IS3340 CHAPTER 11 Flashcards Preview

IS3340 SEC. STRAT. IN WINDOWS PLATFORM & APPS. > IS3340 CHAPTER 11 > Flashcards

Flashcards in IS3340 CHAPTER 11 Deck (25):
1

A special mode that allows administrators to created an offline copy of Active Directory is called ___?

DIRECTORY SERVICE RESTORE MODE (DSRM)

2

A rule that handles addressing and encapsulating is called ___?

ENCAPSULATING PROTOCOL

3

The process of making configuration changes and deploying controls to reduce the attack surface is called ___?

HARDENING

4

A solution that defines and implements a policy that describes the requirements to access your network is called ___?

NETWORK ACCESS CONTROL (NAC)

5

An open source utility used to scan one or more computers or network devices for open ports and other information is called ___?

Nmap

6

A general approach to handling encryption keys using trusted entities and digital certificates; the hardware, software, policies, and procedures to manage all aspects of digital certificates is called ___?

PUBLIC KEY INFRASTRUCTURE (PKI)

7

A predefined set of services, programs, and configuration settings that enable a computer to fulfill a specific set of requirements is called ___?

ROLES

8

A Microsoft utility that provides guidance to administrators and creates policies based on the least privilege principle for the server roles you have selected either during installation or afterward using the server Manager Utility is called ___?

SECURITY CONFIGURATION WIZARD (SCW)

9

A Windows Server 2008 R2 installation option that provides a minimal environment that only includes programs necessary for the roles you select is called ___?

SERVER CORE INSTALLATION

10

A technique that creates a virtual encrypted connection and allow applications to use any protocol to communicate with servers and services without having to worry about addressing or privacy concerns is called ___?

TUNNELING

11

1. The term ATTACK SURFACE refers to all of the software a computer runs that is vulnerable to attack.
TRUE OR FALSE

TRUE

12

2. The best way to secure a service is to disable it.
TRUE OR FALSE

FALSE

13

3. The process of making configuration changes and deploying controls to reduce the attack surface is called ___?

Hardening

14

4. Which Windows Server 2008 R2 feature allows you to specify which services you want to include during the operating system installation?

1. Edition
2. Role
3. GPO
4. Configuration

Role

15

5. Which Windows Server 2008 R2 installation option only includes a minimal environment to just run selected services?

1. Server core
2. Foundation
3. Standard
4. Runtime

Server core

16

6. Which Microsoft tool guides administrators and creates policies based on least privilege to reduce the attack surface of a windows server after installation?

1. GPO
2. MBSA
3. SCW
4. NMAP

SCW

17

7. You can use GPOs to reply Windows firewall rules.
TRUE OR FALSE

TRUE

18

8. Which of the following actions is the best action to take to secure an unneeded service?

1. Close the port
2. Disable the service
3. Delete the service from Services
4. Create a GPO restriction for the service

Disable the service

19

9. You should disable the ___ user account to make it harder for attackers to access the default escalated-privilege account.

Administrator

20

10. AD makes securing many computers in a network more complex.
TRUE OR FALSE

FALSE

21

11. The ___ tool is a handy open source tool to scan computers for open ports.

Nmap

22

12. Which term describes software that defines and implements a policy that describes the requirements to access your network?

1. SCW
2. VPN
3. GPO
4. NAC

NAC

23

13. VPNs increase security of remote connection by guaranteeing all traffic is encrypted.
TRUE OR FALSE

FALSE

24

14. Which new Microsoft VPN protocol makes it easy to use VPNs even through firewalls?

1. L2TP
2. SSTP
3. TLS
4. TCP

SSTP

25

15. ___ refers to the hardware, software, policies, and procedures to manage all aspects of digital certificates.

PKI