True/False
Indicate whether the sentence or statement is true
or false.
|
|
|
1.
|
Hacking into a corporate network through a firewall is a simple task, even if the
firewall is configured correctly.
|
|
|
2.
|
If a
company has done well for many years, the board of directors will probably be confident that the
success will continue, and one or two years of lower profits are not likely to result in large
changes in corporate direction.
|
|
|
3.
|
When
determining the corporate management structure, one of the first things you should do is obtain a
copy of the corporate organization chart.
|
|
|
4.
|
When
gathering detailed information about the IT infrastructure, make sure you don't get too much
information, or you will lose time sorting through what is applicable and what is not.
|
|
|
5.
|
The
global catalog includes every object and all of its attributes in the entire tree.
|
|
|
6.
|
In
order to create a taskpad, you must first create a custom MMC and add the Active Directory Users and
Computers snap-in.
|
|
|
7.
|
The
Backup Operators local group has the ability to install software, create local users and groups,
create and delete nonadministrative shares, change system time, change display settings, and
administer local printers.
|
|
|
8.
|
The
Enrollment Agent certificate template is used for authenticating clients and servers.
|
|
|
9.
|
By
default, Windows 2000 DNS servers are configured to replicate zone information to any secondary name
server that requests a zone transfer.
|
|
|
10.
|
While
RIS can install operating systems, it cannot be used to install applications.
|
|
|
11.
|
When
using RDP, the high encryption level encrypts all data sent in both directions between the client and
the server. Data is encrypted using the RC4 algorithm and either a 56-bit or 40-bit
key.
|
|
|
12.
|
If
your company implements a highly secure area for printers that print confidential information, you
have eliminated the risk of unauthorized users accessing confidential data.
|
|
|
13.
|
Windows NT servers and clients support SMB signing as long as Service Pack 3 or above
has been installed.
|
|
|
14.
|
The
Windows 2000 implementation of IPSec is flexible but difficult to administer. The benefits of
IPSec, however, far outweigh the administration headaches.
|
|
|
15.
|
Remote access is one of the greatest security risks on your network.
|
|
|
16.
|
You
cannot configure a RADIUS client through an ISP.
|
|
|
17.
|
A
LAN-to-LAN configuration assumes that all the LAN segments are available at all times.
|
|
|
18.
|
PPTP
can be used through a NAT server.
|
|
|
19.
|
A
back-to-back DMZ is less secure than a three-homed DMZ.
|
|
|
20.
|
The
Internet Explorer Content Advisor is primarily used to help users search and locate specific
information on the Internet.
|
Multiple Choice
Identify the
letter of the choice that best completes the statement or answers the question.
|
|
|
21.
|
The
weakest part of any IT security system is ____. a. | the server | b. | the
firewall | c. | the software applications being used to provide
security | d. | the people who manage or use the
network | | |
|
|
|
22.
|
____
is a method of encrypting the packets that are sent on the network between two
computers. a. | IPSec | c. | Kerberos | b. | SMTP | d. | PKI | | | | |
|
|
|
23.
|
In a
company with low tolerance for risk, which is not true? a. | The security
policy will probably change infrequently. | b. | The security policy will need to clearly define a rapid
modification and deployment procedure for the security policies. | c. | The security
policy will probably have to deal with every possible security risk. | d. | None of the
above. | | |
|
|
|
24.
|
____
is used to automatically assign IP configurations to client computers. a. | TCP/IP | c. | DNS | b. | WINS | d. | DHCP | | | | |
|
|
|
25.
|
If
the organization is running Active Directory, you need to collect information on
____ a. | the OU
configurations | c. | RAS server
configuration | b. | domain configuration | d. | All of the above. | | | | |
|
|
|
26.
|
The
Active Directory ____ defines every object and every attribute available to objects. a. | schema | c. | service | b. | database | d. | hierarchy | | | | |
|
|
|
27.
|
Which
is not true about OUs? a. | You can delegate administrative permissions at an OU
level. | b. | If you assign permissions to an OU, all of the users in that OU
automatically inherit those permissions. | c. | Verify that the OU structure you develop is relatively stable,
even if the company should reorganize. | d. | Avoid creating an OU structure that contains too many levels of
OUs nested inside other OUs. | | |
|
|
|
28.
|
The
____ Wizard allows the administrator to choose the user or group, and the task that is to be
delegated. a. | Administrative
| c. | Security
Configuration and Analysis | b. | Delegation of Control | d. | Group Policy | | | | |
|
|
|
29.
|
The
domain local group called Administrators does not include ____. a. | local
Administrator account | b. | Domain Admins global group | c. | Computer local
group | d. | the Enterprise Admins global group from the tree root
domain | | |
|
|
|
30.
|
When
creating digital signatures, which is not true? a. | Any change to the message makes the message digest
invalid. | b. | The message digest is encrypted using the sender's private
key. | c. | The receiver's
public key is used to decrypt the digital signature. | d. | None of the
above. | | |
|
|
|
31.
|
Which
is not needed to have an entirely secure Web site? a. | server
authentication | c. | client
authorization | b. | encrypted data | d. | None of the above. | | | | |
|
|
|
32.
|
____
is not a default certificate available in Windows 2000 Certificate Server. a. | Domain
Controller | c. | Enrollment
Agent | b. | Web Server | d. | Subordinate Certification Authority | | | | |
|
|
|
33.
|
The
CRL is configured by default as ____. a. | once a day | c. | once every 48 hours | b. | once an
hour | d. | once a
week | | | | |
|
|
|
34.
|
In
Windows 2000 DNS, ____ cannot update the resource records. a. | an
administrator | c. | DHCP
servers | b. | users' computers | d. | None of the above. | | | | |
|
|
|
35.
|
Which
option on the DNS tab should you select to have DHCP update records for Windows NT
clients? a. | Automatically
update DHCP client information in DNS | b. | Update DNS only if DHCP client
requests | c. | Always update DNS | d. | Enable updates
for DNS clients that do not support dynamic update | | |
|
|
|
36.
|
Which
is not true? a. | Zones can be
converted from primary or secondary to Active Directory integrated. | b. | Before you can
configure a zone for secure dynamic updates, the zone must be Active Directory
integrated. | c. | To convert a zone to Active Directory, open the Active
Directory mmc from the Administrative Tools menu. | d. | None of the
above. | | |
|
|
|
37.
|
Which
UpdateSecurityLevel value indicates use unsecured dynamic updates only?
|
|
|
38.
|
RIS
cannot be used to ____. a. | simplify and automate the deployment of Windows 2000
Professional to desktop computers | b. | deploy new installations of Windows 2000
Professional | c. | restore dysfunctional systems | d. | upgrade existing
pre-Windows 2000 clients | | |
|
|
|
39.
|
The
SNMP ____ is the central administrative point that allows the administrator to query, monitor, and
receive status messages. a. | hub | c. | console | b. | management
station | d. | community
center | | | | |
|
|
|
40.
|
Which
is not recommended to increase SNMP security? a. | Change the default community name to something difficult to
remember. | b. | Configure each community to be read
only. | c. | Ensure that all machines will be able to configure or retrieve
information from agents belonging to the same community. | d. | Encrypt the SNMP
status messages. | | |
|
|
|
41.
|
Capturing data being transmitted, altering the contents, and then sending the data to
its intended destination can be accomplished by performing a ____ attack. a. | denial-of-service | c. | virus | b. | man-in-the-middle | d. | brute force | | | | |
|
|
|
42.
|
Which
section of the AH is the hash value calculated against the signed portion of the AH
packet? a. | Next
Header | c. | Sequence
Number | b. | Security Parameters Index | d. | Authentication Data | | | | |
|
|
|
43.
|
This
authentication method is mainly used in a test environment. a. | Kerberos | c. | Preshared
Keys | b. | Certificates | d. | None of the
above. | | | | |
|
|
|
44.
|
When
manually configuring additional settings on the dial-up networking connection, the ____ tab is used
to configure dialing options, including what is presented to the user during the dialing process, as
well as how to configure redialing. a. | General | c. | Connection | b. | Options | d. | Networking | | | | |
|
|
|
45.
|
When
configuring a remote access policy, the ____ include(s) options such as disconnection settings, IP
address assignments, and authentication settings. a. | rules | c. | conditions | b. | profile
setting | d. | permissions | | | | |
|
|
|
46.
|
Which
is not true about L2TP? a. | IPSec requires that both the server and the client have
security certificates because the keys used to encrypt and decrypt the data come from the
certificates. | b. | L2TP/IPSec is supported if either the client or the server is
running Windows 2000. | c. | The L2TP protocol cannot pass through a firewall that is
configured to use NAT. | d. | None of the above. | | |
|
|
|
47.
|
A
____ is an application that appears innocent, but may be running malicious code in the
background. a. | worm | c. | Trojan
Horse | b. | virus | d. | hoax | | | | |
|
|
|
48.
|
A(n)
____ zone contains Web sites not assigned to any other zone. a. | Internet | c. | Trusted
site | b. | Local
Internet | d. | Restricted
site | | | | |
|
|
|
49.
|
A(n)
____ zone is configured for all sites located within the internal network. a. | Internet | c. | Trusted
site | b. | Local
Internet | d. | Restricted
site | | | | |
|
|
|
50.
|
A(n)
____ zone's default security level is Low. a. | Internet | c. | Trusted site | b. | Local
Internet | d. | Restricted
site | | | | |
|