1. Which of the following is not a goal of a secure environment?
All required information is available to authorized users.
No information is available to unauthorized users.
All required information is available to unauthorized users.
No classified information is available to unauthorized users.
2. Which term describes the central component of an operating system?
Kernel
Shell
Hardware Abstraction Layer
Executive
3. What are the two run modes for Windows programs?
Supervisor mode and executive mode
Kernel mode and supervisor mode
User mode and executive mode
Kernel mode and user mode
4. Which of the following Windows components resides in memory to provide the core operating system services?
Kernel
Microkernel
Executive
Hardware Abstraction Layer
5. What is the name of the process that proves you are who you say you are?
Identification
Authorization
Permission
Authentication
6. Which type of authentication is a smart card?
Type I
Type II
Type III
Type IV
7. Which access control method relates data classification to user clearance?
MAC
DAC
RBAC
LDAC
8. What value uniquely identifies a user or group in Windows?
UID
SAT
SID
ACE
9. If the same user is created on three separate Windows computers, which value is the same on all three computers?
SID
User code
Username
SAT
10. Which Windows feature allows users and groups to be “shared” among machines?
Domain controller
Workgroup
SID
Active Directory
11. What defines the limit of how many computers share users and groups?
SID
GUID
Domain
Workgroup
12. Which of the following best describes the term attack surface?
All possible vulnerabilities in application software that could be exploited
All possible vulnerabilities that could be exploited
The most likely avenues of attack
Known vulnerabilities that have not been patched
13. When possible, what is the best way to mitigate vulnerability in a specific service?
Remove the service.
Disable the service.
Block access to the service.
Patch the service.
14. When monitoring a Windows system, with what do you compare current system performance to test for security compliance?
The previous monitoring results
A normal performance scan
A stated baseline
A defined security goal
15. Why should you immediately test your system for security compliance after making a configuration change?
Configuration changes generally increase security.
Configuration changes generally decrease security.
Configuration changes may introduce new vulnerabilities.
Configuration changes may remove existing vulnerabilities.
18.226.34.25