Security Fundamentals Parte I - Q 1-25

Windows Firewall is a built-in. host-based, stateless frewall. Select the correct answer if the underlined text does not make the statement correct. Select "No change is needed" if the underlined text makes the statement correct.

HOTSPOT Alice sends her password to the game server in plaintext. Chuck is able to observe her password. The scenario demostrated is an [blank_start]Eavesdropping[blank_end] attack. Alice should [blank_start]never send a plaintext password[blank_end]. to avoid this type of attack.

Question 3 HOTSPOT For each of the following statements, select Yes if the statement is true. Otherwise, select No. Each correct selecton is worth one point. IpSec requires network application to be IPSec aware [blank_start]NO[blank_end] Ipsec encrypts data [blank_start]YES[blank_end] IPsec adds overhead for all network communications for which it is used. [blank_start]YES[blank_end]

Question 3 HOTSPOT For each of the following statements, select Yes if the statement is true. Otherwise, select No. Each correct selecton is worth one point. Honeypots are primarily used to attact potential attakers or hackers. [blank_start]YES[blank_end] By setting up honey pot an administrator can get insightful information about the atttacker such IP address. [blank_start]YES[blank_end] A honeypot is an appliance pr piece of software that allows or denies network access based on preconfigured set of rules. [blank_start]NO[blank_end]

Question 5 Bridging is a process of sending packets from source to destnaton on OSI layer 3. Select the correct answer if the underlined text does not make the statement correct. Select "No change is needed" if the underlined text makes the statement correct.

Question 6 The primary purpose of Network Access Protecton (NAP) is to prevent:

Question 7 You want to make your computer resistant to online hackers and malicious sofware. What should you do?

Question 8 HOTSPOT For each of the following statements, select Yes if the statement is true. Otherwise, select No. Each correct selecton is worth one point. An intruder can spoof MAC addresses to get aroud MAC address filtering [blank_start]YES[blank_end] Intruders can find a wireless network if the Service SEtIdentifier (SSID) is hidden. [blank_start]YES[blank_end] WEP security is strong as long as it has a 128-bit key. [blank_start]NO[blank_end]

Your company requires that users type a series of characters to access the wireless network. The series of characters must meet the following requirements: Contains more than 15 characters Contains at least one leter Contains at least one number Contains at least one symbol Which security technology meets these requirements?

Question 10 Many Internet sites that you visit require a user name and password. How should you secure these passwords?

Question 11 You are an intern for a company where your manager wants to be sure you understand the social engineering threats that may occur. Your manager emphasizes the principles of the Microsof Defense-in-Depth Security Model shown in the following image: The policies, procedures and awareness defense targets staff with an organization, explaning what to do, when, why and by whom. The overarching defense of the Microsoft Defense-inDepth Security Model is Data Defenses.

Question 12 Physically securing servers prevents:

Question 13 To prevent users from copying data to removable media, you should:

Question 14 HOTSPOT For each of the following statements, select Yes if the statement is true. Otherwise, select No. Each correct selecton is worth one point. BEcuase senior executives have rights to access sensitive data, they should use administrators accounts. [blank_start]YES[blank_end] The User Account Control (UAC ) has one overall goal: grant users the lowest level permissions required to complete their task. [blank_start]YES[blank_end] System administrators should use a standard user account when performing routine functions like reading emails and browsing the internet. [blank_start]YES[blank_end]

Question 15 You are an intern at Wide World Importers and help manage 1000 workstatons. All the workstatons are members of an Actve Domain. You need to push out an internal certfcate to Internet Explorer on all workstatons. What is the quickest method to do this?

Question 17 The purpose of a digital certfcate is to verify that a:

Question 18 A mail system administrator scans for viruses in incoming emails to increase the speed of mail processing. Select the correct answer if the underlined text does not make the statement correct. Select "No change is needed" if the underlined text makes the statement correct.

Question 19 You are volunteering at an organizaton that gets a brand new web server. To make the server more secure, you should add a second administrator account. Select the correct answer if the underlined text does not make the statement correct. Select "No change is needed" if the underlined text makes the statement correct.

Question 20 Role separaton improves server security by:

Question 21 The Windows Firewall protects computers from unauthorized network connectons. Select the correct answer if the underlined text does not make the statement correct. Select "No change is needed'' if the underlined text makes the statement correct.

Question 22 HOTSPOT For each of the following statements, select Yes if the statement is true. Otherwise, select No. Each correct selecton is worth one point. Tools like Microsoft Security Compliance Manager and Microsoft Baseline SEcurity Analyzer can assist with server hardening. [blank_start]YES[blank_end] Administrator passwords may contain ASCII characters generated by a combination of the ALT key and 3 digits on the numerical keypad [blank_start]YES[blank_end] The removal of unused registry entries and executing increases teh surface vulnerability of the server. [blank_start]NO[blank_end]

Question 23 Coho Winery wants to increase their web presence and hires you to set up a new web server. Coho already has servers for their business and would like to avoid purchasing a new one. Which server is best to use as a web server, considering the security and performance concerns?

Question 24 A user who receives a large number of emails selling prescripton medicine is probably receiving pharming mail. Select the correct answer if the underlined text does not make the statement correct. Select "No change is needed" if the underlined text makes the statement correct.

Question 25 The client computers on your network are stable and do not need any new features. Which is a beneft of applying operatng system updates to these clients?

Question 16 In Internet Explorer 8, the InPrivate Browsing feature prevents: