where can you view audit events?
in the C:\Temp\Logs folder as text files
in System logs in Events Viewer
in Security logs in Event Viewer
by using audit/logs at the command line
Auditing is used for what purpose?
authenticating users
authorizing users
recording user's actions
assessing a user's permissions
why would auditing include logon and logoff times?
these are simply default audit types for accounts
logon and logoff times can help track user's work hours
logon and logoff times can help pinpoint who was logged on during a failure
logon and logoff events can track system usage for capacity planning
why is it a good idea (other that the effect on system performance) to set up auditing for only those objects that you really need to focus on?
object auditing is complex and requires a lot of time to set up
searching through too many events makes finding problems more difficult
by enabling objects auditing, you also enable many other events
auditing too many events adds an extra layer of complexity to management tasks
why is choosing what to audit, instead of auditing everything that a user does, a good idea?
high level of auditing can affect system preformance
auditing sets up an air of suspicion for users
extensive audit trails often lead to too much troubleshooting
auditing requires a high level of expertise to set up and maintain
which utility do you use to access advance audit policy settings?
Local Policy Editor
Group Policy Editor
Domain Policy Editor
Schema Policy Editor
what is one of the primary advantages to using Active Directory to store DNS information?
fault tolerance
zero configuration
low maintenance
reverse zone lookups
which type of DNS zone resolves host names to IP addresses?
forward lookup zone
reverse lookup zone
backward lookup zone
null lookup zone
when resetting audit settings back to basic mode, what file must you remove as part of the process?
policies.txt
audit.txt
policies.csv
audit.csv
which TCP/UDP port does the DNS service use to communicate?
25
53
80
443
what is the first and most important step in installing and deploying DNS in your network?
setting up Active Directory so that DNS can be integrated into it
planning the infrastructure and service requirements
configuring the forward and reverse lookup zones correctly
splitting the network into subdomains
which one of the following is an example of an FQDN?
SERVER1
192.168.1.50
sales.microsoft.com
C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
what is the primary advantage of a caching-only DNS server?
it requires no maintenance
it provides DNS to a select few DNS clients
is speeds DNS queries by building a DNS request cache
it increases network traffic only on external networks
authorization is used for what purpose?
to grant access to a user
to verify a user's identity
to determine security restrictions
to calculate effective permissions
why are success audits as important as failure audits?
successes are important to troubleshooting for establishing baselines of normal behavior
successes are included by default and can be filtered out
successes can point to security breaches as well as normal behavior
successes allow you to track activity such as new account creation
authentication is used for what purpose?
why would you implement a caching-only DNS server on your network?
to speed DNS queries and decrease network traffic
to avoid installing and configuring a full-blown DNS server
to reduce the amount of maintenance for administrator
to reduce complexity in a network environment
it speeds DNS queries by building a DNS request cache
by using the Active Directory-integrated zone, DNS follows what kind of model?
master-slave
multi-master
primary-secondary
forward-reverse
what type of structure does DNS have?
hierarchical distributed
flat distributed
top-down distributed
wheel-spoke distributed
A specific, individual computer or other network device in a domain is known as what?
server
entity
top-level system
host
the Domain Name System (DNS) works much like a phone book to associate URLs (names) with what kinds of numbers?
ID numbers
World Wide Web number
domain addresses
IP addresses
which of the following is an example of a second-level domain?
blah.com
.net
server1
corporate.local
which of the following is an example of a top-level domain?
.local
.business
microsoft.com
which auditing feature allows you to define computer-wide system access control lists for the file system or the registry?
Global Object Access Auditing
Filereg Auditing
Registry Trail Auditing
System Tracker Auditing snap-in
What type of audit event notifies you that an account failed to log on?
DS access
object access
privilege use
logon/logoff
Why should you avoid using basic audit policy settings and advanced audit policy settings together?
that amount of auditing will fill out event logs too quickly
the two audit setting ranges have too much redundancy or overlap between them
setting too many policies can put your system in an 'out of compliance" state
Audit policies might cause conflicts or erratic behavior.
By using what type of policy can you track, limit, or deny a user's ability to use removable storage devices such as USB drives in Windows Server 2012 R2?
USB Storage Access
Removable Storage Access
Removable Device Access
Storage Device Audit
Which command do you use to manage auditing at the command prompt?
Audit.exe
AdPolicy.exe
Auditpol.exe
Policy.exe
Before Windows 2008 R2, only nine basic audit settings existed. Windows Server 2012 introduces a total of how many audit subsettings?
23
56
64
What does the acronym FQDN stand for?
File Quota Domain Number
Fully Qualified Domain Number
Fully Qualified Domain Name
Full Query Domain Name
A stub zone is a zone copy that contains only what type of records?
host entries
subdomain entries
necessary resource entries
query record entries
