Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

Mastering Windows Security and Hardening > Networking Fundamentals for Hardening Windows > Flashcards

Networking Fundamentals for Hardening Windows Flashcards

(11 cards)

Start Studying
1
Q

What is best practice for network device management?

A
  • Ensure you keep the software of your network devices current.
  • Enable auditing on devices.
  • Integrate authentication using LDAP.
  • Use a Privileged Access Management (PAM) solution.
  • Disable or prevent local account access and change default usernames
    and passwords.
  • Ensure the management of devices is encrypted (SSH).
  • Isolate the management network.
  • Don’t allow the management of network devices from the internet.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What group policies focus on network security?

A
  • Microsoft network client settings focus on how clients communicate with servers
    and how those communications are handled.
  • Microsoft network server settings focus on how servers accept communications
    from clients and handle those sessions.
  • Network access settings control how clients and users connect and interact
    remotely with each other and to file shares.
  • Network security settings focus on hardening the protocols and authentication
    methods used to authorize communication between clients and servers.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are best practices for securing wireless networks?

A
  • Do not use Wired Equivalent Privacy (WEP).
  • Enable enterprise-grade authentication
  • Ensure any guest networks, Operational Technology (OT) networks, and Internet
    of Things (IoT) networks are isolated from more sensitive production networks
    and ensure all guest access is protected. If using a guest SSID with a password,
    implement a process to rotate the password regularly.
  • Ensure the WLAN infrastructure is kept current and up to date.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is best practice for securing WLAN on the local device?

A
  • Block connections to suggested open hotspots and networks shared by contacts or paid services. These features are known as Wi-Fi Sense.
  • Block internet sharing.
  • Block Wi-Fi Direct.
  • Minimize the number of simultaneous connections to the internet or a Windows
    domain. Set preventing Wi-Fi when on Ethernet.
  • Block connections to a non-domain network when connected to an authenticated
    domain network.
  • Block access to the Windows Connect Now (WCN) wizards.
  • Block the configuration of wireless settings using WCN.
  • Remove any unused Wi-Fi networks if possible.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is best practice for securing Bluetooth on the local device?

A
  • Ensure the strongest Bluetooth security mode is enforced for all users where
    Bluetooth is enabled. Bluetooth operates in two security modes with four levels of differing variance that can be mixed if supported by the device.
  • For the strictest security, use security mode 2 with level 4 and require communications that are paired, encrypted, and signed. For the least restrictive, you would use level 1, which will not require any security at all.
  • Ensure Bluetooth is listed and referenced in the company security policies and that
    the device settings have been modified to reflect these policies.
  • Ensure any users enabled to use Bluetooth are fully aware of security issues with
    Bluetooth and their responsibilities while using it.
  • Delete unused Bluetooth pairings or configure allowed Bluetooth services and
    policies using MDM.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Define Microsoft “Always on VPN”

A

A configurable Windows VPN profile that can automatically connect when off your corporate network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the requirements for Always on VPN?

A
  • AD Domain Services
  • DNS server
  • Network policy and access services (NPS-RADIUS)
  • AD Certificate Authority (CA)
  • Remote access (direct access and VPN-RAS)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is best practice for Windows Server networking?

A
  • Windows server implementations should only be connected using Ethernet for security purposes and for any needed internet access.
  • Servers should be on a separate network segment from your client devices if possible.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is best practice for securing VMs in Hyper-V?

A
  • Use a secure network for both host management and Virtual Machines (VMs).
  • Use separate networks and dedicated physical adapters for the physical hosts.
  • Use a separate secure network to access virtual hard disk files and VM
    configurations.
  • Use a separate secure network for any VM migrations and ensure encryption is
    enabled.
  • For VMs, ensure the virtual network interface cards (NIC) are connected to the
    correct virtual switch and are configured with the correct security settings.

https://docs.microsoft.com/en-us/windows-server/virtualization/
hyper-v/plan/plan-hyper-v-security-in-windows-server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Describe Microsoft “Network protection”

A

A security feature that can be enabled through the Exploit Guard features of Microsoft Defender; Helps security feature that can be enabled through the Exploit Guard features of Microsoft Defender; Reduce attacks from low-reputation IP and URL sources known for malicious activity; Includes extensions for Chrome and Firefox.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What can network protection be enabled?

A

Group policy and Intune

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Mastering Windows Security and Hardening (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions