Microsoft Microsoft Certifications 98-367 Questions & Answers

• Question 131:

  You want to standardize security throughout your network. You primarily use Microsoft operating systems for servers and workstations. What is the best way to have standardized security (i.e. same password policies, lockout policies, etc.) throughout the network on clients and servers?

  A. Publish the desired policies to all employees directing them to implement according to policy.

  B. Configure each computer to adhere to the standard policies.

  C. When installing new workstations or servers, image a machine that has proper security settings and install the new machine with that image.

  D. Utilize Windows Security Templates for all computers.

  Correct Answer: D

  Windows templates are a method for setting security policies in a template, then applying that template to multiple computers.

  Answer: C is incorrect. This would only work for new computers and will not help you with existing computers on your network.

  Answer: A is incorrect. Asking employees to implement security policies will usually result in an uneven application of the policies. Some employees will get them properly implemented, some won't. Answer: B is incorrect. While this would

  work, it would be very labor intensive and is not the recommended method.

• Question 132:

  Which of the following protects against unauthorized access to confidential information via encryption and works at the network layer?

  A. Firewall

  B. NAT

  C. IPSec

  D. MAC address

  Correct Answer: C

  Internet Protocol security (IPSec) protects against data manipulation and unauthorized access to confidential information via encryption and works at the network layer. IPSec provides machine-level authentication as well as data encryption. It is used for VPN connections that use the L2TP protocol. It secures both data and password. Answer: B is incorrect. NAT also works at the network layer, but it does not provide encryption for data

• Question 133:

  Mark works as a Systems Administrator for TechMart Inc. The company has a Windows-based network. The company is adding an open, high-speed, wireless access for their customers and secured wireless for employees at all 37 branches. He wants to check the various security concerns for ensuring that business traffic is secured. He is also in under pressure to make this new feature a winning strategy for a company. Mark wants the employees to be free to troubleshoot their own wireless connections before contacting him. Which of the following is the basic troubleshooting step that he can ask them to do?

  A. To power cycle the wireless access points and then reboot the systems.

  B. To configure the network to use only Extensible Authentication Protocol (EAP).

  C. To reboot the computers they are using and then use the MAC filtering.

  D. To right-click the network icon in the system tray and then select Troubleshoot Problems.

  Correct Answer: D

  The basic troubleshooting step that Mark can ask his employees is to right-click the network icon in the system tray and then select Troubleshoot Problems. Answer: B is incorrect. Extensible Authentication Protocol (EAP) is defined as an authentication framework providing for the transport and usage of keying material and parameters that are generated by EAP methods. EAP is not a wire protocol and it defines only message formats.

• Question 134:

  Mark works as a Systems Administrator for TechMart Incl. The company has Windows-based network. Mark has been assigned a project to track who tries to log into the system and the time of the day at which the attempts occur. He is also required to create a system to track when confidential files are opened and who is trying to open it. Now, Mark logs when someone is not able to make a successful attempt to log into the system as Administrator but he also wants to log when the user is successful to log into the system as Administrator. Which of the following is the reason of logging by Mark when a user is successfully logged into the system as well as when he is failed?

  A. To determine if and when someone is authenticating successfully with high privilege.

  B. To make sure that user is not using the Administrator account.

  C. To determine if and when someone is authenticating successfully with high privilege.

  D. To make sure that user is not facing any problem.

  Correct Answer: C

  In the above scenario, Mark is required to determine if and when someone is able to be authenticated successfully with high privilege as well as the hacker activity. If any user was failed for a number of times and was then successful any attempt, it can be a hacker activity. That's why Mark logs when a user is successfully logged into the system as well as when he is failed.

• Question 135:

  Which of the following contains a tree of domain names?

  A. Domain name space

  B. Domain name formulation

  C. Domain Name System

  D. Authoritative name server

  Correct Answer: A

  Domain name space consists of a tree of domain names. Each node or leaf in the tree has zero or more resource records, which hold information associated with the domain name. The tree sub- divides into zones starting at the root zone.

  Answer: B is incorrect. The definitive descriptions of the rules for forming domain names appear in RFC 1035, RFC 1123, and RFC 2181. A domain name consists of one or more parts, technically called labels that are conventionally

  concatenated, and delimited by dots.

  Answer: C is incorrect. Domain Name System (DNS) is a distributed hierarchical naming system for computers, services, or other resources connected to the Internet or a private network. It associates various information with domain names

  assigned to each of the participants.

  Answer: D is incorrect. An authoritative name server is a name server that gives answers that have been configured by an original source, for example, the domain administrator or by dynamic DNS methods, in contrast to the answers that

  were obtained via a regular DNS query to one more name server. An authoritative-only name server only returns answers to the queries about domain names that have been specifically configured by the administrator.

• Question 136:

  Which of the following is a process in which data is changed before or while it is entered into a computer system?

  A. Data diddling

  B. Authentication

  C. Domain kiting

  D. Packet sniffing

  Correct Answer: A

  Data diddling is a process in which data is changed before or while it is entered into a computer system. A malicious code or virus can perform data diddling. For example, a virus can be written to intercept keyboard input. The virus displays the appropriate characters on the computer screen so that the user does not know the actual problem. Answer: C is incorrect. Domain kiting is a process whereby a user registers a domain (usually one with a prominent sounding name likely to attract significant traffic), and on that domain, he puts up a page with a lot of click through ads (the ads that pay the owner of the Web site for all clicks). During this process, the user who registered the domain cancels it before the normal grace period is over and then re-registers it again. This process is repeated any number of times with the end result of having the domain registered without ever actually paying for it. Answer: B is incorrect. Authentication is a process of verifying the identity of a person, network host, or system process. The authentication process compares the provided credentials with the credentials stored in the database of an authentication server. Answer: D is incorrect. Packet sniffing is a process of monitoring data packets that travel across a network. The software used for packet sniffing is known as sniffers. There are many packet-sniffing programs that are available on the Internet. Some of these are unauthorized, which can be harmful for a network's security.

• Question 137:

  You have an application that uses IPsec to secure communications between an Internet client and a server on the internal network.

  To which network security service must the IPsec client connect?

  A. SFTP

  B. SSH

  C. VPN

  D. RADIUS

  Correct Answer: C

• Question 138:

  You want to prevent external users from acquiring information about your network. You should implement a:

  A. router

  B. layer-3 switch

  C. firewall

  D. proxy server

  Correct Answer: C

• Question 139:

  A malicious user who intercepts and modifies communications is known as a:

  A. red hat hacker

  B. white hat hacker

  C. network sniffer

  D. man-in-the-middle

  Correct Answer: D

• Question 140:

  You need to hide internal IP addresses from the Internet while maintaining client access to the Internet.

  What should you implement?

  A. Port forwarding

  B. Secure Sockets Layer (SSL)

  C. Access Control Lists

  D. Network Address Translation (NAT)

  Correct Answer: D