Multiple Choice
Identify the
letter of the choice that best completes the statement or answers the question.
|
|
|
1.
|
____
is a system of protecting data that is sent across a public network by authenticating and validating
users and by encrypting traffic on the network. a. | IPSec | c. | Kerberos | b. | SMTP | d. | PKI | | | | |
|
|
|
2.
|
If
you are working in a volatile company, where the company may do well one year and not so well the
next, and you are in a bad year, your security plan will be focused on ____. a. | all security
issues | c. | addressing long
term issues | b. | long-term projects | d. | dealing with problems after they
happen | | | | |
|
|
|
3.
|
A
security expert does not need to ____. a. | know exactly what happens at each step of the business
process | b. | understand the overall business
processes | c. | understand the overall communication and information flow in
the company | d. | None of the above. | | |
|
|
|
4.
|
A
security plan is typically not useful for ____. a. | determining what inappropriate Internet use
is | b. | dealing with
people that do not follow the security guidelines | c. | outlining a
response plan to use if your Web server is under a DoS attack | d. | None of the
above. | | |
|
|
|
5.
|
Which
is not true about the creation of a security plan in an international corporation? a. | If the corporate
users are located around the world, you do not have the standard downtime at night when you can do
server maintenance or backups. | b. | The possibility of several domains throughout the world can
complicate something as simple as assigning share permissions. | c. | It must comply
with security guidelines specific to international companies, not to individual
countries. | d. | None of the above. | | |
|
|
|
6.
|
What
is one of the biggest issues facing a small organization? a. | Securing WAN
connections. | b. | The lack of a person dedicated to managing the security of the
IT infrastructure. | c. | Securing multiple access points to the
Internet. | d. | All of the above. | | |
|
|
|
7.
|
____
provides name resolution services for Windows NT. a. | Active Directory | c. | DNS | b. | WINS | d. | DHCP | | | | |
|
|
|
8.
|
Which
remote access authentication option is the least secure and is used mainly by non-Windows
clients? a. | Digest
Authentication | c. | CHAP | b. | PAP | d. | EAP | | | | |
|
|
|
9.
|
NTFS
permissions are set on the ____ tab, which may be accessed by right-clicking on any file or folder
and selecting Properties. a. | General | c. | Managed By | b. | Security | d. | Object | | | | |
|
|
|
10.
|
By
default, Full Control of the Registry is not assigned to the ____. a. | Administrators
account | c. | Everyone
group | b. | System Account | d. | Both B and C. | | | | |
|
|
|
11.
|
Which
is not true about OUs? a. | You can delegate administrative permissions at an OU
level. | b. | If you assign permissions to an OU, all of the users in that OU
automatically inherit those permissions. | c. | Verify that the OU structure you develop is relatively stable,
even if the company should reorganize. | d. | Avoid creating an OU structure that contains too many levels of
OUs nested inside other OUs. | | |
|
|
|
12.
|
When
a new Active Directory forest is created by installing the forest root domain, the ____ group is
created, and its users are the only users who have the right to make any changes to the Active
Directory schema. a. | Schema
Admins | c. | Administrators | b. | Domain Admins | d. | Enterprise Admins | | | | |
|
|
|
13.
|
Which
is not true about security templates? a. | They help ensure that a consistent setting can be applied to
multiple machines. | b. | They are text-based files. | c. | They are often
changed by the administrator. | d. | None of the above. | | |
|
|
|
14.
|
When
setting up security templates, which Account Policy sub-category allows you to set session and TGT
ticket lifetime? a. | Password
Policy | c. | Account Lockout
Policy | b. | Kerberos Policy | d. | Security Policy | | | | |
|
|
|
15.
|
When
setting up security templates, which is not a sub-category under the Local Policy
category? a. | Account Lockout
Policy | c. | User Rights
Assignment | b. | Audit Policy | d. | Security Options | | | | |
|
|
|
16.
|
Which
groups can be used to assign permissions anywhere in the forest and are listed in the Global Catalog,
but the group membership is not? a. | computer local | c. | global | b. | domain
local | d. | universal | | | | |
|
|
|
17.
|
Any
access permissions given to the Everyone group give permissions to the ____ group. a. | Users | c. | Backup
Operators | b. | Guests | d. | None of the above. | | | | |
|
|
|
18.
|
When
creating digital signatures, which is not true? a. | Any change to the message makes the message digest
invalid. | b. | The message digest is encrypted using the sender's private
key. | c. | The receiver's
public key is used to decrypt the digital signature. | d. | None of the
above. | | |
|
|
|
19.
|
____
is a proposed standard for secure e-mail. a. | Authenticode | c. | PGP | b. | Verisign | d. | S/MIME | | | | |
|
|
|
20.
|
With
IPSec, encryption takes place at the Internet Protocol network layer. This means that the
encryption is ____. a. | visible to the applications at higher levels of the TCP/IP
stack but invisible to the lower physical layers | b. | visible to the
applications at higher levels of the TCP/IP stack and the lower physical
layers | c. | invisible to the applications at higher levels of the TCP/IP
stack but visible to the lower physical layers | d. | invisible to the
applications at higher levels of the TCP/IP stack and the lower physical
layers | | |
|
|
|
21.
|
If
you are managing certificates only for users in your organization, and all of the users that require
certificates have Active Directory accounts, then the ____ CA is the best option. a. | enterprise | c. | standalone
root | b. | subordinate
enterprise | d. | subordinate
standalone | | | | |
|
|
|
22.
|
If
you are going to be handing out certificates to users outside your organization, or if you want to
install a subordinate CA to a commercial CA, then you need to install a(n) ____ CA. a. | enterprise | c. | standalone
| b. | subordinate
enterprise | d. | subordinate
standalone | | | | |
|
|
|
23.
|
In
most cases, when choosing the name of the Web site to which you are assigning the certificate, you
should choose ____ bits as the length of the encryption key.
|
|
|
24.
|
When
configuring the server to require SSL, use the ____ option to configure whether or not you want to
require client certificates when clients connect to the server. a. | Client
Certificates | c. | Enable
certificate trust list | b. | Enable client certificate
mapping | d. | Require secure
channel | | | | |
|
|
|
25.
|
If
you are implementing an internal Certificate Server CA hierarchy that is part of a larger commercial
CA hierarchy, install a Windows 2000 ____ CA and send the subordinate certificate request to a
third-party CA. a. | enterprise | c. | standalone
root | b. | subordinate
enterprise | d. | subordinate
standalone | | | | |
|