4236508
Pregunta 1
Pregunta
If you have a web server that needs to be accessible from both your internal network as well as the Internet, the most secure way to do this is to place the server;
Respuesta
-
on the internet
-
on your internal network behind a firewall
-
in a DMZ
-
in a dual configuration
Pregunta 2
Pregunta
The best way to ensure that a role like DNS is installed on your Windows server using recognized industry practices is to use:
Respuesta
-
SCW
-
BPA
-
sconfig
-
winrm
Pregunta 3
Pregunta
If you wish to test all your WIndows updates before allowing your clients to install the updates, you should
Respuesta
-
Use GPO's to share updates and push them to your clients
-
have your clients download the updates from the Internet
-
Use a WSUS server
-
Use Mac clients, they don't need security updates
Pregunta 4
Pregunta
Window's "Core" refers to...
Respuesta
-
The main product offerings in the Window's office suite, including Word, Excel, and PowerPoint
-
The Kernel and network configuration of he operating system
-
The parts of the Windows security centre which helps to secure a client machine
-
An installation of Windows Server which has an extremely limited user interface and software installation
Pregunta 5
Pregunta
During startup/logon, a Microsoft client will apply policies from different places, effecting how the machine is managed.
What order are these policies applied in?
Respuesta
-
OU, Domain, Site, Local
-
Local, Site, Domain, OU
-
Local, Site, OU, Domain
-
Domain, OU, Local, Site
Pregunta 6
Pregunta
Fred is logged in as his standard (non-Root) user account. He needs to mount an external drive, fortunately his account is listed in the sudoers file; to run the mount command he can type;
Respuesta
-
mount /dev/sda1 /~/usb
-
su -l THEN mount /dev/sda1 /~/usb
-
sudo mount /dev/sda1 /~/usb
-
rootmount /dev/sda1 /~/usb
Pregunta 7
Pregunta
In the previous question, assuming fred uses the correct command, and it works as expected, what will the result be?
Respuesta
-
The external USB drive will be mounted
-
Fred will be prompted for his password
-
Fred will be prompted for the root password
-
Fred will be informed he cannot perform the action
Pregunta 8
Pregunta
You don't need to configure a default gateway to browse Internet websites if you have; *****
Respuesta
-
A firewall
-
A proxy server
-
A NAT server
-
You ALWAYS have to have a default gateway to get access of of your network.
Pregunta 9
Pregunta
Deploying multiple Honeypots on your network is considered a;
Respuesta
-
honeynet
-
beehive
-
honeyfarm
-
masquerade
Pregunta 10
Pregunta
What is the advantage of having an IDS system in the DMZ of your network
Respuesta
-
It can stop attacks that are occurring against your servers that are hosted there
-
It doesn't slow internal network traffic from reaching the Internet
-
It can lure attacks against your systems away from your actual servers
-
It can log both the types of attacks and where they are originating from against your servers
Pregunta 11
Pregunta
To more securely host services that are accessible from the Internet you could;
Respuesta
-
Place Internet servers in a screened subnet
-
Place Internet servers behind your Firewall
-
Put your servers in an Intranet
-
Put your servers in a Supernet
Pregunta 12
Pregunta
Why would you want to use Direct Access for your remote clients to allow access rather than a Virtual Private Network?
Respuesta
-
Direct Access uses Kerberos for authentication, so user credentials are not passed over the Internet
-
Direct Access occurs automatically when a user is not on the internal network, allowing the machine to be updated without user interaction
-
Because Direct Access uses a separate secure tunnel to transmit credentials over the Internet
-
Direct Access uses the PKI of the Active Directory Network, making it more secure than a VPN
Pregunta 13
Pregunta
NAT is an example of:
Respuesta
-
A stateful firewall
-
IPv4 to IPv6 translation
-
An application firewall
-
An IPSEC concentrator
Pregunta 14
Pregunta
In terms of threat assessment, what is a vulnerability?
Respuesta
-
An extra gateway onto your network
-
Using Internet Explorer
-
A security weakness that could be exploited by a threat
-
Having low bandwidth and throughput on your gateway
Pregunta 15
Pregunta
In Linux, the firewall implements as..
Respuesta
-
ipchains
-
natd
-
iptables
-
secured
Pregunta 16
Pregunta
On the inside of a properly firewalled network...
Respuesta
-
There is no need for a local firewall
-
A local firewall provides depth of defense
-
A local firewall can stop unwanted traffic from compromised internal machines from reaching other machines on the inside
-
Both B and C above
Pregunta 17
Pregunta
A way to build a secure server configuration that can be exported to other servers is to;
Respuesta
-
Run the BPA
-
Run sconfig
-
run winrm
-
run the SCW
Pregunta 18
Pregunta
To build a set of GPO's and policies to secure laptop machines on your network you can use;
Respuesta
-
Use the Security Configuration Manager to generate the policies
-
Ghost the laptop with an image
-
Place the laptop in the DMZ
-
make sure the laptop is properly updated
Pregunta 19
Pregunta
What is an advantage to installing a Certificate Authority into your Active Directory structure and creating a PKI?
Respuesta
-
It will encrypt all the data on your network
-
It stops the use of Kerberos authentication which is not very secure
-
It allows you to browse non-trusted web sites on the Internet securely
-
It can allow for trusted connection to Domains and computers outside your Domain
Pregunta 20
Pregunta
What is one of the security challenges of using imaging to setup your systems on the network?
Respuesta
-
Images can be modified while getting pushed out to target machines
-
Systems are not updated properly
-
Administrative accounts have the same password on all machine
-
Base images can have rootkits installed into them
¿Quieres crear tus propios Tests gratis con GoConqr? Más información.