Question 1

Clients use a(n)____ to determine to what type of network they are connected.&#10;A)network profile&#10;B)label&#10;C)exception&#10;D)forwarder

Accepted Answer

A network profile is a set of network configuration settings that defines how a computer or device connects to a network. It contains information such as IP address, DNS settings, and network location. Clients can use this profile to determine the type of network they are connected to, which can affect how they interact with other devices and services on that network. Labels, exceptions, and forwarders may be used in other contexts, but they do not specifically relate to determining network type.

Question 2

Secure Socket Layer (SSL)and Secure Shell (SSH)can protect Transport layer protocols and information such as TCP and UDP.

Accepted Answer

SSL (Secure Sockets Layer) and SSH (Secure Shell) primarily secure application layer protocols rather than directly protecting transport layer protocols like TCP and UDP. SSL is used for securing data transfers over the internet, and SSH is used for secure remote login and other secure network services over an insecure network.

Question 3

A(n)____ attack involves placing a computer between two communicating computers in a network connection. This computer impersonates each machine in the transaction, giving the computer the ability to read or modify communications between the two computers.

A)man-in-the-middle
B)identity spoofing
C)denial of service
D)data tampering

A

Accepted Answer

A man-in-the-middle attack involves intercepting and altering communication between two parties. The attacker positions themselves between the two parties and can read, intercept, or modify the communication without either party being aware. Identity spoofing is a technique used to impersonate a person or entity in order to gain access to sensitive data or systems. Denial of service (DoS) is an attack that floods a system or network with excessive traffic in order to disable it. Data tampering involves altering or modifying data without authorization.

Question 4

Along with providing file security through Access Control Lists, ____ allows users to perform file-based encryption through the Encrypting File Service (EFS).&#10;A)network address translation&#10;B)dial-up networking&#10;C)DFS&#10;D)New Technology File System

Accepted Answer

The New Technology File System (NTFS) not only provides Access Control Lists for file security but also allows users to perform file-based encryption through the Encrypting File Service (EFS). Network Address Translation (NAT) and Dial-up Networking are not relevant to the question, and DFS (Distributed File System) does not provide encrypted file storage or access control features.

Question 5

A(n)____ is an instruction to open a port briefly, allow a program or service to pass information, and then close the port.&#10;A)disk quota&#10;B)BitLocker&#10;C)exception&#10;D)rule

Accepted Answer

An exception is a temporary allowance for a program or service to bypass a firewall or security setting, often involving opening a port briefly.

Question 6

With ____, each user has a public key that is available to everyone and a private key that is known only to the user.&#10;A)tunnel mode&#10;B)public key encryption&#10;C)VPN&#10;D)BitLocker

Accepted Answer

The description matches public key encryption, which uses a pair of keys - one public and one private - to securely transmit information. The public key is available to everyone while the private key is known only to the user who generated it. Tunnel mode is a method for virtual private network (VPN) traffic to be encrypted, and VPN refers to a secure method for remotely connecting to a private network. BitLocker is a full-disk encryption tool used to protect data on a computer's hard drive. None of these options fully match the given description of public and private encryption keys.

Question 7

Using BitLocker with a TPM and a PIN or a USB flash drive is called ____.&#10;A)RADIUS&#10;B)VPN&#10;C)Layer 2 Tunneling&#10;D)enhanced security mode

Accepted Answer

Using BitLocker with a TPM and a PIN or a USB flash drive is called enhanced security mode. This mode provides additional security measures beyond just using a TPM, as it requires a user-generated PIN or the presence of a specific USB drive to access the encrypted data. RADIUS, VPN, and Layer 2 Tunneling are not directly related to BitLocker encryption.

Question 8

IPSec's ____ provides end-to-end security between devices or hosts, such as between a client and server or for Layer 2 Tunneling Protocol (L2TP)virtual private network (VPN)solutions for remote access.

A)transport mode
B)routing table
C)socket
D)tunnel mode

Accepted Answer

Transport mode in IPSec provides end-to-end security by encrypting only the payload of the IP packet, leaving the header intact, which is suitable for communication between devices or hosts.

Question 9

____ attacks are performed by flooding a host or a network router with more traffic than it can handle.&#10;A)Man-in-the-middle attacks&#10;B)Identity spoofing&#10;C)Denial of service&#10;D)Data tampering

Accepted Answer

Denial of service attacks, also known as DoS attacks, overwhelm a target with traffic to the point where it cannot function properly. This is accomplished by flooding the target with traffic from multiple sources, often using botnets. The goal of a DoS attack is to disrupt the target's normal operations and make it unavailable to users.

Question 10

____ involves users who deny that they performed a malicious action on a network, and administrators do not have a way to prove them wrong.&#10;A)Man-in-the-middle attack&#10;B)Identity spoofing&#10;C)Repudiation&#10;D)Data tampering

Accepted Answer

Repudiation involves the denial of performing a malicious action on a network or system. This can present a challenge for administrators as there may not be concrete evidence to prove that the user did perform the action. Man-in-the-middle attacks, identity spoofing, and data tampering all involve specific malicious actions that can potentially be traced or identified by network administrators.

Question 11

A ____ is a microchip that performs basic security tasks with encryption keys.&#10;A)stub zone&#10;B)Trusted Protection Module&#10;C)root hint&#10;D)DHCP relay agent

Accepted Answer

The answer of A ____ is a microchip that performs...

Question 12

____ provides hard drive-based encryption of servers and Windows Vista computers.&#10;A)BitLocker&#10;B)Internet Key Exchange&#10;C)Symmetric encryption&#10;D)Multifactor authentication

Accepted Answer

The answer of ____ provides hard drive-based encryption of servers...

Question 13

IPSec's ____ provides secure communications between two networks through a single node.&#10;A)transport mode&#10;B)routing table&#10;C)socket&#10;D)tunnel mode

Accepted Answer

The answer of IPSec's ____ provides secure communications between two...

Question 14

Windows Firewall does not allow you to create exceptions for inbound traffic.

Accepted Answer

The answer of Windows Firewall does not allow you to...

Question 15

The Monitoring section of the WFAS console provides you with real-time information about active connections passing through the Windows Firewall.

Accepted Answer

The answer of The Monitoring section of the WFAS console...

Question 16

When a user encrypts a file, a symmetric file encryption key (FEK)is generated that EFS uses to encrypt the file.

Accepted Answer

The answer of When a user encrypts a file, a...

Question 17

____ involves the capture of network traffic by attackers looking for important data files and to obtain passwords in order to penetrate a network.&#10;A)Repudiation&#10;B)Network traffic sniffing&#10;C)Identity spoofing&#10;D)Denial of service

Accepted Answer

The answer of ____ involves the capture of network traffic...

Question 18

EFS uses a combination of private and public key encryption for securing a user's data.

Accepted Answer

The answer of EFS uses a combination of private and...

Question 19

____ is a command-line utility that allows you to manage EFS through scripts or the command prompt.&#10;A)Netsh&#10;B)Ipconfig&#10;C)Cipher.exe&#10;D)Ping

Accepted Answer

The answer of ____ is a command-line utility that allows...

Question 20

____ uses a single key and is faster and more efficient than public key encryption, especially for very large files.&#10;A)Network Access Protection&#10;B)Symmetric encryption&#10;C)Network address translation&#10;D)Demand-dial routing

Accepted Answer

The answer of ____ uses a single key and is...

Question 21

In Active Directory domain environments, _________________________ is used by clients for host authentication.

Accepted Answer

The answer of In Active Directory domain environments, _________________________ is...

Question 22

_________________________ involves the malicious modification of data stored on Web sites or in databases or being passed between two computers on a network.

Accepted Answer

The answer of _________________________ involves the malicious modification of data...

Question 23

____ is the default IPSec security protocol in Windows Server 2008 and is defined by RFC 4303.&#10;A)DHCP&#10;B)UDP&#10;C)Encapsulating Security Payload&#10;D)Kerberos

Accepted Answer

The answer of ____ is the default IPSec security protocol...

Question 24

Briefly discuss the two phases used by IPSec to perform transactions.

Accepted Answer

The answer of Briefly discuss the two phases used by...

Question 25

IPSec meets three basic goals. Briefly discuss these goals.

Accepted Answer

The answer of IPSec meets three basic goals. Briefly discuss...

Question 26

Briefly describe the following authentication modes used by BitLocker: BitLocker with a TPM and BitLocker with Universal Serial Bus (USB)flash drive in place of TPM

Accepted Answer

The answer of Briefly describe the following authentication modes used...

Question 27

List four areas that you are allowed to manage through the Windows Firewall Advanced Security console.

Accepted Answer

The answer of List four areas that you are allowed...

Question 28

The ____ is responsible for managing the network health and connectivity policies on a network.&#10;A)System Health Validator&#10;B)Remediation Server&#10;C)System Health Agent&#10;D)Network Policy Server

Accepted Answer

The answer of The ____ is responsible for managing the...

Question 29

For each transaction, IPSec uses the ____ to negotiate security protocols each IPSec peer will use for communicating and constructing data transactions.&#10;A)IGMP&#10;B)Internet Key Exchange&#10;C)UDP&#10;D)L2TP

Accepted Answer

The answer of For each transaction, IPSec uses the ____...

Question 30

Briefly discuss the three scenarios available when deploying IPSec: site to site, client to client, and client to site.

Accepted Answer

The answer of Briefly discuss the three scenarios available when...

Question 31

Windows Server 2008 has two tools for managing EFS: file and folder properties and _________________________.

Accepted Answer

The answer of Windows Server 2008 has two tools for...

Question 32

How does BitLocker prevent threats to Windows systems, including: compromised system files and data access from outside the OS?

Accepted Answer

The answer of How does BitLocker prevent threats to Windows...

Question 33

____ provides authentication and integrity services but does not provide confidentiality because data encryption is not supported.&#10;A)Internet Key Exchang e&#10;B)Authentication Header&#10;C)BitLocker&#10;D)Encapsulating Security Payload

Accepted Answer

The answer of ____ provides authentication and integrity services but...

Question 34

Briefly describe the following network profiles: Public, Private, and Domain.

Accepted Answer

The answer of Briefly describe the following network profiles: Public,...

Question 35

What are the limitations of BitLocker?

Accepted Answer

The answer of What are the limitations of BitLocker?...

Question 36

List three authentication protocols supported by Windows Server 2008.

Accepted Answer

The answer of List three authentication protocols supported by Windows...

Question 37

The term _________________________ refers to a form of authentication that uses certificates issued by a trusted authority, or certification authority (CA).

Accepted Answer

The answer of The term _________________________ refers to a form...

Question 38

_____________________________________________ is an open-standards framework for securing network communications.

Accepted Answer

The answer of _____________________________________________ is an open-standards framework for securing...

Question 39

The term ____ refers to a form of authentication that uses a string of characters that is provided to all IPSec peers participating in the communications.&#10;A)digital certificate&#10;B)header&#10;C)Kerberos&#10;D)preshared keys

Accepted Answer

The answer of The term ____ refers to a form...

Question 40

All forms of NTLM use the ____.&#10;A)challenge-response protocol&#10;B)Internet Key Exchange&#10;C)tunnel mode&#10;D)public key encryption

Accepted Answer

The answer of All forms of NTLM use the ____.&#10;A)challenge-response...

Question 41

Match between columns&#10;                        Premises: Not necessarily a template, this wizard allows administrators to create rules requiring specific settings and functionality not covered by the four default templates.&#10;Not necessarily a template, this wizard allows administrators to create rules requiring specific settings and functionality not covered by the four default templates.&#10;Not necessarily a template, this wizard allows administrators to create rules requiring specific settings and functionality not covered by the four default templates.&#10;Not necessarily a template, this wizard allows administrators to create rules requiring specific settings and functionality not covered by the four default templates.&#10;Not necessarily a template, this wizard allows administrators to create rules requiring specific settings and functionality not covered by the four default templates.&#10;Not necessarily a template, this wizard allows administrators to create rules requiring specific settings and functionality not covered by the four default templates.&#10;Not necessarily a template, this wizard allows administrators to create rules requiring specific settings and functionality not covered by the four default templates.&#10;Not necessarily a template, this wizard allows administrators to create rules requiring specific settings and functionality not covered by the four default templates.&#10;Not necessarily a template, this wizard allows administrators to create rules requiring specific settings and functionality not covered by the four default templates.&#10;This console will allow you to create policies for IPSec services so that they can be applied to computer objects within your Active Directory environment.&#10;This console will allow you to create policies for IPSec services so that they can be applied to computer objects within your Active Directory environment.&#10;This console will allow you to create policies for IPSec services so that they can be applied to computer objects within your Active Directory environment.&#10;This console will allow you to create policies for IPSec services so that they can be applied to computer objects within your Active Directory environment.&#10;This console will allow you to create policies for IPSec services so that they can be applied to computer objects within your Active Directory environment.&#10;This console will allow you to create policies for IPSec services so that they can be applied to computer objects within your Active Directory environment.&#10;This console will allow you to create policies for IPSec services so that they can be applied to computer objects within your Active Directory environment.&#10;This console will allow you to create policies for IPSec services so that they can be applied to computer objects within your Active Directory environment.&#10;This console will allow you to create policies for IPSec services so that they can be applied to computer objects within your Active Directory environment.&#10;This console is used to create IPSec policies running Windows Vista and Windows Server 2008 as well as older OSs.&#10;This console is used to create IPSec policies running Windows Vista and Windows Server 2008 as well as older OSs.&#10;This console is used to create IPSec policies running Windows Vista and Windows Server 2008 as well as older OSs.&#10;This console is used to create IPSec policies running Windows Vista and Windows Server 2008 as well as older OSs.&#10;This console is used to create IPSec policies running Windows Vista and Windows Server 2008 as well as older OSs.&#10;This console is used to create IPSec policies running Windows Vista and Windows Server 2008 as well as older OSs.&#10;This console is used to create IPSec policies running Windows Vista and Windows Server 2008 as well as older OSs.&#10;This console is used to create IPSec policies running Windows Vista and Windows Server 2008 as well as older OSs.&#10;This console is used to create IPSec policies running Windows Vista and Windows Server 2008 as well as older OSs.&#10;This template creates rules that allow specific computers, groups, or IP addresses to connect with network computers without being required to authenticate themselves.&#10;This template creates rules that allow specific computers, groups, or IP addresses to connect with network computers without being required to authenticate themselves.&#10;This template creates rules that allow specific computers, groups, or IP addresses to connect with network computers without being required to authenticate themselves.&#10;This template creates rules that allow specific computers, groups, or IP addresses to connect with network computers without being required to authenticate themselves.&#10;This template creates rules that allow specific computers, groups, or IP addresses to connect with network computers without being required to authenticate themselves.&#10;This template creates rules that allow specific computers, groups, or IP addresses to connect with network computers without being required to authenticate themselves.&#10;This template creates rules that allow specific computers, groups, or IP addresses to connect with network computers without being required to authenticate themselves.&#10;This template creates rules that allow specific computers, groups, or IP addresses to connect with network computers without being required to authenticate themselves.&#10;This template creates rules that allow specific computers, groups, or IP addresses to connect with network computers without being required to authenticate themselves.&#10;This command-line utility allows administrators to perform all the GUI-based tasks of certain other tools, along with other advanced configurations that are available only through it.&#10;This command-line utility allows administrators to perform all the GUI-based tasks of certain other tools, along with other advanced configurations that are available only through it.&#10;This command-line utility allows administrators to perform all the GUI-based tasks of certain other tools, along with other advanced configurations that are available only through it.&#10;This command-line utility allows administrators to perform all the GUI-based tasks of certain other tools, along with other advanced configurations that are available only through it.&#10;This command-line utility allows administrators to perform all the GUI-based tasks of certain other tools, along with other advanced configurations that are available only through it.&#10;This command-line utility allows administrators to perform all the GUI-based tasks of certain other tools, along with other advanced configurations that are available only through it.&#10;This command-line utility allows administrators to perform all the GUI-based tasks of certain other tools, along with other advanced configurations that are available only through it.&#10;This command-line utility allows administrators to perform all the GUI-based tasks of certain other tools, along with other advanced configurations that are available only through it.&#10;This command-line utility allows administrators to perform all the GUI-based tasks of certain other tools, along with other advanced configurations that are available only through it.&#10;This template creates rules for authenticating communications between gateway computers, such as IPSec VPNs.&#10;This template creates rules for authenticating communications between gateway computers, such as IPSec VPNs.&#10;This template creates rules for authenticating communications between gateway computers, such as IPSec VPNs.&#10;This template creates rules for authenticating communications between gateway computers, such as IPSec VPNs.&#10;This template creates rules for authenticating communications between gateway computers, such as IPSec VPNs.&#10;This template creates rules for authenticating communications between gateway computers, such as IPSec VPNs.&#10;This template creates rules for authenticating communications between gateway computers, such as IPSec VPNs.&#10;This template creates rules for authenticating communications between gateway computers, such as IPSec VPNs.&#10;This template creates rules for authenticating communications between gateway computers, such as IPSec VPNs.&#10;This template creates rules that restrict network connections based on administrator-defined policies.&#10;This template creates rules that restrict network connections based on administrator-defined policies.&#10;This template creates rules that restrict network connections based on administrator-defined policies.&#10;This template creates rules that restrict network connections based on administrator-defined policies.&#10;This template creates rules that restrict network connections based on administrator-defined policies.&#10;This template creates rules that restrict network connections based on administrator-defined policies.&#10;This template creates rules that restrict network connections based on administrator-defined policies.&#10;This template creates rules that restrict network connections based on administrator-defined policies.&#10;This template creates rules that restrict network connections based on administrator-defined policies.&#10;This console allows for the configuration of IPSec security services for Windows Server 2008 and Windows Vista clients only.&#10;This console allows for the configuration of IPSec security services for Windows Server 2008 and Windows Vista clients only.&#10;This console allows for the configuration of IPSec security services for Windows Server 2008 and Windows Vista clients only.&#10;This console allows for the configuration of IPSec security services for Windows Server 2008 and Windows Vista clients only.&#10;This console allows for the configuration of IPSec security services for Windows Server 2008 and Windows Vista clients only.&#10;This console allows for the configuration of IPSec security services for Windows Server 2008 and Windows Vista clients only.&#10;This console allows for the configuration of IPSec security services for Windows Server 2008 and Windows Vista clients only.&#10;This console allows for the configuration of IPSec security services for Windows Server 2008 and Windows Vista clients only.&#10;This console allows for the configuration of IPSec security services for Windows Server 2008 and Windows Vista clients only.&#10;This template creates rules for authenticating communication between two computers, two groups of computers, two different subnets, or a combination of these.&#10;This template creates rules for authenticating communication between two computers, two groups of computers, two different subnets, or a combination of these.&#10;This template creates rules for authenticating communication between two computers, two groups of computers, two different subnets, or a combination of these.&#10;This template creates rules for authenticating communication between two computers, two groups of computers, two different subnets, or a combination of these.&#10;This template creates rules for authenticating communication between two computers, two groups of computers, two different subnets, or a combination of these.&#10;This template creates rules for authenticating communication between two computers, two groups of computers, two different subnets, or a combination of these.&#10;This template creates rules for authenticating communication between two computers, two groups of computers, two different subnets, or a combination of these.&#10;This template creates rules for authenticating communication between two computers, two groups of computers, two different subnets, or a combination of these.&#10;This template creates rules for authenticating communication between two computers, two groups of computers, two different subnets, or a combination of these.

Accepted Answer

The Answer of WFAS and Netsh and Server-to-Server and Tunnel is...

Question 42

What is the purpose of the System Health Validator?

Accepted Answer

The answer of What is the purpose of the System...

Deck 10: Securing Windows Server 2008