Microsoft Microsoft Certifications 98-367 Questions & Answers

• Question 51:

  Mark works as a Network Administrator fot Blue Well Inc. The company has a Windows-based network. Mark is facing a series of problems with email spam and identifying theft via phishing scams. He wants to implement the various security measures and to provide some education because it is related to the best practices while using email. Which of the following can Mark use to minimize the spam amount that is hitting the Microsoft Exchange server of the company?

  A. Enable reverse DNS lookup

  B. Use Read-only Domain Controller

  C. Add Sender Policy Framework

  D. Permit User Account Control

  Correct Answer: A

  To minimize the amount of spam that is hitting the Microsoft Exchange server, it is required to enable reverse DNS lookup on the SMTP virtual server. It forces a system to crosscheck the domain name with a PTR record (IP address

  associated with the domain name) and if the IP address is not matched the record associated with that domain name, it will not delivered.

  Answer: C is incorrect. SPF is used to permit the administrator to configure the server to establish who is acceptable to send email from their domain. Answer: D is incorrect. User Account Control (UAC) is a technology and security

  infrastructure introduced with Microsoft's Windows Vista and Windows Server 2008 operating systems, with a more relaxed version also present in Windows 7 and Windows Server 2008 R2. It aims to improve the security of Microsoft

  Windows by limiting application software to standard user privileges until an administrator authorizes an increase or elevation.

  Answer: B is incorrect. Read-only Domain Controller (RODC) is a domain controller that hosts the read-only partition of the Active Directory database. RODC was developed by Microsoft typically to be deployed in a branch office environment.

  RODC is a good option to enhance security by placing it in a location where physical security is poor. RODC can also be placed at locations having relatively few users and a poor network bandwidth to the main site. As only the read-only

  partition of the Active Directory database is hosted by RODC, a little local IT knowledge is required to maintain it.

• Question 52:

  Which of the following statements about Network Address Translation (NAT) are true? Each correct answer represents a complete solution. Choose two.

  A. It allows the computers in a private network to share a global, ISP assigned address to connect to the Internet.

  B. It provides added security by using Internet access to deny or permit certain traffic from the Bastion Host.

  C. It allows external network clients access to internal services.

  D. It reduces the need for globally unique IP addresses.

  Correct Answer: AD

  Answer: A and D Network address translation (NAT) is a technique that allows multiple computers to share one or more IP addresses. NAT is configured at the server between a private network and the Internet. It allows the computers in a private network to share a global, ISP assigned address. It reduces the need for globally unique IP addresses. NAT modifies the headers of packets traversing the server. For packets outbound to the Internet, it translates the source addresses from private to public, whereas for packets inbound from the Internet, it translates the destination addresses from public to private. Answer: B is incorrect. Screened host provides added security by using Internet access to deny or permit certain traffic from the Bastion Host. Answer: C is incorrect. Bastion host allows external network clients access to internal services.

• Question 53:

  Mark works as the Network Administrator of a Windows 2000 based network. In order to reduce the administrative burden and to optimize the network performance, he implements the DHCP and the DNS servers on the network. What will he do integrate the working between the DHCP and the DNS servers? Each correct answer represents a part of the solution. Choose two.

  A. Configure the clients to use the DHCP server.

  B. Enable DNS updates on the DHCP server.

  C. Enable dynamic update on the DNS server.

  D. Use the TCP/IP protocol on the network.

  Correct Answer: BC

  Answer: B and C To ensure proper DHCP-DNS integration, Mark must enable dynamic DNS support on the DNS server as well as on the DHCP server. In the Windows 2000 Server, the DHCP service provides support to register and update information for legacy DHCP clients in DNS zones. Legacy clients typically include other Microsoft TCP/IP client computers that were released prior to Windows 2000 like Windows 9x, Windows NT. The DNS-DHCP integration, provided in the Windows 2000 Server, enables a DHCP client that is unable to dynamically update DNS resource records directly to have this information updated in the DNS forward, and reverse lookup zones by the DHCP server. Note: Dynamic integration with the DHCP service is available only with Windows 2000 Server. DNS-DHCP integration is not supported by DHCP servers running under Windows NT Server 4.0 and earlier versions.

• Question 54:

  You have configured a virtualized Internet browser on your Windows XP professional computer. Using the virtualized Internet browser, you can protect your operating system from which of the following?

  A. Brute force attack

  B. Distributed denial of service (DDOS) attack

  C. Mail bombing

  D. Malware installation from unknown Web sites

  Correct Answer: D

  Virtualized Internet browser can protect your operating system from Malware installation from unknown Web sites. It protects the operating system and other applications from poorly written or buggy code by isolating applications from the operating system.

• Question 55:

  Which of the following is a central, secure database in which Windows stores all hardware configuration information, software configuration information, and system security policies?

  A. Registry

  B. Program files folder

  C. DLL file

  D. Configuration file

  Correct Answer: A

  The registry is a central, secure database in which Windows stores all hardware configuration information, software configuration information, and system security policies.

  The registry is the central storage for all configuration data. It stores Windows operating system configuration, computer hardware configuration, configuration information about Win32-based applications, and user preferences in a hierarchical

  database file.

  Answer: B, C, and D are incorrect. The Program files folder, DLL file, or Configuration file is not a central, secure database in which Windows stores all hardware configuration information, software configuration information, and system

  security policies.

• Question 56:

  Which of the following MMC snap-in consoles is used to administer the replication of directory data among all sites in an Active Directory Domain Services (AD DS) forest?

  A. Active Directory Domains and Trusts

  B. Active Directory Administrative Center

  C. Group Policy Management Console

  D. Active Directory Sites and Services

  Correct Answer: D

  The Active Directory Sites and Services MMC snap-in console is used to administer the replication of directory data among all sites in an Active Directory Domain Services (AD DS) forest.

  Answer: A is incorrect. The Active Directory Domains and Trusts console is used to administer domain trusts, domain and forest functional levels, and user principal name (UPN) suffixes.

  Answer: B is incorrect. Active Directory Administrative Center is used to administer and publish information in the directory, including managing users, groups, computers, etc.

  Answer: C is incorrect. Group Policy Management Console (GPMC) is used to provide a single administrative tool for managing Group Policy across the enterprise.

• Question 57:

  Which of the following ports is used by the Remote Desktop Protocol?

  A. 80

  B. 23

  C. 3389

  D. 110

  Correct Answer: C

  Port 3389 is used by the Remote Desktop Protocol. Answer: B is incorrect. Port 23 is used by the TELNET protocol. Answer: A is incorrect. Port 80 is used by the HTTP protocol. Answer: D is incorrect. Port 110 is used by the POP3 protocol.

• Question 58:

  Which of the following is a tool that can be used to evaluate the servers having vulnerabilities that are related to the operating system and installed software?

  A. DNS dynamic update

  B. Windows Software Update Services

  C. Read-Only domain controller (RODC)

  D. Microsoft Baseline Security Analyzer

  Correct Answer: D

  Microsoft Baseline Security Analyzer is a tool that can be used to evaluate the servers having vulnerabilities that are related to the operating system and installed software Microsoft Baseline Security Analyzer (MBSA) is a software tool of

  Microsoft to determine security state by assessing missing security updates and less- secure security settings within Microsoft Windows, Windows components such as Internet Explorer, IIS web server, and products Microsoft SQL Server,

  and Microsoft Office macro settings. Microsoft Baseline Security Analyzer (MBSA) includes a graphical and command line interface that can perform local or remote scans of Windows systems.

  Answer: B is incorrect. Windows Server Update Services (WSUS) is an add- on component of Windows Server 2008. It provides functionality to a server to run as a Windows Update server in a Windows network environment. Administrators

  can configure a WSUS server as the only server to download updates from Windows site, and configure other computers on the network to use the server as the source of update files. This will save lots of bandwidth as each computer will not

  download updates individually. WSUS 3.0 SP1 is the only version of WSUS that can be installed on Windows Server 2008. Earlier versions of WSUS cannot be installed on a server running Windows Server 2008.

  Answer: C is incorrect. Read-only Domain Controller (RODC) is a domain controller that hosts the read-only partition of the Active Directory database. RODC was developed by Microsoft typically to be deployed in a branch office environment.

  RODC is a good option to enhance security by placing it in a location where physical security is poor. RODC can also be placed at locations having relatively few users and a poor network bandwidth to the main site. As only the read-only

  partition of the Active Directory database is hosted by RODC, a little local IT knowledge is required to maintain it.

  Answer: A is incorrect. DNS dynamic update is used to enable DNS client computers for registering and dynamically updating their resource records with a DNS server whenever any modification or change has been taken place. It is used to

  update the DNS client computers with the reflecting changes.

• Question 59:

  Mark works as a Security Officer for TechMart Inc. The company has a Windows- based network. He has bees assigned a project for ensuring the safety of the customer's money and information, not to mention the company's reputation. The company has gone through a security audit to ensure that it is in compliance with industry regulations and standards. Mark understands the request and has to do his due diligence for providing any information the regulators require as they are targeting potential security holes. In this situation, his major concern is the physical security of his company's system. Which of the following actions will Mark take to prevent the use of key loggers in the company?

  A. Provide protection against a Distributed Denial of Services attack.

  B. Call a team member while behaving to be someone else for gaining access to sensitive information.

  C. Ensure that the terminals are locked and perform a regular inspection of the ports on the systems.

  D. Develop a social awareness of security threats within an organization.

  Correct Answer: C

  To prevent the use of key loggers in the organization, user is required to ensure that the terminals are locked and to perform a regular inspection of the ports on the systems.

  Answer: A While stressing the Con? dentiality, Integrity, and Availability triangle in the training of users, the process of providing availability is related to security training to ensure the protection against a Distributed Denial of Services attack.

• Question 60:

  Mark work as a System Administrator for TechMart Inc. The company has a Windows-based network. Mark wants to allow the remote travel agents to be able to access the corporate network so that they are free to check email and post appointments that are booked for the particular day. Mark has decided to permit the travel agents to use their home computers but he is required to be assured that the information is not compromised by anyone because the security of client information is on the top priority for him. Which of the following is a potential risk if the travel agents will use their home computers for VPN access?

  A. VPN handles everything and encrypts the data.

  B. VPN does not allow the travel agents to use their home computers.

  C. VPN cannot prevent buffer overflow on the home computer from infecting the network.

  D. VPN cannot prevent potential viruses and malware on the home computer from infecting the network.

  Correct Answer: D

  In the above scenario, a potential risk is a viruses and malware attack because a VPN does not prevent potential viruses and malware attack on the home computer from being infecting the entire network. Mark can use the Direct Access that is a new feature with Windows 7 and Windows Server 2008 R2, to help in mitigating the potential risks. Answer: C is incorrect. Buffer overflow is a condition in which an application receives more data than it is configured to accept. It helps an attacker not only to execute a malicious code on the target system but also to install backdoors on the target system for further attacks. All buffer overflow attacks are due to only sloppy programming or poor memory management by the application developers. The main types of buffer overflows are: Stack overflow Format string overflow Heap overflow Integer overflow