Term
| Which type of network connection uses a tunneling protocol to encapsulate data while it crosses a public network? |
|
Definition
| Virtual private network connection |
|
|
Term
| Which two protocols can a server running microsoft windows server 2003 with Routing and Remote access use to route between networks? |
|
Definition
|
|
Term
| Microsoft windows server 2003 supports which two tunneling protocols |
|
Definition
| Point-to-point tunnetling protocol PPTP and Layer two tunneling protocol |
|
|
Term
| What step could you take to hide the addresses of your internal resources, while still allowing the client computers to access the internet? |
|
Definition
|
|
Term
| What would be the most cost-effective method of establishing the connections that are necessary for the data transfer? |
|
Definition
|
|
Term
| How could you prevent Telnet traffic from entering your network without blocking the other IP traffic. |
|
Definition
| On the router's external interface, configure an inbound packet filter that will pass all IP traffic except Telnet traffic on destination port 23. |
|
|
Term
| How can you prevent all other traffic from initiating the demand-dial connection. |
|
Definition
| Create a demand-dial filter on the main office router that allows only traffic addressed to the destination network 192.168.1.0 to initiate demand-dial connections. |
|
|
Term
| How can you verify that your demand-dial configuration is working properly. |
|
Definition
| From inside of your network, issue the command ping |
|
|
Term
| Which of the following could be prevented Maria from communicating with the branch office server |
|
Definition
| The dial-in hours on the remote officer router are configured to allow a connection only during normal working working hours. |
|
|
Term
| Which of the following could be the reason that maria can establish a connection to your network even though the remote access policy expressly denies access to the Sales User group. |
|
Definition
| Maria's user account has been granted allow access permission in the dial-in tab of the user account properties page. |
|
|
Term
| Which two authentication methods are available to use by servers running MWS 2003 routing and remote access when authenticating remote access connections. |
|
Definition
| Windows authentication & RADIUS |
|
|
Term
| Which of the following Microsoft Windows support updates? |
|
Definition
| Microsoft Windows XP and Server 2003 |
|
|
Term
| What could be the reason the automatic Updates options are unavailable |
|
Definition
| Automatic updates settings have been configured and assigned at the domain level using group policy |
|
|
Term
| Which steps can you take to ensure that all clients receive updates while minimizing internet traffic and traffic across the fiber links? |
|
Definition
|
|
Term
| You configured two SUS servers. Server A and Server B. |
|
Definition
| Server A is not configured to store updates locally. |
|
|
Term
| Which two steps must you take to allow all client computers to receive updates from the SUS server |
|
Definition
Install Service Pack 1 on all computers running windows XP professional.
Install service pack 2 or higher on the client computers running Windows 2000 Professional. |
|
|
Term
| How could you verify that status of the automatic updates process on the client computers? |
|
Definition
| View the entries in the system log in Event Viewer |
|
|
Term
| Which f the following is a feature of IPSec that verifies the identity of peer computers before any data is sent? |
|
Definition
|
|
Term
| Which two types of SAs are created when IPSec peers communicate? |
|
Definition
|
|
Term
| IPSec security negotiation can be divided into two types. |
|
Definition
|
|
Term
| What are the three default IPSec security policies |
|
Definition
Server (request Security)
Client (Respond only) |
|
|
Term
| Which of the following is a command-line tool that is included in Microsoft windows server 2003 and can be used to monitor and manage IPSec |
|
Definition
|
|
Term
| Which of the following is the most likely reason that IPSec does not encrypt some of the traffic? |
|
Definition
| Client computers are configured to use the client (respond only) policy, not the Server (request Security) policy. |
|
|
Term
| What additional step must you take to allow the clients running Windows 98 to communicate with the server. |
|
Definition
| Download the legacy IPSec client for Windows 98 from the microsoft Web site |
|
|
Term
| Your security policy also must block telnet traffic. which two objectives can be accomplished using IPSec |
|
Definition
Secure communication between communicating computers
Blocking the transfer of telnet traffic |
|
|
Term
| What should you do to resolve this problem? |
|
Definition
| Upgrade the client computers running Windows NT 4 to run windows XP professional |
|
|
Term
| What recomendations would you make regarding IPSec security policies? |
|
Definition
Apply the secure server (require security) security policy to Server A.
Aply the client (respond Only) security policy to all other computers on the network. |
|
|
Term
| Which protocol does IPsec use to provide authentication, integrity, and anti-replay for both the IP header and the data payload. |
|
Definition
|
|
Term
| How must you configure IPsec to successfully secure traffic between these two sites |
|
Definition
| Configure IPSec to operate in tunnel mode |
|
|
Term
| Which additional step should you take to ensure that communication is encrypted using IPSec? |
|
Definition
| Configure a persistent policy that requires traffic to active directory to always be secured by IPSec |
|
|
Term
| What is the function of ESP? |
|
Definition
| ESP provides confidentiality, authentication, integrity, and anti-reply for the IP payload only. |
|
|
Term
| Which statement is true about the enterprise admins group? |
|
Definition
| The enterprise adminds group is located on he root domain server for each domain. |
|
|
Term
| What is the recommended method of accomplishing this task? |
|
Definition
| Create a security group named assistants. Ass the user account of both assistants to the assistants group, then grant the right to add workstations to the domain to assistants group. |
|
|
Term
| What steps should you take to accomplish this task. |
|
Definition
Create and apply a baseline template.
Create and apply three incremental templates. |
|
|
Term
| Which of the following accurately explains the principle of least privilege. |
|
Definition
| A user or object should not have privileges or access to information and resources unless it is absolutely necessary? |
|
|
Term
| What effect will this move have on the file? |
|
Definition
| The Test file will inherit the encrption attribute of the destination folder |
|
|
Term
| Which command-line tool can be used to configure and analyze system security by comparing current settings against at least one template. |
|
Definition
|
|
Term
| Which feature of Microsoft Windows server 2003 should you implement? |
|
Definition
|
|
Term
| Which of the following is not a security configuration tool |
|
Definition
| Security Analyzer snap-in |
|
|
Term
| Which function cannot be performed using Secedit |
|
Definition
|
|
Term
| How could you accomplish specific administrative tasks without having to provide additional user credentials. |
|
Definition
| Create a shortcut that performs the Run As function for the particular task that you would like to perform. |
|
|
