability?
Antworten
  • An extra gateway onto your network
  • Using Internet Explorer
  • A security weakness that could be exploited by a threat
  • Having low bandwidth and throughput on your gateway

Frage 15

Frage
In Linux, the firewall implements as..
Antworten
  • ipchains
  • natd
  • iptables
  • secured

Frage 16

Frage
On the inside of a properly firewalled network...
Antworten
  • There is no need for a local firewall
  • A local firewall provides depth of defense
  • A local firewall can stop unwanted traffic from compromised internal machines from reaching other machines on the inside
  • Both B and C above

Frage 17

Frage
A way to build a secure server configuration that can be exported to other servers is to;
Antworten
  • Run the BPA
  • Run sconfig
  • run winrm
  • run the SCW

Frage 18

Frage
To build a set of GPO's and policies to secure laptop machines on your network you can use;
Antworten
  • Use the Security Configuration Manager to generate the policies
  • Ghost the laptop with an image
  • Place the laptop in the DMZ
  • make sure the laptop is properly updated

Frage 19

Frage
What is an advantage to installing a Certificate Authority into your Active Directory structure and creating a PKI?
Antworten
  • It will encrypt all the data on your network
  • It stops the use of Kerberos authentication which is not very secure
  • It allows you to browse non-trusted web sites on the Internet securely
  • It can allow for trusted connection to Domains and computers outside your Domain

Frage 20

Frage
What is one of the security challenges of using imaging to setup your systems on the network?
Antworten
  • Images can be modified while getting pushed out to target machines
  • Systems are not updated properly
  • Administrative accounts have the same password on all machine
  • Base images can have rootkits installed into them
Zusammenfassung anzeigen Zusammenfassung ausblenden

ähnlicher Inhalt

CCNA Security Final Exam
Maikel Degrande
Security Guard Training
Summit College
ISACA CISM Exam Glossary
Fred Jones
Security
annelieserainey
Securities Regulation
harpratap_singh
2W151 Volume 1: Safety and Security - Quiz 7
Joseph Whilden J
Security Quiz Review
Rylan Blah
Security Policies
indysingh7285
2W151 Volume 1: Safety and Security - Quiz 6
Joseph Whilden J
Security (2)
Daniel Freedman
Certified Security Compliance Specialist
jnkdmls