Exam Cram Quiz #1: Designing an access control strategy for data

Try your hand at these 10 Exam Cram prep questions from the MCSE Exam Cram 2 book "Designing security for a Microsoft Windows Server 2003 network."

Designing Security for a Microsoft Windows Server 2003 Network The following excerpt is from Chapter 6 of the MCSE Exam Cram 2 book "Designing security for a Microsoft Windows Server 2003 network" written by Ed Tittel, courtesy of Sams Publishing. Click to purchase, check out the complete book excerpt series.



Answer the questions for the following case study based on the information provided. Let us know how you did when you're done, and become eligible to win a free copy of the book!

Case: HACA Inc.

HACA Inc. is a large retail outlet with 75 chain stores located throughout the United States. HACA has recent concerns over the local security of the networks in each of its stores. Currently, the only administration performed on any of the computers is remote administration from the corporate offices in Birmingham, Ala. HACA is considering allowing some managers to perform some administration because they are closer to the situation and know more about the local needs of the store. As part of this change, the company wants to review all policies in regard to permissions and auditing of all network resources. The managers might also be asked to review the security logs on a set schedule. HACA has hired you as an independent consultant.


Question 1

Which delegation tool should HACA use to focus on the task to be delegated and let the system set the DACLs?

  • A. Active Directory Users and Computers
  • B. regedit.exe
  • C. Delegation of Control Wizard
  • D. Advanced permissions

Click for the correct answer.


Question 2

Which tools can you use to control the audit policy on computers on your network? (Choose two.)

  • A. Local Security
  • B. Group Policy
  • C. Advanced permission settings
  • D. Event Viewer

Click for the correct answer.


Question 3

Which audit setting tracks local logons on a computer?

  • A. Logon events
  • B. Directory service access
  • C. Account logon events
  • D. Privilege use

Click for the correct answer.


Question 4

Which of the following are Microsoft recommendations for directory service access permissions? (Choose two.)

  • A. Remove the default permissions when assigning specific permissions.
  • B. Use the settings with the broadest permissions possible without overassigning.
  • C. When possible, assign the same set of permissions to multiple objects.
  • D. Assign Full Control permissions whenever possible.

Click for the correct answer.


Question 5

Which type of group is named for the resource and must be contained in the same domain as the resource?

  • A. Global
  • B. Domain Local
  • C. Universal
  • D. Nested

Click for the correct answer.


Question 6

Which permission are only NTFS permissions and not share permissions? (Choose two.)

  • A. List Folder Contents
  • B. Change
  • C. Read & Execute
  • D. Full Control

Click for the correct answer.


Question 7

Which NTFS permissions allow a user to change a file or folder but do not allow a user to delete the file or folder?

  • A. Modify
  • B. Write
  • C. Change
  • D. Read & Execute

Click for the correct answer.


Question 8

Which two of the following are part of the three steps to determine effective permissions?

  • A. Determine the most restrictive of all permissions.
  • B. Combine the NTFS permissions.
  • C. Determine the least restrictive of all permissions.
  • D. Combine the share permissions.

Click for the correct answer.


Question 9

Which of the following is true about volume shadow copies?

  • A. They are full copies of a file that are stored multiple times.
  • B. They are automatically copied every 5 minutes.
  • C. They replace the need to back up your servers.
  • D. They can only be created on NTFS volumes.

Click for the correct answer.


Question 10

Which of the following are true regarding the Registry? (Choose two.)

  • A. The only way to change the Registry is with the Registry Editor tool.
  • B. Users cannot usually make any changes to the Registry.
  • C. You should audit the Registry only when you feel that it has been attacked.
  • D. By default, only the administrator of a computer has the right to make changes directly to the Registry settings of that computer.

Click for the correct answer.

How did you do? Let us know and become eligible to win a free copy of the book!


Click for the book excerpt series or purchase the book here.

Dig deeper on Microsoft Active Directory Security

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchServerVirtualization

SearchCloudComputing

SearchExchange

SearchSQLServer

SearchWinIT

SearchEnterpriseDesktop

SearchVirtualDesktop

Close