Q1. Which of the following can search contents of a hard disk, address book of an e-mail, or any information about the computer, and transmit the information to the advertisers or other interested parties without user knowledge?
A. Malware
B. Firmware
C. Spyware
D. Adware
Answer: C
Q2. Mark works as a Network Administrator for BlueWell Inc. The company has a Windows-based network. Mark has retained his services to perform a security assessment of the company's network that has various servers exposed to the Internet. So, it may be vulnerable to an attack. Mark is using a single perimeter ?rewall, but he does not know if that is enough. He wants to review the situation and make some reliable recommendations so that he can protect the data over company's network. Which of the following will Mark do to accomplish the task?
A. Outsource the related services.
B. Encrypt the data and than start transmission.
C. Locate the Internet-exposed servers and devices in an internal network.
D. Create a perimeter network to isolate the servers from the internal network.
Answer: D
Q3. Which of the following contains a tree of domain names?
A. Domain name space
B. Domain name formulation
C. Domain Name System
D. Authoritative name server
Answer: A
Q4. Which of the following services does IPSec provide for protecting data? Each correct answer represents a complete solution. Choose two.
A. Network authentication
B. Encryption
C. Data authentication
D. Compression
Answer: BC
Q5. Which of the following are the major components of the IPsec protocol? Each correct answer represents a complete solution. Choose all that apply.
A. Encapsulating Security Payload (ESP)
B. Authentication Header (AH)
C. Internet Encryption Key (IEK)
D. Internet Key Exchange (IKE)
Answer: ABD
Q6. The stronger password is a critical element in the security plan. Which of the following are the characteristics used to make up a strong password?
A. It contains more than seven hundred characters and does not contain the user name, real name, or any name that can be guessed by the attacker easily.
B. It contains more than seven characters and does not contain the user name, real name, or anyname that can be guessed by the attacker easily.
C. It contains the user name, real name, or any name that can be remembered easily and does not contain more than seven characters.
D. It contains more than seven characters and the user name, real name, or any name.
Answer: B
Q7. You work as a network administrator for an insurance company called InZed Inc. The company has developed a corporate policy that requires all machines to use the IPSec security protocol. If the computer they are logging in from does not follow this corporate policy, they will be denied access to the network. Which of the following can you set up to help enforce the corporate policy?
A. Server Access Protection
B. System Center Data Protection Manager (DPM)
C. Microsoft Assessment and Planning (MAP) Toolkit
D. Network Access Protection
Answer: D
Q8. Which of the following is a tool that can be used to evaluate the servers having vulnerabilities that are related to the operating system and installed software?
A. DNS dynamic update
B. Windows Software Update Services
C. Read-Only domain controller (RODC)
D. Microsoft Baseline Security Analyzer
Answer: D
Q9. Which of the following is the process of keeping track of a user's activity while accessing network resources?
A. Authentication
B. Auditing
C. Spoofing
D. Biometrics
Answer: B
Q10. You work as a Network Administrator for TechMart Inc. The company has a Windows-based network. After completing a security audit of the company's Microsoft Windows Server 2008 R2 file servers, you have determined that folder and share security requires a revision on the basis of corporate reorganization. You have noticed that some shares on the file system are not secured. Which of the following will you use to prevent unauthorized changes to computers on the domain?
A. TCP/IP protocol
B. Kerberos
C. User Account Control (UAC)
D. Lightweight Directory Access Protocol
Answer: C