Microsoft Microsoft Certifications 98-367 Questions & Answers

• Question 91:

  Which of the following practices should be followed to keep passwords secure? Each correct answer represents a complete solution. Choose three.

  A. Change the passwords whenever there is suspicion that they may have been compromised.

  B. A password should be alpha-numeric.

  C. A password should not be more than five words.

  D. Never write down a password.

  Correct Answer: ABD

  Answer: D, A, and B

  The following practices should be followed to keep passwords secure: Never write down a password.

  Change the passwords whenever there is suspicion that they may have been compromised. A password should be alpha-numeric. Never use the same password for more than one account. Never tell a password to anyone, including people

  who claim to be from customer service or security.

  Never communicate a password by telephone, e-mail, or instant messaging. Ensure that an operating system password and application passwords are different. Make passwords completely random but easy for you to remember.

• Question 92:

  Which of the following is the edge between the private and locally managed-and- owned side of a network and the public side that is commonly managed by a service provider?

  A. Internet

  B. Network perimeter

  C. Intranet

  D. VLAN

  Correct Answer: B

  A network perimeter is the edge between the private and locally managed-and-owned side of a network and the public side that is commonly managed by a service provider. In an efficient enterprise security design, the network perimeter offers a great opportunity for enhancing the security position of a network. The network perimeter consists of a Border Network and a Perimeter Network; each assumes an enforcement point within the network perimeter with each having a exclusive responsibility in the perimeter security model.

  Answer: C is incorrect. An intranet is a private network that is contained within an enterprise. Intranet is used to share company information and computing resources among employees. It is also used to facilitate working in groups and for teleconferencing. An intranet uses TCP/IP, HTTP, and other Internet protocols. Answer: D is incorrect. A VLAN is a broadcast domain created by a switch. Each broadcast domain connected to interfaces of the switch is known as a separate VLAN. A VLAN should be configured when a LAN has lots of traffic or more than 200 devices. It is also required when groups of users need more security or when a group of users has the same type of work and needs to be on the same broadcast domain. Answer: A is incorrect. Internet is a global network of computers, connected to each other using the TCP/IP protocol. Internet sites are available to all users. The Internet, sometimes called simply "the Net," is a worldwide system of computer networks - a network of networks in which users at any one computer can, if they have permission, get information from any other computer (and sometimes talk directly to users at other computers). It was conceived by the Advanced Research Projects Agency (ARPA) of the U.S. government in 1969 and was first known as the ARPANET. Today, the Internet is a public, cooperative, and self-sustaining facility accessible to hundreds of millions of people worldwide. Physically, the Internet uses a portion of the total resources of the currently existing public telecommunication networks. Technically, what distinguishes the Internet is its use of a set of protocols called TCP/IP (for Transmission Control Protocol/Internet Protocol).

• Question 93:

  Which of the following types of viruses protects itself from antivirus programs and is more difficult to trace?

  A. Armored virus

  B. MBR virus

  C. Boot sector virus

  D. Macro virus

  Correct Answer: A

  An armored virus is designed to stop antivirus researchers from examining its code by using various methods to make tracing and disassembling difficult. This type of virus also protects itself from antivirus programs, making it more difficult to trace. Answer: D is incorrect. A macro virus is a virus that consists of a macro code which infects the system. A Macro virus can infect a system rapidly. Since this virus has VB event handlers, it is dynamic in nature and displays random activation. The victim has only to open a file having a macro virus in order to infect the system with the virus. DMV, Nuclear, and Word Concept are some good examples of macro viruses. Answer: C is incorrect. A boot sector virus infects the master boot files of the hard disk or floppy disk. Boot record programs are responsible for booting the operating system. The boot sector virus copies these programs into another part of the hard disk or overwrites these files. Answer: B is incorrect. A Master boot record (MBR) virus replaces the boot sector data with its own malicious code. Every time when the computer starts up, the boot sector virus executes.

• Question 94:

  Mark works as a Security Officer for TechMart Inc. The company has a Windows- based network. He has bees assigned a project for ensuring the safety of the customer's money and information, not to mention the company's reputation. The company has gone through a security audit to ensure that it is in compliance with industry regulations and standards. Mark understands the request and has to do his due diligence for providing any information the regulators require as they are targeting potential security holes. In this situation, his major concern is the physical security of his company's system. He has a concern that people are authenticated to the servers in the data center. Which of the following actions will Mark take to prevent normal users from logging onto the systems?

  A. Call a team member while behaving to be someone else for gaining access to sensitive information.

  B. Use group policies to disable the use of floppy drives or USB drives.

  C. Provide protection against a Distributed Denial of Services attack.

  D. Develop a social awareness of security threats within an organization.

  Correct Answer: B

  To prevent normal users from logging onto the systems, it is required to create a group policy that can be applied to the servers to Deny Log on Locally for all non- administrative users. It will create a problem for the people who are in the data

  center with physical access. However, normal users should not have the ability to log on locally.

  Answer: C While stressing the Con?dentiality, Integrity, and Availability triangle in the training of users, the process of providing availability is related to security training to ensure the protection against a Distributed Denial of Services attack.

• Question 95:

  Sam works as a Web Developer for McRobert Inc. He wants to control the way in which a Web browser receives information and downloads content from Web sites. Which of the following browser settings will Sam use to accomplish this?

  A. Security

  B. Certificate

  C. Cookies

  D. Proxy server

  Correct Answer: A

  The Web browser's Security setting controls the way in which a Web browser receives information and downloads content from Web sites. In Internet Explorer, users can access the Security setting from Tools menu > Internet Options >

  Security tab page.

  Answer: C is incorrect. A cookie is a small bit of text that accompanies requests and pages as they move between Web servers and browsers. It contains information that is read by a Web application, whenever a user visits a site. Cookies are

  stored in the memory or hard disk of client computers. A Web site stores information, such as user preferences and settings in a cookie. This information helps in providing customized services to users. There is absolutely no way a Web

  server can access any private information about a user or his computer through cookies, unless a user provides the information. The Web server cannot access cookies created by other Web servers. Answer: D is incorrect. Proxy server

  setting is used to connect to the Internet through a proxy server.

• Question 96:

  You are taking over the security of an existing network. You discover a machine that is not being used as such, but has software on it that emulates the activity of a sensitive database server. What is this?

  A. A Polymorphic Virus

  B. A Honey Pot

  C. A reactive IDS.

  D. A Virus

  Correct Answer: B

  A honey pot is a device specifically designed to emulate a high value target such as a database server or entire sub section of your network. It is designed to attract the hacker's attention.

• Question 97:

  Your Web server crashes at exactly the point where it reaches 1 million total visits. You discover the cause of the server crash is malicious code. Which description best fits this code?

  A. Virus

  B. Worm

  C. Polymorphic Virus

  D. Logic Bomb

  Correct Answer: D

  A logic bomb is malware that executes its malicious activity when a certain condition is met, often when a certain date/time is reached. In this case it waited for the Web server to pass a certain threshold.

• Question 98:

  You work as a Network Administrator for NetTech Inc. You want to prevent users from accessing the graphical user interface (GUI) on the computers in the network. What will you do to accomplish this task?

  A. Implement a remote access policy

  B. Implement a group policy

  C. Apply NTFS permission

  D. Implement an account policy

  Correct Answer: B

  In order to prevent users from accessing the graphical user interface (GUI) on the computers in the network, you will have to implement a group policy. A group policy that is created by an administrator affects all users on a computer or all users on a domain. Group policies can be used for defining, customizing, and controlling the functioning of network resources, computers, and operating systems. They can be set for a single computer with multiple users, for users in workgroups, or for computers in a domain. Administrators can configure group policy settings for users as well as for computers in many ways. Group policies can be used to allow or restrict the access of a particular program by a particular user. It can also be used to configure the desktop, the Start menu, the taskbar, the Control Panel, security settings, among other things. In Windows XP, group policies can be configured by using the Group Policy Console dialog box, which can be opened by running the GPEDIT.MSC command from the Start menu. Answer: D is incorrect. An account policy controls the password expiration policy, the lockout policy, and other password features. Answer: A is incorrect. A remote access policy specifies how remote users can connect to the network and the requirements for each of their systems before they are allowed to connect. It defines the methods users can use to connect remotely such as dial up or VPN. This policy is used to prevent damage to the organizational network or computer systems and to prevent compromise or loss of data. Answer: C is incorrect. Applying NTFS permission will not help in accomplishing the task.

• Question 99:

  Which of the following ports is used by the IMAP4 protocol?

  A. 443

  B. 53

  C. 143

  D. 110

  Correct Answer: C

  Port 143 is used by the IMAP4 protocol.

  Answer: A is incorrect. Port 443 is used by the HTTPS protocol.

  Answer: B is incorrect. Port 53 is used by DNS. Answer: D is incorrect. Port 110 is used by the POP3 protocol.

• Question 100:

  You work as a network administrator for an insurance company called InZed Inc. The company has developed a corporate policy that requires all machines to use the IPSec security protocol. If the computer they are logging in from does not follow this corporate policy, they will be denied access to the network. Which of the following can you set up to help enforce the corporate policy?

  A. Server Access Protection

  B. System Center Data Protection Manager (DPM)

  C. Microsoft Assessment and Planning (MAP) Toolkit

  D. Network Access Protection

  Correct Answer: D

  The advantage of using Hyper-V on Windows Server 2008 is that a user can use many of the services offered with the Windows Server 2008 environment. One such service is the Network Access Protection (NAP) feature, which allows you to quarantine machines that do not meet specific network or corporate policies. The noncompliant machines will not be allowed to access the network utility unless and until they comply with the organization's policies.