Session 2

Question 1

Which are authentication factors? Choose three answers.

Choices:
A - Who you are
B - What you do
C - What you say
D - What you have
E - What you know

Answer 1

A - Who you are
D - What you have

E - What you know

Question 2

What do virtual smart cards use for authentication?

Choices:
A - TPM chip
B - Password
C - Biometrics
D - Card reader

Answer 2

A - TPM chip

Question 3

What do physical smart cards use for authentication?

Choices:
A - TPM chip
B - Password
C - Biometrics
D - Card reader

Answer 3

D - Card reader

Question 4

Which type of server is used to authenticate outside connections to a network?

Choices:
A - VPN
B - Web
C - WAP
D - RADIUS

Answer 4

D - RADIUS

Question 5

Which form of authentication is known as, who you are?

Choices:
A - Passwords
B - Biometrics
C - Usernames
D - Smart Cards

Answer 5

B- Biometrics

Question 6

When running an app that requires elevated privileges, which Windows feature should be used?

Choices:
A - UAC
B - Run as
C - Safe Mode
D - Administrative Mode

Answer 6

B - Run as

Question 7

When an administrator grants permissions on a folder to a group, which three permission levels are assigned by default?

Choices:
A - Read
B - Write
C - Modify
D - Read & execute
E - List folder contents

Answer 7

A - Read
D - Read & execute

E - List folder contents

Question 8

Which two permission levels are available to assign to a user or group when creating a basic share on a folder?

Choices:
A - Own
B - Read
C - Change
D - Read/Write

Answer 8

B - Read

D - Read/Write

Question 9

Which command is used to access the registry?

Choices:
A - Regrun
B - Regedit
C - Registry
D - Regchange

Answer 9

B - Regedit

Question 10

Which registry hive stores file associations?

Choices:
A - HKEY_USERS
B - HKEY_CLASSES_ROOT
C - HKEY_CURRENT_USER
D - HKEY_LOCAL_MACHINE
E - HKEY _CURRENT_CONFIG

Answer 10

B - HKEY_CLASSES_ROOT

Question 11

Which are network authentication protocols? Choose two answers.

Choices:
A - SSO
B - LDAP
C - NTLM
D - Kerberos

Answer 11

C - NTLM

D - Kerberos

Question 12

Which Active Directory tool allows an administrator to create and run scripts for automation purposes?

Choices:
A - Active Directory Sites and Services
B - Active Directory Domains and Trusts
C - Active Directory Administrative Center
D - Active Directory Module for Windows PowerShell

Answer 12

D - Active Directory Module for Windows PowerShell

Question 13

From a folder’s properties, where can an administrator see which folder is a parent folder for inherited permissions?

Choices:
A - Edit button on the Sharing tab
B - Edit button on the Security tab
C - Advanced button on the Sharing tab
D - Advanced button on the Security tab

Answer 13

D - Advanced button on the Security tab

Question 14

When copying a folder from one location to another, the folder’s permissions for the new copy are __________.

Choices:
A - set to full control
B - the same as the original copy
C - inherited from its parent
D - nonexistent and must be reassigned

Answer 14

C - inherited from its parent

Question 15

When moving a folder from one location to another on the same drive, the folder’s permissions __________.

Choices:
A - remain the same
B - are inherited from its parent
C - are set to read-only for all groups
D - are nonexistent and must be assigned

Answer 15

A - remain the same

Question 16

If a user is assigned to both the Users and Administrators groups, which permissions will the user have on a folder when both groups have permissions on that folder?

Choices:
A - The group with the most lenient permissions
B - The group with the strictest permissions
C - Inherited permissions from the folder’s parent
D - Cumulative permissions from both groups on the folder

Answer 16

D - Cumulative permissions from both groups on the folder

Question 17

While in Advanced Security Settings, what should an administrator do to view advanced permissions for a specific user or group?

Choices:
A - Click the user or group
B - Double-click the user or group
C - Click the user or group and click Edit
D - Click the user or group and click View

Answer 17

B - Double-click the user or group

Question 18

To delegate control on an organizational unit, an administrator should __________.

Choices:
A - change folder ownership
B - change folder permissions
C - run the Delegation of Control Wizard
D - change the delegation settings on the Security tab

Answer 18

C - run the Delegation of Control Wizard

Question 19

Strong passwords have at least __________ characters.

Choices:
A - 7
B - 8
C - 10
D - 12

Answer 19

B - 8

Question 20

If a minimum password length is set to 0 in the Local Security Policy, what effect does that have on a password requirement?

Choices:
A - None
B - A password is not allowed
C - A password is not required
D - A password is required but can be any length

Answer 20

C - A password is not required

Question 21

An administrator wants to force users not to reuse an old password when changing a password. Which password policy should be set?

Choices:
A - Minimum password age
B - Maximum password age
C - Enforce password history
D - Minimum password length

Answer 21

B. Maximum password age

Question 22

To prevent a user from quickly changing passwords in order to get around the Enforce password history policy, which password policy should be set?

Choices:
A - Minimum password age
B - Maximum password age
C - Minimum password length
D - Password must meet complexity requirements

Answer 22

B- Maximum password age

Question 23

To lock a user out after a set number of failed logon attempts due to an incorrect password, which policy should be set?

Choices:
A - Account lockout policy
B - Account lockout duration
C - Account lockout threshold
D - Reset account lockout counter after

Answer 23

C- Account lockout threshold

Question 24

On which Group Policy path will an administrator find the Account Policies area?

Choices:
A - User Configuration/Policies/Software Settings/Security Settings
B - User Configuration/Policies/Windows Settings/Security Settings
C - Computer Configuration/Policies/Software Settings/Security Settings
D - Computer Configuration/Policies/Windows Settings/Security Settings

Answer 24

B- User Configuration/Policies/Windows Settings/Security Settings

Question 25

Which type of password attack uses all possible combinations for a password?

Choices:
A - Guessing Attack
B - Dictionary Attack
C - Social Engineering
D - Brute Force Attack

Answer 25

D - Brute Force Attack

Question 26

Users should be trained to give out passwords under what circumstance?

Choices:
A - Never
B - When a website asks for it
C - When a supervisor asks for it
D - When a help desk agent asks for it

Answer 26

A- Never

Question 27

Which options are available for auditing? Choose two answers.

Choices:
A - Read
B - Write
C - Failure
D - Success

Answer 27

C- Failure

D- Success

Question 28

What is used to audit non-Active Directory objects?

Choices:
A - System
B - Object access
C - Process tracking
D - Directory service access

Answer 28

B - Object access

Question 29

Which tab under Properties holds the settings for turning on auditing for a folder?

Choices:
A - Sharing
B - General
C - Security
D - Customize

Answer 29

C - Security

Question 30

Which administrative tool is used to read auditing logs?

Choices:
A - Syslog
B - Group Policy
C - Event Viewer
D - Local Security Policy

Answer 30

C - Event Viewer

Question 31

Where are permissions set for viewing audit logs?

Choices:
A - In the Event Viewer
B - In the Audit log settings
C - In the Security log settings
D - On the folder storing the logs

Answer 31

B - In the Audit log settings

Question 32

The __________ encryption method allows a user to copy and paste folders while still maintaining the encryption.

Choices:
A - BitLocker
B - EFS
C - TPM
D - TLS

Answer 32

B- EFS

Question 33

Which encryption method is used to encrypt an external hard drive?

Choices:
A - EFS
B - BitLocker TPM
C - BitLocker Drives
D - BitLocker To Go

Answer 33

D - BitLocker To Go

Question 34

SSL is an example of which kind of encryption?

Choices:
A - Hardware-based encryption
B - Mail encryption
C - Virtual private network
D - Software-based encryption

Answer 34

D - Software-based encryption

Question 35

What are the two main methods used to encrypt email?

Choices:
A - PGP
B - SSID
C - S/MIME
D - SSTP
E - PAP

Answer 35

A - PGP

C - S/MIME

Question 36

Which are VPN authentication forms? Choose four answers.

Choices:
A - CHAP
B - EAP-MS-CHAPv2
C - IKEv2
D - MS-CHAPv2
E - L2TP
F - PAP

Answer 36

A - CHAP
B - EAP-MS-CHAPv2
D - MS-CHAPv2
F - PAP

Question 37

__________ keys are usually used to encrypt data. __________ keys are usually used to decrypt data.

Choices:
A - Public, Private
B - Public, Symmetric
C - Symmetric, Private
D - Symmetric, Asymmetric

Answer 37

A - Public, Private

Question 38

Which of these encryption methods uses block ciphers? Choose three answers.

Choices:
A - TLS
B - AES
C - DES
D - SSL
E - 3DES

Answer 38

B - AES
C - DES
E - 3DES

Question 39

Which three types of encryption are asymmetric?

Choices:
A - SSL
B - DES
C - PGP
D - TLS
E - TKIP

Answer 39

A - SSL
C - PGP

D - TLS

Question 40

Which of the following formats allows exporting for both private keys and certificates?

Choices:
A - Base64-encoded x.509
B - DER-encoded binary x.509
C - PKCS #7
D - PKCS #12

Answer 40

D - PKCS #12

Question 41

When viewing a certificate, under which two tabs can you find the expiration dates for that certificate?

Choices:
A - Certification Path
B - Logins
C - General
D - Default Encoding
E - Details

Answer 41

C - General

E - Details

Question 42

Certificates that are revoked or expired are stored in which part of a PKI?

Choices:
A - CPF
B - RA
C - CA
D - CRL

Answer 42

D - CRL

Question 43

____________ uses code integrity policies to lock devices to run only trusted apps.

Choices:
A - EM Shielding
B - Device Guard
C - Device Identifier
D - Block Device

Answer 43

B - Device Guard

Question 44

Buffer overflow malware can attack by attempting to fill a(n) __________ field with a number outside the __________ range.

Choices:
A - integer, integer
B - integer, number
C - buffer, number
D - buffer, integer

Answer 44

A - integer, integer

Question 45

What type of virus changes constantly to deceive antivirus software?

Choices:
A - Hoax virus
B - Polymorphic virus
C - Trojan horse
D - Dynamic virus

Answer 45

B - Polymorphic virus

Question 46

A user calls a help desk and states that an antivirus program downloaded is not actually an antivirus program. What does the user have?

Choices:
A - Worm
B - Virus
C - Trojan horse
D - Zero day attack

Answer 46

C - Trojan horse

Question 47

__________ is a type of malware used to collect personal information and send the info to a third party.

Choices:
A - Adware
B - Spyware
C - Rootkit
D - Ransomware

Answer 47

B - Spyware

Question 48

Which of these describe common types of ransomware? Choose two answers.

Choices:
A - Scareware
B - Crackware
C - Registry lock
D - Encryption
E - Lockscreen

Answer 48

D - Encryption

E - Lockscreen

Question 49

A user complains that newly installed software is displaying advertisements at the top of the screen. Which of the following has most likely been installed?

Choices:
A - Virus
B - Spyware
C - Adware
D - Worm

Answer 49

C - Adware

Question 50

Which of the following describes a class of malware that creates hidden openings in the OS?

Choices:
A - Backdoor
B - Directory traversal
C - OpenPGP
D - Trojan horse

Answer 50

A - Backdoor

Question 51

Which of the following malware types causes security breaches that have not yet been identified by credible sources?

Choices:
A - Logic bomb
B - Polymorphic
C - Zero day attack
D - Hoax

Answer 51

C - Zero day attack