Questions, MTA 98-367: Security Fundamentals Overview
1 view 0 purchase
Course
S, MTA 98-367:
Institution
S, MTA 98-367:
You can reduce risk by reducing - answer-vulnerabilities
An implementation of which security principle ensures that secrets stay secret - answer-Confidentiality
The implementation of techniques that map to which security principle help to ensure that an unauthorized change to data is detected...
Questions, MTA 98-367: Security
Fundamentals Overview
You can reduce risk by reducing - answer-vulnerabilities
An implementation of which security principle ensures that secrets stay
secret - answer-Confidentiality
The implementation of techniques that map to which security principle help
to ensure that an unauthorized change to data is detected - answer-Integrity
A basic security principle states that users, resources, and applications
should be granted only the rights and permissions needed to perform a task.
the principle of ______________ ____________. - answer-least privilege
What is meant by reducing the attack surface of a system?
A. Disabling needed services
B. Removing unneeded protocols
C. Keeping a system up to date
D. Disabling the firewall - answer-B (Removing unneeded protocols)
What tool can you use to create a comprehensive security policy as an XML
file on a Windows Server 2008 system?
A. Microsoft Baseline Security Analyzer (MBSA)
B. System Center Configuration Manager (SCCM)
C. Security Configuration Wizard (SCW)
D. Windows Server Update Services (WSUS) - answer-C (Security
Configuration Wizard (SCW))
Of the following choices, what is the best method to protect against
malware?
A. Installing antivirus software and keeping it up to date
B. Disabling unneeded services
C. Removing unnecessary protocols
D. Enabling a firewall - answer-A (Installing antivirus software and keeping it
up to date)
What is the primary difference between a virus and a worm?
A. There is none. They're both the same.
B. A worm requires user intervention to spread, but a virus doesn't.
C. A virus requires user intervention to spread, but a worm doesn't.
D. A virus is malware, but a worm is antivirus software. - answer-C (A virus
requires user intervention to spread, but a worm doesn't)
,A buffer-overflow attack can gain access to a system's _________ - answer-
memory.
Which of the following is a type of malware that appears to be something
else?
A. Buffer overflow
B. Trojan horse
C. Virus
D. Worm - answer-B (Trojan horse)
___________ represent a real threat today. - answer-Botnets
The majority of spam is sent out by _____________. - answer-Botnets
Microsoft has created an antivirus tool for desktop operating systems. It's
available for free for home and small-business users and provides real-time
protection. What is this tool? - answer-Microsoft security essentials
TRUE FALSESecurity Essentials 2010 is a type of Trojan horse known as
rogueware - answer-false
What tool can you use for free on Windows Server 2008 to check for and
remove many types of malware threats? (Choose all that apply.)
A. Security Essentials 2010
B. Microsoft Security Essentials
C. Microsoft Windows Malicious Software Removal Tool
D. Microsoft Forefront - answer-C (Microsoft Windows Malicious Software
Removal Tool)
One method of conducting pharming is through DNS _____________. - answer-
Cache Poisoning
Which of the following can protect email from potential threats?
(Choose all that apply.)
A. Antivirus software
B. Disabling automatic display of graphics
C. Enabling pharming
D. Educating users
(use spaces between the letters ) - answer-A (Antivirus software)
B (Disabling automatic display of graphics )
D (Educating users)
What is the difference between identification and authentication?
A. Nothing. They're the same.
B. Identification proves an identity.
,C. Authentication proves an identity.
D. Identification authenticates an individual, and authentication provides
authorization. - answer-C (Authentication proves an identity.)
A brute-force attack is one of many methods used to discover _____________. -
answer-Passwords
A ____________ is an authentication example using the something you have
factor. - answer-smart card
Which one of the following is the strongest password?
A. password
B. Password
C. PAssWord
D. Pa$$w0rd - answer-D (Pa$$w0rd)
You can enforce a password policy through_________ - answer-Group Policy
If users forget their password, they can reset the password with a
_____________, as long as they created it before forgetting their password. -
answer-Password- reset disk
What factor of authentication is used when a user's fingerprints are checked?
- answer-Something you are
Kerberos clients must have their time within five minutes of each other to
prevent a _____________ error. - answer-time skew
Of the following choices, what isn't a valid use of a RADIUS server
A. Authenticate VPN clients
B. Authenticate wireless clients
C. Provide port-based authentication
D. Provide authentication for 802x database servers - answer-D (Provide
authentication for 802x database servers)
Of the following choices, which authentication protocol is the weakest?
A. Kerberos
B. LM
C. NTLMv1
D. NTLMv2 - answer-B (LM)
What are the three As (AAA) of security?
A. Authentication, authorization, and accounting
B. Authentication, accountability, and accounting
C. Accountability, access control, and accounting
, D. Authorization, access control, and auditing - answer-A (Authentication,
authorization, and accounting)
True false: If you want to audit all access to a folder, all you have to do is
enable Object Access auditing in the Audit Policy. - answer-False
Which Audit Policy selection records any time a user logs onto a local
system?
A. Logon Events
B. Account Logon Events
C. System Events
D. Process Tracking - answer-A (Logon Events)
4. Which Audit Policy selection records modifications to Active Directory?
A. Privilege Use
B. Account Management Events
C. Directory Service Access
D. Policy Change - answer-C (Directory Service Access)
If you want to ensure that an audit-log entry records each time a system is
shut down, you should enable Successful entries for _____________ auditing. -
answer-System events
What tool can you use to view audited events? - answer-Event viewer
Which of the following choices can be used to automatically collect events on
a single server from multiple servers?
A. Process Tracking Events auditing
B. MBSA
C. Automatic archiving
D. Event subscriptions - answer-D (Event subscriptions)
You can secure audit logs with _________ media. - answer-WORM (WRITE
ONCE READ MANY)
Where can you get MBSA? FREE FROM _________ - answer-microsoft
___________ can detect weak passwords for accounts on Microsoft systems. -
answer-MBSA
What causes the Windows 7 Desktop to dim when a user attempts an action
requiring administrative approval? - answer-UAC
True or false If files are encrypted on a server using EFS, they're
automatically encrypted when a user uses offline folders. - answer-False
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller TOPDOCTOR. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $11.49. You're not tied to anything after your purchase.
