Ali Sahar
Test por , creado hace más de 1 año

information technology

3
0
0
Ali Sahar
Creado por Ali Sahar hace casi 9 años
Cerrar

net security q2

Pregunta 1 de 20

1

If you have a web server that needs to be accessible from both your internal network as well as the Internet, the most secure way to do this is to place the server;

Selecciona una de las siguientes respuestas posibles:

  • on the internet

  • on your internal network behind a firewall

  • in a DMZ

  • in a dual configuration

Explicación

Pregunta 2 de 20

1

The best way to ensure that a role like DNS is installed on your Windows server using recognized industry practices is to use:

Selecciona una de las siguientes respuestas posibles:

  • SCW

  • BPA

  • sconfig

  • winrm

Explicación

Pregunta 3 de 20

1

If you wish to test all your WIndows updates before allowing your clients to install the updates, you should

Selecciona una de las siguientes respuestas posibles:

  • Use GPO's to share updates and push them to your clients

  • have your clients download the updates from the Internet

  • Use a WSUS server

  • Use Mac clients, they don't need security updates

Explicación

Pregunta 4 de 20

1

Window's "Core" refers to...

Selecciona una de las siguientes respuestas posibles:

  • The main product offerings in the Window's office suite, including Word, Excel, and PowerPoint

  • The Kernel and network configuration of he operating system

  • The parts of the Windows security centre which helps to secure a client machine

  • An installation of Windows Server which has an extremely limited user interface and software installation

Explicación

Pregunta 5 de 20

1

During startup/logon, a Microsoft client will apply policies from different places, effecting how the machine is managed.

What order are these policies applied in?

Selecciona una de las siguientes respuestas posibles:

  • OU, Domain, Site, Local

  • Local, Site, Domain, OU

  • Local, Site, OU, Domain

  • Domain, OU, Local, Site

Explicación

Pregunta 6 de 20

1

Fred is logged in as his standard (non-Root) user account. He needs to mount an external drive, fortunately his account is listed in the sudoers file; to run the mount command he can type;

Selecciona una de las siguientes respuestas posibles:

  • mount /dev/sda1 /~/usb

  • su -l THEN mount /dev/sda1 /~/usb

  • sudo mount /dev/sda1 /~/usb

  • rootmount /dev/sda1 /~/usb

Explicación

Pregunta 7 de 20

1

In the previous question, assuming fred uses the correct command, and it works as expected, what will the result be?

Selecciona una de las siguientes respuestas posibles:

  • The external USB drive will be mounted

  • Fred will be prompted for his password

  • Fred will be prompted for the root password

  • Fred will be informed he cannot perform the action

Explicación

Pregunta 8 de 20

1

You don't need to configure a default gateway to browse Internet websites if you have; *****

Selecciona una de las siguientes respuestas posibles:

  • A firewall

  • A proxy server

  • A NAT server

  • You ALWAYS have to have a default gateway to get access of of your network.

Explicación

Pregunta 9 de 20

1

Deploying multiple Honeypots on your network is considered a;

Selecciona una de las siguientes respuestas posibles:

  • honeynet

  • beehive

  • honeyfarm

  • masquerade

Explicación

Pregunta 10 de 20

1

What is the advantage of having an IDS system in the DMZ of your network

Selecciona una de las siguientes respuestas posibles:

  • It can stop attacks that are occurring against your servers that are hosted there

  • It doesn't slow internal network traffic from reaching the Internet

  • It can lure attacks against your systems away from your actual servers

  • It can log both the types of attacks and where they are originating from against your servers

Explicación

Pregunta 11 de 20

1

To more securely host services that are accessible from the Internet you could;

Selecciona una de las siguientes respuestas posibles:

  • Place Internet servers in a screened subnet

  • Place Internet servers behind your Firewall

  • Put your servers in an Intranet

  • Put your servers in a Supernet

Explicación

Pregunta 12 de 20

1

Why would you want to use Direct Access for your remote clients to allow access rather than a Virtual Private Network?

Selecciona una de las siguientes respuestas posibles:

  • Direct Access uses Kerberos for authentication, so user credentials are not passed over the Internet

  • Direct Access occurs automatically when a user is not on the internal network, allowing the machine to be updated without user interaction

  • Because Direct Access uses a separate secure tunnel to transmit credentials over the Internet

  • Direct Access uses the PKI of the Active Directory Network, making it more secure than a VPN

Explicación

Pregunta 13 de 20

1

NAT is an example of:

Selecciona una de las siguientes respuestas posibles:

  • A stateful firewall

  • IPv4 to IPv6 translation

  • An application firewall

  • An IPSEC concentrator

Explicación

Pregunta 14 de 20

1

In terms of threat assessment, what is a vulnerability?

Selecciona una de las siguientes respuestas posibles:

  • An extra gateway onto your network

  • Using Internet Explorer

  • A security weakness that could be exploited by a threat

  • Having low bandwidth and throughput on your gateway

Explicación

Pregunta 15 de 20

1

In Linux, the firewall implements as..

Selecciona una de las siguientes respuestas posibles:

  • ipchains

  • natd

  • iptables

  • secured

Explicación

Pregunta 16 de 20

1

On the inside of a properly firewalled network...

Selecciona una de las siguientes respuestas posibles:

  • There is no need for a local firewall

  • A local firewall provides depth of defense

  • A local firewall can stop unwanted traffic from compromised internal machines from reaching other machines on the inside

  • Both B and C above

Explicación

Pregunta 17 de 20

1

A way to build a secure server configuration that can be exported to other servers is to;

Selecciona una de las siguientes respuestas posibles:

  • Run the BPA

  • Run sconfig

  • run winrm

  • run the SCW

Explicación

Pregunta 18 de 20

1

To build a set of GPO's and policies to secure laptop machines on your network you can use;

Selecciona una de las siguientes respuestas posibles:

  • Use the Security Configuration Manager to generate the policies

  • Ghost the laptop with an image

  • Place the laptop in the DMZ

  • make sure the laptop is properly updated

Explicación

Pregunta 19 de 20

1

What is an advantage to installing a Certificate Authority into your Active Directory structure and creating a PKI?

Selecciona una de las siguientes respuestas posibles:

  • It will encrypt all the data on your network

  • It stops the use of Kerberos authentication which is not very secure

  • It allows you to browse non-trusted web sites on the Internet securely

  • It can allow for trusted connection to Domains and computers outside your Domain

Explicación

Pregunta 20 de 20

1

What is one of the security challenges of using imaging to setup your systems on the network?

Selecciona una de las siguientes respuestas posibles:

  • Images can be modified while getting pushed out to target machines

  • Systems are not updated properly

  • Administrative accounts have the same password on all machine

  • Base images can have rootkits installed into them

Explicación