Page 1


The safer , easier way to help you pass any IT exams.

Exam

: 98-367

Title

:

Ki

llT

es

t

Security fundamentals

Version : V10.02

1 / 21


The safer , easier way to help you pass any IT exams.

1.Windows Firewall is a built-in. host-based, stateless firewall. Select the correct answer if the underlined text does not make the statement correct. Select "No change is needed" if the underlined text makes the statement correct. A. Stateful B. Network layer C. Packet filter D. No change is needed Answer: A

es

t

2.HOTSPOT Alice sends her password to the game server in plaintext. Chuck is able to observe her password as shown in the following image:

Ki

llT

Use the drop-down menus to select the answer choice that completes each statement. Each correct selection is worth one point.

Answer:

2 / 21


The safer , easier way to help you pass any IT exams.

Ki

llT

Answer:

es

t

3.HOTSPOT For each of the following statements, select Yes if the statement is true. Otherwise, select No. Each correct selection is worth one point.

4.HOTSPOT For each of the following statements, select Yes if the statement is true. Otherwise, select No. Each correct selection is worth one point.

3 / 21


The safer , easier way to help you pass any IT exams.

Ki

llT

es

t

Answer:

5.Bridging is a process of sending packets from source to destination on OSI layer 3. Select the correct answer if the underlined text does not make the statement correct. Select "No change is needed" if the underlined text makes the statement correct. A. Routing B. Switching C. Repeating D. No change is needed. Answer: A 6.The primary purpose of Network Access Protection (NAP) is to prevent: A. Loss of data from client computers on a network. B. Non-compliant systems from connecting to a network. C. Users on a network from installing software. D. Unauthorized users from accessing a network.

4 / 21


The safer , easier way to help you pass any IT exams.

Answer: B Explanation: NAP enforces health policies by inspecting and assessing the health of client computers, restricting network access when client computers are noncompliant with health policy, and remediating noncompliant client computers to bring them into compliance with health policy before they are granted full network access. NAP enforces health policies on client computers that are attempting to connect to a network; NAP also provides ongoing health compliance enforcement while a client computer is connected to a network. Reference: http://technet.microsoft.com/en-us/library/cc754378(v=ws.10).aspx

es

t

7.You want to make your computer resistant to online hackers and malicious software. What should you do? A. Configure a forward proxy. B. Install anti-virus software. C. Enable spam filtering. D. Turn on Windows Firewall. Answer: B

Ki

llT

8.HOTSPOT For each of the following statements, select Yes if the statement is true. Otherwise, select No. Each correct selection is worth one point.

Answer:

5 / 21


The safer , easier way to help you pass any IT exams.

Ki

llT

es

t

9.Your company requires that users type a series of characters to access the wireless network. The series of characters must meet the following requirements: - Contains more than 15 characters - Contains at least one letter - Contains at least one number - Contains at least one symbol Which security technology meets these requirements? A. WEP B. WPA2 PSK C. WPA2 Enterprise D. MAC filtering Answer: B Explanation: Pre-shared key mode (PSK, also known as Personal mode) is designed for home and small office networks that don't require the complexity of an 802.1X authentication server.[9] Each wireless network device encrypts the network traffic using a 256 bit key. This key may be entered either as a string of 64 hexadecimal digits, or as a passphrase of 8 to 63 printable ASCII characters 10.Many Internet sites that you visit require a user name and password. How should you secure these passwords? A. Save them to a text file B. Enable session caching C. Configure the browser to save passwords D. Save them to an encrypted file E. Reuse the same password Answer: D 11.HOTSPOT You are an intern for a company where your manager wants to be sure you understand the social engineering threats that may occur.

6 / 21


The safer , easier way to help you pass any IT exams.

es

t

Your manager emphasizes the principles of the Microsoft Defense-in-Depth Security Model shown in the following image:

Ki

llT

Use the drop-down menus to select the answer choice that completes each statement. Each correct selection is worth one point.

Answer:

7 / 21


es

12.Physically securing servers prevents: A. Theft B. Compromise of the certificate chain C. Man-in-the middle attacks D. Denial of Service attacks Answer: A

t

The safer , easier way to help you pass any IT exams.

Ki

llT

13.To prevent users from copying data to removable media, you should: A. Lock the computer cases B. Apply a group policy C. Disable copy and paste D. Store media in a locked room Answer: B Explanation: Reference: http://blogs.technet.com/b/askds/archive/2008/08/25/removable-storage-group-policy-andwindows-server-2008-and-windows-vista.aspx 14.HOTSPOT For each of the following statements, select Yes if the statement is true. Otherwise, select No. Each correct selection is worth one point.

8 / 21


The safer , easier way to help you pass any IT exams.

Ki

llT

es

t

Answer:

15.You are an intern at Wide World Importers and help manage 1000 workstations. All the workstations are members of an Active Domain. You need to push out an internal certificate to Internet Explorer on all workstations. What is the quickest method to do this? A. Local policy B. Logon script C. Windows Update D. Group policy Answer: A 16.In Internet Explorer 8, the InPrivate Browsing feature prevents: A. Unauthorized private data input. B. Unencrypted communication between the client computer and the server. C. User credentials from being sent over the Internet. D. Any session data from being stored on the computer. Answer: D

9 / 21


The safer , easier way to help you pass any IT exams.

Explanation: Reference: http://windows.microsoft.com/en-us/windows/what-is-inprivate-browsing 17.The purpose of a digital certificate is to verify that a: A. Public key belongs to a sender. B. Computer is virus-free. C. Private key belongs to a sender. D. Digital document is complete. Answer: A Explanation: In cryptography, a public key certificate (also known as a digital certificate or identity certificate) is an electronic document that uses a digital signature to bind a public key with an identity.

llT

es

t

18.A mail system administrator scans for viruses in incoming emails to increase the speed of mail processing. Select the correct answer if the underlined text does not make the statement correct. Select "No change is needed" if the underlined text makes the statement correct. A. Decrease the chances of a virus getting to a client machine B. Verify that the senders of the messages are legitimate C. Ensure that all links in the messages are trustworthy D. No change is needed. Answer: A

Ki

19.You are volunteering at an organization that gets a brand new web server. To make the server more secure, you should add a second administrator account. Select the correct answer if the underlined text does not make the statement correct. Select "No change is needed" if the underlined text makes the statement correct. A. Disable unused services B. Enable LM authentication C. Enable NTLM authentication D. No change is needed. Answer: A 20.Role separation improves server security by: A. Enforcing principle of least privilege. B. Installing applications on separate hard disks. C. Physically separating high security servers from other servers. D. Placing servers on separate VLANs. Answer: A 21.The Windows Firewall protects computers from unauthorized network connections. Select the correct answer if the underlined text does not make the statement correct. Select "No change is needed'' if the underlined text makes the statement correct. A. Email viruses

10 / 21


The safer , easier way to help you pass any IT exams.

B. Phishing scams C. Unencrypted network access D. No change is needed Answer: D

Ki

llT

Answer:

es

t

22.HOTSPOT For each of the following statements, select Yes if the statement is true. Otherwise, select No. Each correct selection is worth one point.

23.Coho Winery wants to increase their web presence and hires you to set up a new web server. Coho already has servers for their business and would like to avoid purchasing a new one. Which server is best to use as a web server, considering the security and performance concerns? A. SQL Server B. File Server C. Domain Controller D. Application Server Answer: C

11 / 21


The safer , easier way to help you pass any IT exams.

24.A user who receives a large number of emails selling prescription medicine is probably receiving pharming mail. Select the correct answer if the underlined text does not make the statement correct. Select "No change is needed" if the underlined text makes the statement correct. A. Malware B. Spoofed mail C. Spam D. No change is needed. Answer: C

es

t

25.The client computers on your network are stable and do not need any new features. Which is a benefit of applying operating system updates to these clients? A. Keep the software licensed B. Keep the server ports available C. Update the hardware firewall D. Close existing vulnerabilities Answer: D

llT

26.Which password attack uses all possible alpha numeric combinations? A. Social engineering B. Brute force attack C. Dictionary attack D. Rainbow table attack Answer: C

Ki

27.A digitally signed e-mail message: A. Validates the recipient B. Validates the sender C. Is encrypted D. Is virus-free Answer: B Explanation: By digitally signing a message, you apply your unique digital mark to the message. The digital signature includes your certificate and public key. This information proves to the recipient that you signed the contents of the message and not an imposter, and that the contents have not been altered in transit. Reference: http://office.microsoft.com/en-us/outlook-help/secure-messages-with-a-digital-signatureHP001230539.aspx 28.HOTSPOT You are preparing a local audit policy for your workstation. No auditing is enabled. The settings of your policy are shown in the following image:

12 / 21


es

t

The safer , easier way to help you pass any IT exams.

Ki

llT

Use the drop-down menus to select the answer choice that completes each statement. Each correct selection is worth one point.

Answer:

13 / 21


The safer , easier way to help you pass any IT exams.

Ki

llT

es

t

Explanation: Dozens of events can be audited in Windows. The events fall into several categories: - Audit account logon events - audit each instance of a user logging on to or logging off from another computer in which this computer is used to validate the account. This event category is applicable to domain controllers only since DC’s are used to validate accounts in domains. - Audit account management - audit each event of account management on a computer. Examples of account maintenance include password changes, user account and group modifications. - Audit directory service access - audit the event of a user accessing an Active Directory object that has its own system access control list (SACL) specified. - Audit logon events - audit each instance of a user logging on to or logging off from a computer. Note that this is different than the ‘Audit account login events’ category. This tracks the logon event to a specific server. The former tracks which domain controller authenticated the user. - Audit object access - audit the event of a user accessing an object that has its own system access control list (SACL) specified. Examples of objects are files, folders, registry keys, printers, etc. - Audit policy change - audit every incident of a change to user rights assignment policies, audit policies, or trust policies. - Audit privilege use - audit each instance of a user exercising a user right. - Audit process tracking - audit detailed tracking information for events such as program activation, process exit, handle duplication, and indirect object access. - Audit system events - audit when a user restarts or shuts down the computer or when an event occurs that affects either the system security or the security log. Reference: http://www.petri.co.il/windows_auditing.htm 29.HOTSPOT You are at school and logged in to a Windows 7 computer using a standard user account. You need to change some of the properties of a desktop icon for an assignment. Your instructor provides you with an administrator username and password and asks you to do two tasks. When you open the Need Admin Access Properties window, you see the following image:

14 / 21


llT

es

t

The safer , easier way to help you pass any IT exams.

Ki

Use the drop-down menus to select the answer choice that completes each statement. Each correct selection is worth one point.

Answer:

15 / 21


The safer , easier way to help you pass any IT exams.

Ki

llT

es

t

30.Passwords that contain recognizable words are vulnerable to a: A. Denial of Service attack B. Hashing attack C. Dictionary attack D. Replay attack Answer: C Explanation: A dictionary attack is a method of breaking into a password-protected computer or server by systematically entering every word in a dictionary as a password. A dictionary attack can also be used in an attempt to find the key necessary to decrypt an encrypted message or document. Dictionary attacks work because many computer users and businesses insist on using ordinary words as passwords. Dictionary attacks are rarely successful against systems that employ multiple-word phrases, and unsuccessful against systems that employ random combinations of uppercase and lowercase letters mixed up with numerals. Reference: http://searchsecurity.techtarget.com/definition/dictionary-attack 31.Account lockout policies are used to prevent which type of security attack? A. Brute force attacks B. Users sharing passwords C. Social engineering D. Passwords being reused immediately Answer: A 32.What is the standard or basic collection of NTFS permissions? A. Read and execute, read, write, full control, modify, list folder contents B. Change permissions, read permissions, write permissions C. Read attributes, list folder/read data, traverse folder/execute file D. Create files/write data, create folders/append data, take ownership Answer: A Explanation: Reference: http://technet.microsoft.com/en-us/library/bb727008.aspx 33.Which is the minimum requirement to create BitLocker-To-Go media on a client computer?

16 / 21


The safer , easier way to help you pass any IT exams.

A. Windows XP Professional Service Pack 3 B. Windows Vista Enterprise Edition C. Windows 7 Enterprise Edition D. Windows 2000 Professional Service Pack 4 Answer: A 34.Which enables you to change the permissions on a folder? A. Take ownership B. Extended attributes C. Auditing D. Modify Answer: D

es

t

35.A group of users has access to Folder A and all of its contents. You need to prevent some of the users from accessing a subfolder inside Folder A. What should you do first? A. Disable folder sharing B. Hide the folder C. Change the owner D. Block inheritance Answer: A

Ki

llT

36.HOTSPOT For each of the following statements, select Yes if the statement is true. Otherwise, select No. Each correct selection is worth one point.

Answer:

17 / 21


The safer , easier way to help you pass any IT exams.

es

t

Explanation: Biometric devices, such as finger scanners consist of a reader or scanning device, Software that converts the scanned information into digital form and compares match points, and a database that stores the biometric data for comparison. To prevent identity theft, biometric data is usually encrypted when it is gathered.

Ki

llT

37.What are three examples of two-factor authentication? (Choose three.) A. A fingerprint and a pattern B. A password and a smart card C. A username and a password D. A password and a pin number E. A pin number and a debit card Answer: ABE Explanation: At minimum two-factor authentication requires two out of three regulatory-approved authentication variables such as: - Something you know (like the PIN on your bank card or email password). - Something you have (the physical bank card or a authenticator token). - Something you are (biometrics like your finger print or iris pattern). 38.For each of the following statements, select Yes if the statement is true. Otherwise, select No. Each correct selection is worth one point.

18 / 21


The safer , easier way to help you pass any IT exams.

llT

es

t

Answer:

Ki

39.You need to limit the programs that can run on client computers to a specific list. Which technology should you implement? A. Windows Security Center B. Security Accounts Manager C. System Configuration Utility D. AppLocker group policies Answer: A 40.The purpose of User Account Control (UAC) is to: A. Encrypt the user's account B. Limit the privileges of software C. Secure your data from corruption D. Facilitate Internet filtering Answer: B Explanation: User Account Control (UAC) is a technology and security infrastructure introduced with Microsoft's Windows machines. It aims to improve the security of Microsoft Windows by limiting application software to standard user privileges until an administrator authorizes an increase or elevation. In this way, only

19 / 21


The safer , easier way to help you pass any IT exams.

applications trusted by the user may receive administrative privileges, and malware should be kept from compromising the operating system. 41.What does implementing Windows Server Update Services (WSUS) allow a company to manage? A. Shared private encryption key updates B. Updates to Group Policy Objects C. Active Directory server replication D. Windows updates for workstations and servers Answer: D

t

42.The purpose of Microsoft Baseline Security Analyzer is to: A. List system vulnerabilities. B. Apply all current patches to a server. C. Set permissions to a default level. D. Correct a company's security state. Answer: A

Ki

llT

es

43.HOTSPOT For each of the following statements, select Yes if the statement is true. Otherwise, select No. Each correct selection is worth one point.

Answer:

20 / 21


The safer , easier way to help you pass any IT exams.

es

t

44.The Graphic Design Institute hires you to help them set up a server for their 20-person team. As a general practice of hardening the server, you start by performing which two tasks? (Choose two.) A. Disable the guest account. B. Rename the admin account. C. Remove the account lockout policy. D. Format partitions with FAT32. Answer: AB

Ki

llT

45.What are two attributes that an email message may contain that should cause a user to question whether the message is a phishing attempt? (Choose two.) A. An image contained in the message B. Spelling and grammar errors C. Threats of losing service D. Use of bold and italics Answer: BC Explanation: Reference: http://www.microsoft.com/security/online-privacy/phishing-symptoms.aspx 46.Keeping a server updated: A. Maximizes network efficiency B. Fixes security holes C. Speeds up folder access D. Synchronizes the server Answer: B

21 / 21


Profile for killtestmaterials2019

Killtest Free Online Test 98-367 Security Fundamentals MTA Exam V10.02 - Get To Pass 100%  

Getting real 98-367 exam questions and valid 98-367 study materials is a perfect way to pass 98-367 Security Fundamentals exam. Killtest new...

Killtest Free Online Test 98-367 Security Fundamentals MTA Exam V10.02 - Get To Pass 100%  

Getting real 98-367 exam questions and valid 98-367 study materials is a perfect way to pass 98-367 Security Fundamentals exam. Killtest new...

Advertisement