Microsoft Security System Administration Week 4 Flashcards
(10 cards)
What is BitLocker?
A disk encryption feature.
BitLocker is a disk encryption feature provided by Microsoft in its Windows operating system versions.
What is the purpose of local security policies on user accounts in a Windows environment?
To control the functionality and behavior of user accounts on a local computer.
What are the two primary types of encryption keys?
Symmetric keys and asymmetric keys
The two primary types of encryption keys are symmetric keys and asymmetric keys. Symmetric keys, also known as secret keys, involve using the same key for both encryption and decryption. This key is shared between the sender and the recipient and must be kept secure. Symmetric key encryption algorithms are faster but require a secure method for key exchange.
Why is it important that users avoid reusing passwords across different accounts?
It reduces the risk of a compromised password granting unauthorized access to multiple accounts.
Reusing passwords across different accounts poses a significant security risk. If a password is compromised for one account, attackers can potentially gain unauthorized access to all other accounts where the same password is reused. This is particularly dangerous because attackers commonly attempt to use compromised credentials across various platforms to exploit this exact vulnerability.
Kerberos authentication is primarily used to protect against malware attacks.
False
Kerberos authentication is not primarily used to protect against malware attacks. Instead, it is a widely used network authentication protocol designed to provide secure and reliable authentication in a network environment.
In the provided “Allow Rule” configuration for the “Microsoft Office Suite,” what is the specified rule type, path, and action?
Rule Type: Executable, Path: C:\Program Files\Microsoft Office*, Action: Allow
Rule Type: Executable, Path: C:\Program Files\Microsoft Office*, Action: Allow. This rule type and configuration specify that executable files within the “C:\Program Files\Microsoft Office” directory (and its subdirectories, denoted by the asterisk *) are allowed to run.
What is the benefit of configuring an exception rule for an application in Windows Firewall?
Increased security by only allowing specific traffic for the application.
Configuring an exception rule for an application in Windows Firewall involves specifying which network traffic is allowed to pass through the firewall to reach that application and which traffic should be blocked. This process enhances security by enforcing a more restrictive policy, allowing only the necessary and authorized traffic to reach the application.
What is the main distinction between a privileged and a non-privileged account?
The privileges assigned to the account.
Which of the following statements is true about Kerberos authentication?
It supports single sign-on (SSO) functionality.
Kerberos authentication supports single sign-on (SSO) functionality. SSO is a mechanism that enables users to log in once and gain access to multiple resources and services without needing to re-enter their credentials for each resource.
How does a pass-the-hash attack work?
By using stolen hashes of user passwords to authenticate to a system or service.
A pass-the-hash (PtH) attack is a sophisticated method used by adversaries to gain unauthorized access to computer systems or networks by leveraging stolen hashed passwords.
