CHAPTER 8 Question 1

1 out of 1 points You can create your own custom Data Collector Set. Answer Selected Answer: Correct Answer: True True

Question 2
1 out of 1 points Windows Server 2008 includes a built-in network monitor. Answer Selected Answer: Correct Answer: False False

Question 3
0 out of 1 points The version of Network Monitor that is built into Windows Server 2008 can capture 100 percent of the network traffic available to the network interface. Answer Selected Answer: Correct Answer: True False

Question 4
1 out of 1 points If multiple servers run WSUS, the administrator controls which clients access particular servers that run WSUS. Answer Selected Answer: Correct Answer: True True

Question 5

1 out of 1 points If Automatic Updates is configured to notify the user of updates that are ready to install, it checks to see whether a user with administrative privileges is logged on to the computer. Answer Selected Answer: Correct Answer: True True

Question 6
1 out of 1 points Which of the following is not a tool that can help you proactively troubleshoot network problems? Answer Selected Answer: Performance console Correct Answer: Performance console

Question 7
1 out of 1 points Which of the following are the specific processes or events that you want to track? Answer Selected Answer: performance counters Correct Answer: performance counters

Question 8
0 out of 1 points Which of the following is the default view of the Reliability and Performance Monitor? Answer Selected Answer: Performance Monitor

Correct Answer: Resource

Question 9
1 out of 1 points In the Reliability and Performance Monitor, which view provides information about system events that can affect a servers stability, including software installation and uninstallation, as well as any application, operating system, or hardware failures that have occurred over a particular time period? Answer Selected Answer: Reliability Monitor Correct Answer: Reliability Monitor

Question 10
0 out of 1 points The Reliability and Performance Monitor is a tool located within the Administrative Tools folder that combines features that had previously been spread across a number of tools. Which of the following is not a feature? Answer Selected Answer: Server Performance Advisor Correct Answer: Performance Monitor

Question 11
1 out of 1 points Which of the following is the most frequently used view within the Reliability and Performance Monitor? Answer Selected Answer: Performance Monitor Correct Answer:

Performance Monitor

Question 12
0 out of 1 points In which view can you view the counters associated with Data Collector Sets? Answer Selected Answer: System Monitor Correct Answer: Performance Monitor

Question 13
0 out of 1 points Which of the following is not a built-in Data Collector Set within Windows Server 2008? Answer Selected Answer: LAN Diagnostics Correct Answer: System Monitor

Question 14
0 out of 1 points Which log should be the first place you look when you suspect a problem with Active Directory? Answer Selected Answer: Event Viewer Correct Answer: Directory Service

Question 15
1 out of 1 points

In which node is Event Viewer located? Answer Selected Answer: Diagnostics node Correct Answer: Diagnostics node

Question 16
0 out of 1 points Which log records events associated with server installation, adding and removing server roles, installing applications, and so forth? Answer Selected Answer: System Correct Answer: Setup

Question 17
1 out of 1 points When you first launch Network Monitor, what key do you press to begin capturing network traffic? Answer Selected Answer: F10 Correct Answer: F10

Question 18
1 out of 1 points Windows Server Update Services (WSUS) is a Web-based tool for managing and distributing software updates that resolve known security vulnerabilities or otherwise improve performance of all of the following operating systems except __________. Answer

Selected Answer: Windows NT Correct Answer: Windows NT

Question 19
1 out of 1 points Updates that can be deployed via WSUS can include all of the following except __________. Answer Selected Answer: additional user experience features Correct Answer: additional user experience features

Question 20
0 out of 1 points Which of the following is not a category for the Windows operating system updates? Answer Selected Answer: recommended downloads Correct Answer: Group Policy updates

Question 21
1 out of 1 points Automatic Updates has been enhanced to support WSUS. This enhancement adds all of the following features when used in conjunction with a WSUS server except __________. Answer Selected Answer: support for Unix-based systems Correct Answer:

support for Unix-based systems

Question 22
1 out of 1 points Which of the following is not a main component of WSUS? Answer Selected Answer: Windows Update Communication Service Correct Answer: Windows Update Communication Service

Question 23
1 out of 1 points From where can a server that runs WSUS be synchronized? Answer Selected Answer: all of the above Correct Answer: all of the above

Question 24
1 out of 1 points Server management includes all of the following with the exception of __________. Answer Selected Answer: controlling download and installation behavior Correct Answer: controlling download and installation behavior

Question 25
1 out of 1 points

Initial WSUS server configuration options include all of the following except __________. Answer Selected Answer: all of the above Correct Answer: all of the above

Question 26
10 out of 10 points Match description to terminology. Answer Question The Reliability and __________ Monitor in Windows Server 2008 allows you to collect realtime information on your local computer or from a specific computer to which you have permissions.
You can access the Reliability and Performance Monitor from the Server Manager console or by keying __________ from the Run line or the command prompt. __________ Monitor provides detailed information necessary for in-depth analysis, logging capabilities, and alerts, which are useful for early warnings of possible system issues. One of the significant changes introduced in Windows Server 2008 performance monitoring is the Data __________ Set.

Correct Match E.
performance

Selected Match E.
performance

I.
perfmon

I.
perfmon

F.
Performance

F.
Performance

B.
Collector

B.
Collector

H. You have the ability to create Data Collector Set templates __________ that are based on the XML file format, thus allowing you to distribute templates across multiple servers for use by other administrators. Members of the Performance Log __________ group have all of the rights available to normal Users and Performance Monitor Users. C.
Users

H.
templates

C.
Users

Performance Log Users have the ability to create and A. modify Data Collector Sets, but only after an batch administrator has assigned this group the user right named Log on as a(n) __________ user on the server or servers in question.

A.
batch

J. Windows Server 2008 uses the Windows __________ Viewer to record system events that Event take place such as security, application, and role-specific events.
By default, a single custom view is created on each Windows Server 2008 computer called __________ Events, which collects Critical, Error, and Warning events from all logs on the server.

J.
Event

D.

D.

Administrative Administrative

The Event Collector Service creates and manages G. __________ to one or more remote computers; these subscriptions subscriptions collect events that match the criteria of an event filter that you define.

G.
subscriptions

Question 27
10 out of 10 points Match description to terminology. Answer Question What data is collected over time to provide a real-time view into the behavior and performance of the server operating systems and any applications that they are running?
Members of what group also have the ability to create and modify Data Collector Sets, but only after an administrator has assigned this group the user right named Log on as a batch user on the server or servers in question. What log records information associated with operating system events such as server restarts, issues with services, and so forth? What log records events associated with successful or failed access to secured resources on the server?

Correct Match C. event trace data H. Performance Log Users F. System Log E. Security Log

Selected Match C. event trace data H. Performance Log Users F. System Log E. Security Log

What service allows you to configure a single server as a repository of Event Viewer information for multiple computers?

D. Event Collector Service B.

WSUS

D. Event Collector Service B.

WSUS

What Web-based tool manages and distributes software updates that resolve known security vulnerabilities or otherwise improve performance of the Microsoft Windows XP, Windows Vista, Microsoft Windows Server 2003, and Windows Server 2008 operating systems?

G. What Microsoft Website works with Automatic Updates to provide timely, critical, and Windows noncritical system updates?
Update What does Automatic Updates use to perform downloads using idle network bandwidth?

G.
Windows Update

A.
BITS

A.
BITS

CHAPTER 9
Question 1
1 out of 1 points Each TCP/IP packet protected with IPSec contains a cryptographic checksum in the form of a keyed hash. Answer Selected Answer: Correct Answer: True True

Question 2
1 out of 1 points Use Tunnel mode when you require packet filtering and end-to-end security. Answer Selected Answer: Correct Answer: False False

Question 3

1 out of 1 points The Authentication Header (AH) protocol provides confidentiality and data encryption. Answer Selected Answer: Correct Answer: False False

Question 4
0 out of 1 points For IPSec, the only exception to complete protected cipher suite negotiation is the negotiation of the cipher suite of the initial ISAKMP SA, which is sent as XML Answer Selected Answer: Correct Answer: True False

Question 5
1 out of 1 points To identify a specific SA for tracking purposes, a 32-bit number known as the Security Parameters Index (SPI) is used. Answer Selected Answer: Correct Answer: True True

Question 6
1 out of 1 points Where is the checksum located? Answer Selected Answer: header of each packet Correct Answer: header of each packet

Question 7

0 out of 1 points What suite of protocols was introduced to provide a series of cryptographic algorithms that can be used to provide security for all TCP/IP hosts at the Internet layer, regardless of the actual application that is sending or receiving data? Answer Selected Answer: checksum Correct Answer: IPSec

Question 8
1 out of 1 points What are the IPSEC default settings for the key lifetime in minutes? Answer Selected Answer: 480 Correct Answer: 480

Question 9
1 out of 1 points What rule allows you to restrict inbound and outbound connections based on certain sets of criteria, such as membership in a particular Active Directory domain? Answer Selected Answer: Isolation Correct Answer: Isolation

Question 10
1 out of 1 points Which rule allows you to specify one or more computers that do not need to be

authenticated to pass traffic? Answer Selected Answer: Authentication exemption Correct Answer: Authentication exemption

Question 11
1 out of 1 points Before secure data is sent, what must occur to determine the type of traffic to be secured and how it will be secured? Answer Selected Answer: quick mode negotiations Correct Answer: quick mode negotiations

Question 12
1 out of 1 points IKE main mode has a default lifetime of __________ hours. Answer Selected Answer: 8 Correct Answer: 8

Question 13
1 out of 1 points To set the Netsh IPSec context, what is the first command you enter at the command prompt? Answer Selected Answer: netsh

Correct Answer: netsh

Question 14
0 out of 1 points Which statistic represents the number of failed outbound requests that occurred to establish the SA since the IPSec service started? Answer Selected Answer: Authentication Failures Correct Answer: Acquire Failures

Question 15
1 out of 1 points The command set config property=ipsecloginterval value=value can be set to what range of values? Answer Selected Answer: 60 86,400 Correct Answer: 60 86,400

Question 16
1 out of 1 points Which middle-of-the-road form of NTLM authentication was used to improve upon the security of LM Authentication? Answer Selected Answer: NTLM Authentication Correct Answer: NTLM Authentication

Question 17

1 out of 1 points Which type of attack is one in which a malicious user masquerades as the legitimate sender or recipient of network traffic? Answer Selected Answer: identity spoofing Correct Answer: identity spoofing

Question 18
1 out of 1 points Which process is used to establish trust between communicating systems, after which only trusted systems can communicate with each other? Answer Selected Answer: mutual authentication Correct Answer: mutual authentication

Question 19
1 out of 1 points Which default authentication method is used by IPSec policies deployed within an Active Directory domain and can only be used in an Active Directory environment? Answer Selected Answer: Kerberos v5 protocol Correct Answer: Kerberos v5 protocol

Question 20
1 out of 1 points What allows traffic that is defined in one direction to also be defined in the opposite direction?

Answer Selected Answer: mirroring Correct Answer: mirroring

Question 21
0 out of 1 points The driving factor behind combining administration of the Windows Firewall with IPSec policies is to streamline network administration on which type of computer? Answer Selected Answer: Windows Vista Correct Answer: Windows Server 2008

Question 22
0 out of 1 points Which field does the IPSec driver use to match the correct SA with the correct packet? Answer Selected Answer: IKE Authentication field Correct Answer: SPI field

Question 23
1 out of 1 points What is used to determine encryption key material and security protection for use in protecting subsequent main mode or quick mode communications? Answer Selected Answer: main mode negotiations Correct Answer:

main mode negotiations

Question 24
0 out of 1 points What statistic shows the total number of failed outbound quick mode SA addition requests that have been submitted by IKE to the IPSec driver since the IPSec service was last started? Answer Selected Answer: Receive Failures Correct Answer: Key Addition Failures

Question 25
1 out of 1 points What is the default authentication protocol in an Active Directory network? Answer Selected Answer: Kerberos v5 Correct Answer: Kerberos v5

Question 26
8 out of 10 points Match description to terminology. Answer Question An IP filter can be __________, meaning that traffic defined in one direction will also be defined in the opposite direction. Quick mode messages are __________ messages Correct Match I.
mirrored

Selected Match I.
mirrored

F.

J.

that are encrypted using the ISAKMP SA.

IKE main mode has a default lifetime of __________ hours, but this number is configurable from 5 minutes to a maximum of 48 hours. IPSec policy information is stored in Active Directory and cached in the local __________ of the computer to which it applies.

ISAKMP

stateful

B.
8, eight

B.
8, eight

E.
registry

E.
registry

A. You can configure __________ policies to extend persistent existing Active Directorybased or local IPSec policies, override Active Directorybased or local IPSec policies, and enhance security during computer startup.
You can use the IP Security Policy Management console or the __________ command-line utility to manage an Active Directorybased policy. __________ are the source IP address or range of addresses from which inbound traffic will be permitted.

A.
persistent

C.
netsh

C.
netsh

D.
Scopes

D.
Scopes

J. A(n) __________ firewall is so named because it can track and maintain information based on the status of a stateful particular connection. G. A(n) __________ connection security rule allows you to restrict inbound and outbound connections based on Isolation certain sets of criteria, such as membership in a particular Active Directory domain.
A(n) __________ is a value contained in a received IKE message that is used to help identify the corresponding main mode SA.

F.
ISAKMP

G.
Isolation

H.
cookie

H.
cookie

Question 27
8 out of 8 points Match description to terminolody. Answer Question Previous versions of Windows supported what type of rule in IPSec, which was activated by default for all policies?
The Windows Firewall is enabled by default on

Correct Match H. Default Response rule A.

Selected Match H. Default Response rule A.

all new installations of Windows Server 2008. How can it be managed?

Windows Firewall Control Panel B.

Windows Firewall Control Panel B.

What standard defines a mechanism to establish SAs?

Internet Key Internet Key Exchange, IKE Exchange, IKE

Which Diffie-Hellman process does not prevent a F. man-in-the-middle attack, in which a malicious user between the negotiating peers performs two Key Exchange Diffie-Hellman exchanges, one with each peer? What does Windows Server 2008 IPSec also support, which is the determination of new keying material through a new Diffie-Hellman exchange on a regular basis?

F. Key Exchange C. dynamic rekeying E. Connection Security Rules G. IP Filter List D.

RSOP

C. dynamic rekeying

E. The Windows Firewall with Advanced Security MMC snap-in enables you to incorporate IPSec into the Windows Firewall Connection by configuring one or more what? Security Rules
What is the name of the concatenation of one or more IP filters, which define a range of network traffic? What can you use to determine the IPSec policies that are assigned but are not applied to IPSec clients?

G. IP Filter List D.
RSOP