Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
21 Cards in this Set
- Front
- Back
Which of the following allows administrators to create and manage security profiles? |
Security Configuration Wizard |
|
This tool allow administrators to view security and update information for multiple network machine? |
Microsoft Baseline Security Analyzer* |
|
Which of the following cannot be performed with the Security Configuration Wizard? |
Encrypting folders and files |
|
True or False: You can configure the Microsoft Baseline Security Analyzer to install all missing Windows security updates. |
False* |
|
Which of these features of Windows Server 2008 allows you to encrypt the entire system volume on a hard drive? |
Bitlocker |
|
The _________________ is used to access an EFS-encrypted file. |
File Encryption Key |
|
What type of network profile would be applied to a workgroup server that sits on a network protected from the Internet by a firewall? |
Public Workgroup Private Domain |
|
Which of the following tools can be used for managing IPSec policies? |
Netsh.exe WFAS *used to perform WFAS and IP Security Policy tasks, as well as other advanced configs |
|
Which of the following is not a threat mitigated by IPSec? |
Data Tampering Social Engineering Network Traffic Sniffing Identity Spoofing |
|
True or False: Transport Mode is used to set up VPN connections for remote access clients in Windows Server 2008. |
False |
|
McClantz, Inc, a small publishing company, needs to install client to client IPsec to secure communications between a web server and a database server. The network is running Active Directory Domain Services without a PKI infrastructure. They are running Windows Server 2008 and do not want to have to purchase anything additional to implement their solution. What is the recommended authentication method this implementation? |
Kerberos version 5 *ideal because of the lack of a PKI and all devices are in the same forest. Otherwise, use Digital Certificates, or Preshared Keys |
|
Whichof the following commands will encrypt the folder, f:\Shared\SecureData: |
Cipher.exe /E f:\Shared\SecureData *\E encrypt, \D decrypt |
|
Which of the following cannot be enforced by NAP? |
EFS file encryption |
|
Youhave a small workgroup environment with two servers, SRV1 and SRV2. SRV1 is a web server hosting a financial application used by your endusers. SRV2 is a database server used to store the financialapplication's data. Both servers have digital certificates issued byThawte. You need to use IPSec to secure the communication betweenSRV1 and SRV2. However, you want to utilize only components that arebuilt-in to Windows Server 2008. Which of the following actions willmake up part of the solution (Choose 2) |
Create a Server-to-Server policy in Windows Firewall with Advanced Security. Choose Digital Certificates for Phase 1 authentication |
|
True or False: Authentication Header (AH) security services is the preferred method for securing IPSec traffic as it provides encryption of a data packet's payload. |
False *it is Encapsulating Security Payload (ESP) |
|
Whichof the following are supported by default in Windows Server 2008(Choose 2) |
Encapsulating Security Payload (ESP) NTLMv1 Authentication Authentication Header (AH) NTLMv2 Authentication LAN Manager (LM) Authentication |
|
In a NAP environment, a centralized Anti-Virus servers would be an example of a ________________. |
Remediation Server |
|
_______________ mode is used when implementing IPSec between two gateways. |
Tunnel |
|
IPSec is implemented at this layer of the OSI model? |
Physical Data Link Network Transport Presentation Application |
|
Using Bitlocker with a Trusted Protection Module (TPM) and PIN is referred to as |
enhanced security mode |
|
What is the difference between Encrypting File Service (EFS) and Bitlocker? |
BitLocker encrypts the entire filesystem, not just file-folder level |