Windows Operating System Security, Exams of Computer Security

An overview of various security features and concepts related to the windows operating system. It covers topics such as different types of attackers, the microsoft update management process, execution modes, group policy management, the windows firewall, ipv6 compatibility, user group rights, security templates, powershell cmdlets, network access protection, service startup types, kerberos authentication, apis, powershell execution policies, multitasking modes, dynamic access control, windows security auditing, security management tools, bitlocker configuration, social engineering stages, security hardening methods, monitoring categories, ipsec protocols, misconfigurations, vulnerabilities, hotfixes, network access protection components, the windows registry, and windows defender. The document aims to equip readers with a comprehensive understanding of windows operating system security concepts and best practices.

Typology: Exams

2024/2025

Available from 10/23/2024

AcademicMinds
AcademicMinds 🇺🇸

2.3K documents

1 / 12

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
FedVTE Windows Operating System
Security
Which type of attacker has actions that are considered noble by the attacker but could
cause more harm than good?
A. White Hat
B. Black Hat
C. Red Hat
D. Gray Hat - D. Gray Hat
During which step of Microsofts recommended Update Management Process would an
update be tested?
A. Assess
B. Identify
C. Evaluate and Plan
D. Deploy - C. Evaluate and Plan
Which execution mode has unrestricted access to the underlying hardware?
A. Kernel
B. Operating System
C. User
D. Guest - A. Kernel
Which one of the following can be managed through group policies (GPO)?
A. Authentication settings
pf3
pf4
pf5
pf8
pf9
pfa

Partial preview of the text

Download Windows Operating System Security and more Exams Computer Security in PDF only on Docsity!

FedVTE Windows Operating System

Security

Which type of attacker has actions that are considered noble by the attacker but could cause more harm than good? A. White Hat B. Black Hat C. Red Hat D. Gray Hat - D. Gray Hat During which step of Microsofts recommended Update Management Process would an update be tested? A. Assess B. Identify C. Evaluate and Plan D. Deploy - C. Evaluate and Plan Which execution mode has unrestricted access to the underlying hardware? A. Kernel B. Operating System C. User D. Guest - A. Kernel Which one of the following can be managed through group policies (GPO)? A. Authentication settings

B. Software installation and update C. IPsec connections D. All of the above - D. All of the above The Windows Security Configuration Wizard can be used to configure the Windows Firewall with advanced security support. A. True B. False - A. True Which one of the following is a Windows Firewall advantage? A. Can be configured with the Group Policy B. Provides a very granular customization of applications C. Can be configured with Netsh or PowerShell D. All of the above - B. Provides a very granular customization of applications Many current network security tools such as Firewalls and Intrusion Detection Systems and Intrusion Prevention Systems are not 100% compatible with IPv6. A. True B. False - A. True Which one of the following default rights can be performed by a member of the Windows User Group? A. Increase a process working set B. Allow logons through the Remote Desktop Services C. Create global objects D. Load and unload device drivers - A. Increase a process working set Security Templates provide a standardized way to organize and express and measure security related information.

B. False - A. True Which solution is best to avoid downloading an untrusted patch? A. Disable automatic updates B. Check for updates on a trusted network C. Verify the source of the update D. All of the above - D. All of the above In a Kerberos Authentication process which one of the following sends a Ticket Granting Ticket secret key and a session key as a function? A. TGS_RESPONSE B. AS_RESPONSE C. TGS_REQ D. AP_RESPONSE - B. AS_RESPONSE An API is a set of functions that an application can call to allow the application to operate within Windows. A. True B. False - A. True Which Active Directory Certificate Service (AD CS) server role allows routers and other network devices that do not have a domain account to obtain certificates? A. Certificate Enrolment Web Service B. Online Responder C. Certificate Enrolment Policy Web Service D. Network Device Enrollment Service - D. Network Device Enrollment Service

Which value in the PowerShell "execution policy" allows loading of all configuration files and scripts? A. AllSigned B. Unrestricted C. Undefined D. RemoteSigned - B. Unrestricted In which multi tasking mode can an operating system take control of the processor without consent from the task? A. Non-preemptive multi-tasking B. Preemptive multi-tasking C. Multi-threading D. Multi-programming - B. Preemptive multi-tasking Which Dynamic Access Control capability allows for "safety net" policies? A. Centralize Access Policies B. Data Classification C. Centralized Auditing D. Rights Management Service - A. Centralize Access Policies Which one of the following is a benefit of Dynamic Access Control? A. Improves productivity B. Data is protected at the appropriate level C. Content owners have control over their data D. All of the above - D. All of the above Which one of the following can be audited using the Windows Security Auditing feature?

D. None of the above - A. Trusted Platform Module (TPM) CVE is short for Critical Vulnerabilities and Exploits. A. True B. False - B. False Of the following methods which one is a tool that centrally manages and configures Windows operating systems and applications and user settings? A. Microsoft Security Configuration Wizard B. Security Content Automation Protocol (SCAP) C. Group Policy D. None of the above - C. Group Policy In which one of the Social Engineering stages would you establish credibility? A. Information Gathering B. Select Target C. Relationship Development D. Relationship Exploitation - C. Relationship Development In a Hardening Process which method uses plaintext files containing software and driver installation configuration settings? A. Security Templates B. Microsoft Baseline Security Analyzer C. Security Compliance Manager Toolkit (SCM) D. Group Policy - A. Security Templates

Which method scans systems to identify common security misconfigurations and missing security updates? A. Microsoft Security Configuration Wizard B. Microsoft Security Compliance Manager C. Microsoft Baseline Security Analyzer D. Group Policy - C. Microsoft Baseline Security Analyzer Which two of the following categories of monitoring are in the Action Center formerly known as the Windows Security Center? A. Windows API and Applications B. Windows Services and Processes C. Security and Maintenance D. Memory Management and CPU usage - C. Security and Maintenance Which Internet Protocol Security (IPsec) protocol provides confidentiality by encrypting data? A. Internet Key Exchange (IKE) B. Authentication Header (AH) C. Encapsulating Security Payload (ESP) D. All of the above - C. Encapsulating Security Payload (ESP) Which one of the following could be categorized as a misconfiguration? A. Failure to set quotas for the group members and then the members overload the file server in an accidental DoS attack B. Mistakenly adding an account to a wrong group C. Accidentally setting the Everyone group to full control on a share drive

C. Virtual Private Network D. None of the above - A. Wired Which one of the following steps is not part of securing the Microsoft patch process? A. Always validate patches B. Apply patches while on the road C. Harden the WSUS server D. Ensure ALL software is patched not just Microsoft - B. Apply patches while on the road User Account Control (UAC) was introduced in Windows XP and Server 2003. A. True B. False - B. False A logical Patch Management process is a one-time process that businesses should establish to ensure success. A. True B. False - B. False In the Windows Registry what is a collection of discrete files called? A. Programs B. Hives C. Keys D. Trees - B. Hives Windows Defender was formerly known as Microsoft Anti-Spyware. A. True

B. False - A. True Which method can start PowerShell in Windows 8? A. > All Programs > Accessories > Windows PowerShell Folder > Windows PowerShell B. Charm > Search > type PowerShell > click Windows PowerShell C. In Server Manager: Tools menu > Windows PowerShell D. All of the above - B. Charm > Search > type PowerShell > click Windows PowerShell A Virtual Private Network allows two systems to connect over a public network and have the assurance of which of the following? A. Confidentiality B. Authentication C. Integrity D. All of the above - D. All of the above Which key command in PowerShell shows an objects methods and properties? A. Get-Help B. Get-Command C. Get-Member D. All of the above - C. Get-Member Which built-in Windows security feature prevents users from loading unauthorized and unapproved applications? A. Windows Firewall B. Windows Defender C. Windows AppLocker