Windows Security Features and Vulnerabilities, Exams of Computer Science

Various windows security features, vulnerabilities, and management tools. It discusses topics such as internet key exchange (ike), authentication header (ah), encapsulating security payload (esp), windows defender, powershell, windows firewall, network access protection (nap), security templates, and patch management. The document also identifies specific vulnerabilities, such as the one that allows remote attackers to execute arbitrary code via a crafted truetype font (ttf) file. Additionally, it covers windows bitlocker configuration requirements and the use of tools like the microsoft baseline security analyzer to identify security misconfigurations and missing updates. Overall, this document provides a comprehensive overview of windows security-related concepts, features, and management practices, making it a valuable resource for it professionals, security analysts, and students interested in windows security.

Typology: Exams

2024/2025

Available from 10/02/2024

exam-hut
exam-hut 🇺🇸

4.8

(5)

1.6K documents

1 / 13

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
FedVTE Windows Operating System Security Exam
New 2025 Latest Version Best Studying Material with
Questions and Answers
Which Internet Protocol Security (IPsec) protocol provides confidentiality by encrypting data?
A. Internet Key Exchange (IKE)
B. Authentication Header (AH)
C. Encapsulating Security Payload (ESP)
D. All of the above ---------- Correct Answer ------------ C. Encapsulating Security Payload (ESP)
Which description best defines a Hotfix? ----------- Correct Answer ------------- An update to fix a
very specific issue
In which multi tasking mode can an operating system take control of the processor without
consent from the task? ----------- Correct Answer ------------- Preemptive multi-tasking
A Virtual Private Network allows two systems to connect over a public network and have the
assurance of which of the following? ----------- Correct Answer ------------- All of the above
Which one of the following default rights can be performed by a member of the Windows User
Group? ----------- Correct Answer ------------- Increase a process working set
Which one of the following default rights can be performed by a member of the Windows User
Group?
A. Increase a process working set
B. Allow logons through the Remote Desktop Services
C. Create global objects
D. Load and unload device drivers ---------- Correct Answer ------------ A. Increase a process
working set
Which vulnerability allows remote attackers to execute arbitrary code via a crafted TrueType
Font (TTF) file?
A. Print Spooler - CVE-2013-0011
B. Kernel Mode Driver - CVE-2012-4786
C. Microsoft XML - CVE-2013-0007
pf3
pf4
pf5
pf8
pf9
pfa
pfd

Partial preview of the text

Download Windows Security Features and Vulnerabilities and more Exams Computer Science in PDF only on Docsity!

FedVTE Windows Operating System Security Exam

New 2025 Latest Version Best Studying Material with

Questions and Answers

Which Internet Protocol Security (IPsec) protocol provides confidentiality by encrypting data? A. Internet Key Exchange (IKE) B. Authentication Header (AH) C. Encapsulating Security Payload (ESP) D. All of the above ---------- Correct Answer ------------ C. Encapsulating Security Payload (ESP) Which description best defines a Hotfix? ----------- Correct Answer ------------- An update to fix a very specific issue In which multi tasking mode can an operating system take control of the processor without consent from the task? ----------- Correct Answer ------------- Preemptive multi-tasking A Virtual Private Network allows two systems to connect over a public network and have the assurance of which of the following? ----------- Correct Answer ------------- All of the above Which one of the following default rights can be performed by a member of the Windows User Group? ----------- Correct Answer ------------- Increase a process working set Which one of the following default rights can be performed by a member of the Windows User Group? A. Increase a process working set B. Allow logons through the Remote Desktop Services C. Create global objects D. Load and unload device drivers ---------- Correct Answer ------------ A. Increase a process working set Which vulnerability allows remote attackers to execute arbitrary code via a crafted TrueType Font (TTF) file? A. Print Spooler - CVE- 2013 - 0011 B. Kernel Mode Driver - CVE- 2012 - 4786 C. Microsoft XML - CVE- 2013 - 0007

D. Use After Free - CVE- 2012 - 4969 ---------- Correct Answer ------------ B. Kernel Mode Driver

  • CVE- 2012 - 4786 Of the following methods which one is a tool that centrally manages and configures Windows operating systems and applications and user settings? A. Microsoft Security Configuration Wizard B. Security Content Automation Protocol (SCAP) C. Group Policy D. None of the above ---------- Correct Answer ------------ C. Group Policy Which two of the following categories of monitoring are in the Action Center formerly known as the Windows Security Center? A. Windows API and Applications B. Windows Services and Processes C. Security and Maintenance D. Memory Management and CPU usage ---------- Correct Answer ------------ C. Security and Maintenance Which one of the following is required for Windows BitLocker configuration? A. Trusted Platform Module (TPM) B. Hardware Security Module C. UEFI (Unified Extensible Firmware Interface) D. None of the above ---------- Correct Answer ------------ A. Trusted Platform Module (TPM) Which option is best for a server to connect to a network? A. Wired B. Wireless C. Virtual Private Network D. None of the above ---------- Correct Answer ------------ A. Wired In a Kerberos Authentication process which one of the following sends a Ticket Granting Ticket secret key and a session key as a function? A. TGS_RESPONSE

C. In Server Manager: Tools menu > Windows PowerShell D. All of the above ---------- Correct Answer ------------ B. Charm > Search > type PowerShell > click Windows PowerShell In a Hardening Process which method uses plaintext files containing software and driver installation configuration settings? A. Security Templates B. Microsoft Baseline Security Analyzer C. Security Compliance Manager Toolkit (SCM) D. Group Policy ---------- Correct Answer ------------ A. Security Templates Which one of the following can be managed through group policies (GPO)? A. Authentication settings B. Software installation and update C. IPsec connections D. All of the above ---------- Correct Answer ------------ D. All of the above In a PowerShell environment the WhatIf parameter allows PowerShell users to test the command before actually executing. A. True B. False ---------- Correct Answer ------------ A. True Which built-in Windows security feature prevents users from loading unauthorized and unapproved applications? A. Windows Firewall B. Windows Defender C. Windows AppLocker D. Windows Group Policy ---------- Correct Answer ------------ C. Windows AppLocker CVE is short for Critical Vulnerabilities and Exploits. A. True B. False ---------- Correct Answer ------------ B. False Which one of the following is a cmdlet that is used to gather computer information? A. Get-WmiObject

B. Get-ChildItems C. Get-Service D. None of the above ---------- Correct Answer ------------ A. Get-WmiObject Which type of permissions are created by default on non child objects or based by user assignment? A. Inherited B. Standard C. Effective D. Explicit ---------- Correct Answer ------------ D. Explicit Which one of the following is a benefit of Dynamic Access Control? A. Improves productivity B. Data is protected at the appropriate level C. Content owners have control over their data D. All of the above ---------- Correct Answer ------------ D. All of the above Which Dynamic Access Control capability allows for "safety net" policies? A. Centralize Access Policies B. Data Classification C. Centralized Auditing D. Rights Management Service ---------- Correct Answer ------------ A. Centralize Access Policies Which one of the following could be categorized as a misconfiguration? A. Failure to set quotas for the group members and then the members overload the file server in an accidental DoS attack B. Mistakenly adding an account to a wrong group C. Accidentally setting the Everyone group to full control on a share drive D. All of the above ---------- Correct Answer ------------ D. All of the above

What are the four service startup types? A. Manual; Automatic; Disabled; Prompt B. Manual; Automatic; Enabled; Disabled C. Manual; Automatic; Scheduled; Disabled D. Manual; Automatic; Automatic (Delayed); Disabled ---------- Correct Answer ------------ D. Manual; Automatic; Automatic (Delayed); Disabled Which one of the following can be audited using the Windows Security Auditing feature? A. Audit IPSec Extended Mode B. Audit Logoff C. Audit Network Policy Server D. All of the above ---------- Correct Answer ------------ D. All of the above Authenticode is a means of code signing that allows users to verify the source and author of the signed software. A. True B. False ---------- Correct Answer ------------ B. False Which method scans systems to identify common security misconfigurations and missing security updates? A. Microsoft Security Configuration Wizard B. Microsoft Security Compliance Manager C. Microsoft Baseline Security Analyzer D. Group Policy ---------- Correct Answer ------------ C. Microsoft Baseline Security Analyzer Which one of the following is a Windows Firewall advantage? A. Can be configured with the Group Policy B. Provides a very granular customization of applications C. Can be configured with Netsh or PowerShell D. All of the above ---------- Correct Answer ------------ B. Provides a very granular customization of applications Security Templates provide a standardized way to organize and express and measure security related information.

A. True B. False ---------- Correct Answer ------------ B. False Which key command in PowerShell shows an objects methods and properties? A. Get-Help B. Get-Command C. Get-Member D. All of the above ---------- Correct Answer ------------ C. Get-Member Which execution mode has unrestricted access to the underlying hardware? A. Kernel B. Operating System C. User D. Guest ---------- Correct Answer ------------ A. Kernel Microsoft Security Configuration Wizard is a management tool that is based upon machine roles such as a file server a print server a domain controller etc. A. True B. False ---------- Correct Answer ------------ A. True Which solution is best to avoid downloading an untrusted patch? A. Disable automatic updates B. Check for updates on a trusted network C. Verify the source of the update D. All of the above ---------- Correct Answer ------------ D. All of the above During which step of Microsofts recommended Update Management Process would an update be tested? A. Assess B. Identify C. Evaluate and Plan D. Deploy ---------- Correct Answer ------------ C. Evaluate and Plan User Account Control (UAC) was introduced in Windows XP and Server 2003.

Which Network Access Protection (NAP) client collects and maintains a system health status? A. System Health Agent B. NAP Agent C. NAP Enforcement Client D. None of the above ---------- Correct Answer ------------ B. NAP Agent Many current network security tools such as Firewalls and Intrusion Detection Systems and Intrusion Prevention Systems are not 100% compatible with IPv6. A. True B. False ---------- Correct Answer ------------ A. True In which multi tasking mode can an operating system take control of the processor without consent from the task? A. Non-preemptive multi-tasking B. Preemptive multi-tasking C. Multi-threading D. Multi-programming ---------- Correct Answer ------------ B. Preemptive multi-tasking The Windows Security Configuration Wizard can be used to configure the Windows Firewall with advanced security support. A. True B. False ---------- Correct Answer ------------ A. True Which value in the PowerShell "execution policy" allows loading of all configuration files and scripts? ----------- Correct Answer ------------- Unrestricted Which Active Directory Certificate Service (AD CS) server role allows routers and other network devices that do not have a domain account to obtain certificates? ----------- Correct Answer ------------- B. Online Responder D. Network Device Enrollment Service Which key command in PowerShell shows an objects methods and properties? ----------- Correct Answer ------------- All of the above Which one of the following steps is not part of securing the Microsoft patch process? ----------- Correct Answer ------------- Apply patches while on the road Of the following methods which one is a tool that centrally manages and configures Windows

operating systems and applications and user settings? ----------- Correct Answer ------------- Group Policy In which one of the Social Engineering stages would you establish credibility? ----------- Correct Answer ------------- Relationship Development Microsoft Security Configuration Wizard is a management tool that is based upon machine roles such as a file server a print server a domain controller etc. ----------- Correct Answer ------------- True Which option is best for a server to connect to a network? ----------- Correct Answer ------------- Wired Authenticode is a means of code signing that allows users to verify the source and author of the signed software. ----------- Correct Answer ------------- False Which type of permissions are created by default on non child objects or based by user assignment? ----------- Correct Answer ------------- Explicit Which one of the following could be categorized as a misconfiguration? ----------- Correct Answer ------------- All of the above Which one of the following is a Windows Firewall advantage? ----------- Correct Answer --------- ---- B. Provides a very granular customization of applications C. Can be configured with Netsh or PowerShell What are the four service startup types? ----------- Correct Answer ------------- Manual; Automatic; Automatic (Delayed); Disabled Which method can start PowerShell in Windows 8? ----------- Correct Answer ------------- Charm

Search > type PowerShell > click Windows PowerShell The Windows Security Configuration Wizard can be used to configure the Windows Firewall with advanced security support. ----------- Correct Answer ------------- True Many current network security tools such as Firewalls and Intrusion Detection Systems and Intrusion Prevention Systems are not 100% compatible with IPv6. ----------- Correct Answer ----- -------- True Which one of the following creates and manages and exports (for deployment) security policies across multiple Windows operating systems roles and Microsoft applications? ----------- Correct Answer ------------- Microsoft Security Compliance Manager In a Hardening Process which method uses plaintext files containing software and driver installation configuration settings? ----------- Correct Answer ------------- A. Security Templates

security updates? ----------- Correct Answer ------------- Microsoft Baseline Security Analyzer In the Windows Registry what is a collection of discrete files called? ----------- Correct Answer -- ----------- Hives A logical Patch Management process is a one-time process that businesses should establish to ensure success. ----------- Correct Answer ------------- False Which Network Access Protection (NAP) client collects and maintains a system health status? -- --------- Correct Answer ------------- NAP Agent Which solution is best to avoid downloading an untrusted patch? ----------- Correct Answer ------ ------- All of the above Which one of the following can be audited using the Windows Security Auditing feature? -------- --- Correct Answer ------------- All of the above Which one of the following can be managed through group policies (GPO)? ----------- Correct Answer ------------- All of the above Which one of the following DLL file handles the memory management? ----------- Correct Answer ------------- Kernel32.dll Which one of the following is required for Windows BitLocker configuration? ----------- Correct Answer ------------- Trusted Platform Module (TPM) Which type of attacker has actions that are considered noble by the attacker but could cause more harm than good? ----------- Correct Answer ------------- Gray Hat In a PowerShell environment the WhatIf parameter allows PowerShell users to test the command before actually executing. ----------- Correct Answer ------------- True Which one of the following is a cmdlet that is used to gather computer information? ----------- Correct Answer ------------- Get-WmiObject Which execution mode has unrestricted access to the underlying hardware? ----------- Correct Answer ------------- Kernel Windows Defender was formerly known as Microsoft Anti-Spyware. ----------- Correct Answer - ------------ True