Deck 11: Securing and Maintaining an Operating System

A) mv
B) rm
C) del
D) erase

A) authentication and authorization
B) data compression
C) encryption
D) malware protection

A) find -name acctg* -mtime -10 -print
B) search -name acctg* -mod 10 -print
C) find -name *acctg -mod 10 -print
D) search -name *acctg -mtime 10 -print

A) easy for users to understand
B) should be enforceable
C) uses legal terminology to protect the organization
D) clearly states the policy objectives

A) multifactor authentication
B) RADIUS authentication
C) mutual authentication
D) extensible authentication

A) audit
B) privacy
C) authentication
D) acceptable use

A) As long as the data is encrypted, it is safe.
B) Server rooms should be easy to access by all employees in an emergency.
C) Multifactor authentication for server rooms are recommended.
D) Servers should always be stored off-site where no users are located.

A) pagefile.sys
B) lower portion of RAM
C) swap file system
D) upper portion of RAM

A) EFS
B) Kerberos
C) IPsec
D) SMB

A) privacy policy
B) authentication policy
C) Internet use policy
D) data protection policy

A) Knowledge
B) Possession
C) Disposition
D) Inherence

A) MS-CHAP
B) Kerberos
C) PAP
D) RADIUS

A) IPsec
B) BitLocker
C) VPN
D) EFS

A) Kerberos
B) EAP-TLS
C) PAP
D) MS-CHAP v2

A) pagemon
B) nbtstat
C) vmstat
D) ifstat

A) If a computer detects that it is on a domain, the domain profile is automatically applied.
B) The protocols that Microsoft deems necessary for Windows functionality cannot be disallowed.
C) When the computer boots and detects a new network, Windows selects the public or private profile based on the types of packets it detects.
D) Windows Defender must be enabled after installing Windows and each rule configured manually.

A) Echo Reply - ICMPv4-Out
B) Echo Request - ICMPv4-Out
C) Echo Reply - ICMPv4-In
D) Echo Request - ICMPv4-In

A) you are using a dual core processor
B) the paging file is on the boot disk
C) your RAM is less than 4 GB
D) storing the paging file on an SSD

A) configure the firewall to use a different profile
B) disable the firewall
C) uninstall and reinstall the application
D) reset the switch and router

A) The user never has to change the password.
B) The user can use a blank password.
C) The user has to change the password every day.
D) The user account is disabled.

A) They are not useful for stopping inside threats.
B) All incoming traffic is allowed while outgoing traffic is disallowed.
C) All incoming traffic is disallowed by default.
D) They allow all outgoing traffic by default.

A) Linux Defender
B) netfilter
C) iptables
D) Security and Privacy

A) file-by-file backup
B) mirror backup
C) image backup
D) differential backup

A) Security flaws discovered by white hats are used to get ransom from vendors.
B) Black hats are paid by OS vendors to test for vulnerabilities.
C) Security flaws discovered by white hats are reported to the OS vendor.
D) Security updates should only be installed if an OS is under attack.

A) Kerberos
B) digital certificates
C) preshared key
D) multifactor

A) it can protect against media failure
B) you should never have more than one full set of media
C) media rotation is only necessary with tape drives
D) media rotation only happens with hard drives since the platters rotate

A) transparent mode
B) USB key mode
C) user authentication mode
D) EFS mode

A) iptables -A INPUT -p udp -dport 444 -j ACCEPT and iptables -A OUTPUT -p icmp -dport 555 -j ACCEPT
B) iptables -A INPUT -p tcp -dport 444 -j ACCEPT and iptables -A OUTPUT -p udp -dport 555 -j ACCEPT
C) iptables -A OUTPUT -p udp -dport 444 -j ACCEPT and iptables -A INPUT -p tcp -dport 555 -j ACCEPT
D) iptables -A OUTPUT -p tcp -dport 444 -j ACCEPT and iptables -A INPUT -p tcp -dport 555 -j ACCEPT

A) differential
B) sequential
C) incremental
D) binary

A) Temporarily hire technicians to configure the clients.
B) Send a memo to users about how to configure the firewall.
C) Use Group Policy to configure the firewall settings.
D) Export the correct settings from one computer and import them on all other clients.

A) Its primary use is against threats from outside the network.
B) For incoming packets, the destination is usually a network service like file sharing or DNS.
C) It should never be configured to allow packets transmitted by ping.
D) You need to download and install a host firewall on most modern OSs.

A) domain
B) private
C) public
D) host only

A) Nothing, the share can be accessed.
B) Configure the host firewall rules to allow SMB.
C) Configure the host firewall rules to allow ping packets.
D) Configure the host firewall rules to allow file and printer sharing.

A) netfilter -A INPUT -p icmp -j DROP
B) iptables -A INPUT --dport icmp -j DROP
C) netfilter -A INPUT --dport icmp -j DROP
D) iptables -A INPUT -p icmp -j DROP

A) To ensure updates are delayed for at least a month after being issued.
B) To prevent unexpected server restarts for updates that require it.
C) So they can inform client users of the details of each update.
D) To make sure the least critical updates are installed first.

A) Write a batch file.
B) Enable Storage Sense.
C) Configure Storage Spaces.
D) Buy a program.

A) You have centralized control over product updates.
B) Only approved updates are installed.
C) Internet bandwidth usage is reduced.
D) Updates are automatically tested.

A) Test them in a test environment.
B) Debug them using Task Manager.
C) Call the update vendor to verify compatibility.
D) Have a white hat test the updates for vulnerabilities.

A) Manually increase the paging file size.
B) Delete the paging file.
C) Move the paging file to the E: drive.
D) Manually decrease the paging file size.

A) RPM
B) RIS
C) WSUS
D) RDP