1.   1. Which of the following is not a goal of a secure environment?

    1. All required information is available to authorized users.

    2. No information is available to unauthorized users.

    3. All required information is available to unauthorized users.

    4. No classified information is available to unauthorized users.

  2.   2. Which term describes the central component of an operating system?

    1. Kernel

    2. Shell

    3. Hardware Abstraction Layer

    4. Executive

  3.   3. What are the two run modes for Windows programs?

    1. Supervisor mode and executive mode

    2. Kernel mode and supervisor mode

    3. User mode and executive mode

    4. Kernel mode and user mode

  4.   4. Which of the following Windows components resides in memory to provide the core operating system services?

    1. Kernel

    2. Microkernel

    3. Executive

    4. Hardware Abstraction Layer

  5.   5. What is the name of the process that proves you are who you say you are?

    1. Identification

    2. Authorization

    3. Permission

    4. Authentication

  6.   6. Which type of authentication is a smart card?

    1. Type I

    2. Type II

    3. Type III

    4. Type IV

  7.   7. Which access control method relates data classification to user clearance?

    1. MAC

    2. DAC

    3. RBAC

    4. LDAC

  8.   8. What value uniquely identifies a user or group in Windows?

    1. UID

    2. SAT

    3. SID

    4. ACE

  9.   9. If the same user is created on three separate Windows computers, which value is the same on all three computers?

    1. SID

    2. User code

    3. Username

    4. SAT

  10. 10. Which Windows feature allows users and groups to be “shared” among machines?

    1. Domain controller

    2. Workgroup

    3. SID

    4. Active Directory

  11. 11. What defines the limit of how many computers share users and groups?

    1. SID

    2. GUID

    3. Domain

    4. Workgroup

  12. 12. Which of the following best describes the term attack surface?

    1. All possible vulnerabilities in application software that could be exploited

    2. All possible vulnerabilities that could be exploited

    3. The most likely avenues of attack

    4. Known vulnerabilities that have not been patched

  13. 13. When possible, what is the best way to mitigate vulnerability in a specific service?

    1. Remove the service.

    2. Disable the service.

    3. Block access to the service.

    4. Patch the service.

  14. 14. When monitoring a Windows system, with what do you compare current system performance to test for security compliance?

    1. The previous monitoring results

    2. A normal performance scan

    3. A stated baseline

    4. A defined security goal

  15. 15. Why should you immediately test your system for security compliance after making a configuration change?

    1. Configuration changes generally increase security.

    2. Configuration changes generally decrease security.

    3. Configuration changes may introduce new vulnerabilities.

    4. Configuration changes may remove existing vulnerabilities.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.