Know-IT-all Chapter Quiz #25 Hardening Windows Systems

Think you have the skills to keep your Windows network secure? Take this quiz to find out if you're doing the right things to harden your Windows system! Send your score to us for a chance to win a copy of Hardening Windows Systems by veteran site expert Roberta Bragg, courtesy of McGraw-Hill/Osborne Media.
All answers to this quiz are found in the August 13-19 featured chapter download, but be warned - this quiz is designed to be challenging! Good luck!

How to take the quiz:
- After reading the question, note the letter of your answer. Check your answers by clicking the link to the answer key at the end of the quiz.
- Send us an e-mail telling us how you did to participate in our book giveaway this week.
NOTE: The weekly prize drawing is random - your score will not affect your chances of winning.
- To read more about a topic, open the chapter and locate the indicated page after each answer.

Chapter Quiz #25

1. What does NAT-T do that NAT doesn't?

a. NAT-T uses UDP to encapsulate the IPSec packet thus allowing it to pass through the NAT server.
b. NAT-T requires manual IKE synchronization but guarantees that no packets are dropped.
c. NAT-T requires manual RRAS synchronization but guarantees that no packets are dropped.
d. There is no 'NAT-T'. NAT and NAT-R are the only options in existence.

2. This is NOT true ot IPSec rules/policies:

a. Filter action determine what happens if a rule's filter is matched.
b. IPSec policies are not in effect until the policy is formally assigned.
c. It is possible to create an IPSec policy so tough it will make system recovery very difficult.
d. Possible filter actions are: Block, Permit and Negotiate.
e. There are a total of four methods of authentication.
f. Each rule can only have one filter action; however, a policy may be composed of several rules.
g. Policies may be scripted.
h. Filters specify source and destination IP addresses and protocols.

3. CMAK stands for...

a. Communications Manager Administration Kit
b. Communications Management Access Kit
c. Connection Manager Administration Kit
d. Connection Management Access Kit

4. This is the netsh-command for blocking connections during startup:

a. netsh ipsec dynamic set config bootexemptions value=tcp:0:3389:inbound
b. netsh ipsec static set config boot value=tcp:0:3389:inbound
c. netsh ipsec dynamic config exempt boot value=tcp:0:3389:all_inbound
d. netsh ipsec dynamic bootexemptions set value=tcp:0:3389:inbound
e. netsh ipsec dynamic config set bootexemptions value=tcp:0:3389:all_inbound
f. netsh ipsec static set config bootexemptions tvalue=tcp:0:3389:inbound
g. netsh ipsec dynamic set config bootexemptions value=tcp:0:3389:all_inbound

5. MS-CHAPv2 can be used used on all clients using Windows, except...

a. Windows XP Home
b. Windows 95
c. Windows Me
d. Windows 98
e. All the above can be configured to use MS-CHAPv2.


This was first published in August 2004

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: