Session 2

Question 1

Which are authentication factors? Choose three answers.

Choices: 
A - Who you are
B - What you do
C - What you say
D - What you have
E - What you know

Answer 1

A - Who you are
D - What you have
E - What you know

Question 2

What do virtual smart cards use for authentication?

Choices: 
A - TPM chip
B - Password
C - Biometrics
D - Card reader

Answer 2

A - TPM chip

Question 3

What do physical smart cards use for authentication?

Choices: 
A - TPM chip
B - Password
C - Biometrics
D - Card reader

Answer 3

D - Card reader

Question 4

Which type of server is used to authenticate outside connections to a network?

Choices: 
A - VPN
B - Web
C - WAP
D - RADIUS

Answer 4

D - RADIUS

Question 5

Which form of authentication is known as, who you are?

Choices: 
A - Passwords
B - Biometrics
C - Usernames
D - Smart Cards

Answer 5

B - Biometrics

Question 6

When running an app that requires elevated privileges, which Windows feature should be used?

Choices: 
A - UAC
B - Run as
C - Safe Mode
D - Administrative Mode

Answer 6

B - Run as

Question 7

When an administrator grants permissions on a folder to a group, which three permission levels are assigned by default?

Choices: 
A - Read
B - Write
C - Modify
D - Read & execute
E - List folder contents

Answer 7

A - Read
D - Read & execute
E - List folder contents

Question 8

Which two permission levels are available to assign to a user or group when creating a basic share on a folder?

Choices: 
A - Own
B - Read
C - Change
D - Read/Write

Answer 8

B - Read

D - Read/Write

Question 9

Which command is used to access the registry?

Choices: 
A - Regrun
B - Regedit
C - Registry
D - Regchange

Answer 9

B - Regedit

Question 10

Which registry hive stores file associations?

Choices: 
A - HKEY_USERS
B - HKEY_CLASSES_ROOT
C - HKEY_CURRENT_USER
D - HKEY_LOCAL_MACHINE
E - HKEY _CURRENT_CONFIG

Answer 10

B - HKEY_CLASSES_ROOT

Question 11

Which are network authentication protocols? Choose two answers.

Choices: 
A - SSO
B - LDAP
C - NTLM
D - Kerberos

Answer 11

C - NTLM

D - Kerberos

Question 12

Which Active Directory tool allows an administrator to create and run scripts for automation purposes?

Choices:
A - Active Directory Sites and Services
B - Active Directory Domains and Trusts
C - Active Directory Administrative Center
D - Active Directory Module for Windows PowerShell

Answer 12

D - Active Directory Module for Windows PowerShell

Question 13

From a folder’s properties, where can an administrator see which folder is a parent folder for inherited permissions?

Choices: 
A - Edit button on the Sharing tab
B - Edit button on the Security tab
C - Advanced button on the Sharing tab
D - Advanced button on the Security tab

Answer 13

D - Advanced button on the Security tab

Question 14

When copying a folder from one location to another, the folder’s permissions for the new copy are __________.

Choices: 
A - set to full control
B - the same as the original copy
C - inherited from its parent
D - nonexistent and must be reassigned

Answer 14

C - inherited from its parent

Question 15

When moving a folder from one location to another on the same drive, the folder’s permissions __________.

Choices: 
A - remain the same
B - are inherited from its parent
C - are set to read-only for all groups
D - are nonexistent and must be assigned

Answer 15

A - remain the same

Question 16

If a user is assigned to both the Users and Administrators groups, which permissions will the user have on a folder when both groups have permissions on that folder?

Choices:
A - The group with the most lenient permissions
B - The group with the strictest permissions
C - Inherited permissions from the folder’s parent
D - Cumulative permissions from both groups on the folder

Answer 16

D - Cumulative permissions from both groups on the folder

Question 17

While in Advanced Security Settings, what should an administrator do to view advanced permissions for a specific user or group?

Choices:
A - Click the user or group
B - Double-click the user or group
C - Click the user or group and click Edit
D - Click the user or group and click View

Answer 17

B - Double-click the user or group

Question 18

To delegate control on an organizational unit, an administrator should __________.

Choices: 
A - change folder ownership
B - change folder permissions
C - run the Delegation of Control Wizard
D - change the delegation settings on the Security tab

Answer 18

C - run the Delegation of Control Wizard

Question 19

Strong passwords have at least __________ characters.

Choices: 
A - 7
B - 8
C - 10
D - 12

Answer 19

B - 8

Question 20

If a minimum password length is set to 0 in the Local Security Policy, what effect does that have on a password requirement?

Choices: 
A - None
B - A password is not allowed
C - A password is not required
D - A password is required but can be any length

Answer 20

C - A password is not required

Question 21

An administrator wants to force users not to reuse an old password when changing a password. Which password policy should be set?

Choices: 
A - Minimum password age
B - Maximum password age
C - Enforce password history
D - Minimum password length

Answer 21

C - Enforce password history

Question 22

To prevent a user from quickly changing passwords in order to get around the Enforce password history policy, which password policy should be set?

Choices: 
A - Minimum password age
B - Maximum password age
C - Minimum password length
D - Password must meet complexity requirements

Answer 22

A - Minimum password age

Question 23

To lock a user out after a set number of failed logon attempts due to an incorrect password, which policy should be set?

Choices: 
A - Account lockout policy
B - Account lockout duration
C - Account lockout threshold
D - Reset account lockout counter after

Answer 23

C - Account lockout threshold

Question 24

On which Group Policy path will an administrator find the Account Policies area?

Choices:
A - User Configuration/Policies/Software Settings/Security Settings
B - User Configuration/Policies/Windows Settings/Security Settings
C - Computer Configuration/Policies/Software Settings/Security Settings
D - Computer Configuration/Policies/Windows Settings/Security Settings

Answer 24

D - Computer Configuration/Policies/Windows Settings/Security Settings

Question 25

Which type of password attack uses all possible combinations for a password? ``` Choices: A - Guessing Attack B - Dictionary Attack C - Social Engineering D - Brute Force Attack ```

Answer 25

D - Brute Force Attack

Question 26

Users should be trained to give out passwords under what circumstance? ``` Choices: A - Never B - When a website asks for it C - When a supervisor asks for it D - When a help desk agent asks for it ```

Answer 26

A - Never

Question 27

Which options are available for auditing? Choose two answers. ``` Choices: A - Read B - Write C - Failure D - Success ```

Answer 27

C - Failure | D - Success

Question 28

What is used to audit non-Active Directory objects? ``` Choices: A - System B - Object access C - Process tracking D - Directory service access ```

Answer 28

B - Object access

Question 29

Which tab under Properties holds the settings for turning on auditing for a folder? ``` Choices: A - Sharing B - General C - Security D - Customize ```

Answer 29

C - Security

Question 30

Which administrative tool is used to read auditing logs? ``` Choices: A - Syslog B - Group Policy C - Event Viewer D - Local Security Policy ```

Answer 30

C - Event Viewer

Question 31

Where are permissions set for viewing audit logs? ``` Choices: A - In the Event Viewer B - In the Audit log settings C - In the Security log settings D - On the folder storing the logs ```

Answer 31

D - On the folder storing the logs

Question 32

The __________ encryption method allows a user to copy and paste folders while still maintaining the encryption. ``` Choices: A - BitLocker B - EFS C - TPM D - TLS ```

Answer 32

B - EFS

Question 33

Which encryption method is used to encrypt an external hard drive? ``` Choices: A - EFS B - BitLocker TPM C - BitLocker Drives D - BitLocker To Go ```

Answer 33

D - BitLocker To Go

Question 34

SSL is an example of which kind of encryption? ``` Choices: A - Hardware-based encryption B - Mail encryption C - Virtual private network D - Software-based encryption ```

Answer 34

D - Software-based encryption

Question 35

What are the two main methods used to encrypt email? ``` Choices: A - PGP B - SSID C - S/MIME D - SSTP E - PAP ```

Answer 35

A - PGP | C - S/MIME

Question 36

Which are VPN authentication forms? Choose four answers. ``` Choices: A - CHAP B - EAP-MS-CHAPv2 C - IKEv2 D - MS-CHAPv2 E - L2TP F - PAP ```

Answer 36

A - CHAP B - EAP-MS-CHAPv2 D - MS-CHAPv2 F - PAP

Question 37

__________ keys are usually used to encrypt data. __________ keys are usually used to decrypt data. ``` Choices: A - Public, Private B - Public, Symmetric C - Symmetric, Private D - Symmetric, Asymmetric ```

Answer 37

A - Public, Private

Question 38

Which of these encryption methods uses block ciphers? Choose three answers. ``` Choices: A - TLS B - AES C - DES D - SSL E - 3DES ```

Answer 38

B - AES C - DES E - 3DES

Question 39

Which three types of encryption are asymmetric? ``` Choices: A - SSL B - DES C - PGP D - TLS E - TKIP ```

Answer 39

A - SSL C - PGP D - TLS

Question 40

Which of the following formats allows exporting for both private keys and certificates? ``` Choices: A - Base64-encoded x.509 B - DER-encoded binary x.509 C - PKCS #7 D - PKCS #12 ```

Answer 40

D - PKCS #12

Question 41

When viewing a certificate, under which two tabs can you find the expiration dates for that certificate? ``` Choices: A - Certification Path B - Logins C - General D - Default Encoding E - Details ```

Answer 41

C - General | E - Details

Question 42

Certificates that are revoked or expired are stored in which part of a PKI? ``` Choices: A - CPF B - RA C - CA D - CRL ```

Answer 42

D - CRL

Question 43

____________ uses code integrity policies to lock devices to run only trusted apps. ``` Choices: A - EM Shielding B - Device Guard C - Device Identifier D - Block Device ```

Answer 43

B - Device Guard

Question 44

Buffer overflow malware can attack by attempting to fill a(n) __________ field with a number outside the __________ range. ``` Choices: A - integer, integer B - integer, number C - buffer, number D - buffer, integer ```

Answer 44

A - integer, integer

Question 45

What type of virus changes constantly to deceive antivirus software? ``` Choices: A - Hoax virus B - Polymorphic virus C - Trojan horse D - Dynamic virus ```

Answer 45

B - Polymorphic virus

Question 46

A user calls a help desk and states that an antivirus program downloaded is not actually an antivirus program. What does the user have? ``` Choices: A - Worm B - Virus C - Trojan horse D - Zero day attack ```

Answer 46

C - Trojan horse

Question 47

__________ is a type of malware used to collect personal information and send the info to a third party. ``` Choices: A - Adware B - Spyware C - Rootkit D - Ransomware ```

Answer 47

B - Spyware

Question 48

Which of these describe common types of ransomware? Choose two answers. ``` Choices: A - Scareware B - Crackware C - Registry lock D - Encryption E - Lockscreen ```

Answer 48

D - Encryption | E - Lockscreen

Question 49

A user complains that newly installed software is displaying advertisements at the top of the screen. Which of the following has most likely been installed? ``` Choices: A - Virus B - Spyware C - Adware D - Worm ```

Answer 49

C - Adware

Question 50

Which of the following describes a class of malware that creates hidden openings in the OS? ``` Choices: A - Backdoor B - Directory traversal C - OpenPGP D - Trojan horse ```

Answer 50

A - Backdoor

Question 51

Which of the following malware types causes security breaches that have not yet been identified by credible sources? ``` Choices: A - Logic bomb B - Polymorphic C - Zero day attack D - Hoax ```

Answer 51

C - Zero day attack