StudyDroid: FlashCards on the web, and in your hand!

According to Microsoft, there is no “back door” in the BitLocker encryption mechanism that would allow third parties (including government and law enforcement agencies) to access a protected volume.

True

You can protect your network against social engineers with locked doors, passwords, or firewalls.

False

It is impossible for clandestine users outside the building to access servers using their own equipment.

False

Blocking all traffic through the use of firewalls is the more secure arrangement.

True

NTFS permissions are limited to shared folders.

False

Which of the following terms refers to automatic identification of individuals based on physiological characteristics?

biometrics

Which of the following is the most popular biometric technology in use today?

fingerprint matching

What process circumvents security barriers by persuading authorized users to provide passwords or other sensitive information?

social engineering

Which of the following is essentially a series of filters that examine the contents of packets and traffic patterns to and from the network to determine which packets they should allow to pass through the filter?

firewall

Which of the following is not an important criterion that firewalls can use in their rules?

DNS name

Which of the following is not a port that Windows uses for network browsing?

8080

Which network profile is not supported by Windows Server 2008?

server

Which of the following is not a default configuration of Windows Firewall?

The firewall is turned off.

Which of the following is the only technology included in Windows Server 2008 that can protect data while it is in transit?

IPsec

Which of the following is not an operation mode in BitLocker?

volume encryption mode

Proof of identity typically takes one of three forms. Which of the following is not a typical form of proof?

something you see

For encryption on a data network to be both possible and practical, what form of encryption do computers typically use?

public key

What type of list does SAM enable computers to maintain?

local users and groups that function as a decentralized authentication system

Which of the following is an example of a strong password?

55Caterpillars

Which of the following is the default maximum password age?

42 days

What is known as the cryptographic key that is used in exchanges between the security principal and the KDC?

long-term key

In the Kerberos Policy Settings, what is the default value for Maximum Lifetime for User Ticket?

10 hours

An ACL is a collection of individual permissions presented in what form?

access control entries

Effective permissions for a given resource can be assigned in various ways. Which of the following is not a way in which they can be assigned?

application controlled

Which of the following biometric authentication mechanisms is suitable for verification but not identification?

hand geometry

To modify firewall settings, you use the __________ tab of the Windows Firewall Settings dialog box.

Exceptions

IPsec includes a connection establishment routine, during which computers authenticate each other before transmitting data, and a technique called __________, in which data packets are encapsulated within other packets for their protection.

tunneling

The __________ is a dedicated cryptographic processor chip that the system uses to store BitLocker encryption keys.

Trusted Platform Module, TPM

To require a user to authenticate using a smart card, use the Active Directory Users and Computers console to open the user object’s Properties sheet, and select the __________ tab.

Account

__________ is essentially a system in which one character is substituted for another.

Encryption

__________ authentication is required to create an environment in which users can access all network resources with a single set of credentials—a desirable situation known as single sign-on (SSO).

Centralized

Many administrators express concern about whether they have enough bandwidth, but it’s __________ (the time it takes for a packet to travel from a source to a destination) that’s more likely to cause authentication problems across wide area network links.

latency

A security __________ is any user, computer, or service account that logs on to the domain.

principal

Kerberos authentication is based on specially formatted data packets known as __________.

tickets

Permission __________ means that parent resources pass their permissions down to their subordinates.

inheritance



Front		Back
According to Microsoft, there is no “back door” in the BitLocker encryption mechanism that would allow third parties (including government and law enforcement agencies) to access a protected volume.		True
You can protect your network against social engineers with locked doors, passwords, or firewalls.		False
It is impossible for clandestine users outside the building to access servers using their own equipment.		False
Blocking all traffic through the use of firewalls is the more secure arrangement.		True
NTFS permissions are limited to shared folders.		False
Which of the following terms refers to automatic identification of individuals based on physiological characteristics?		biometrics
Which of the following is the most popular biometric technology in use today?		fingerprint matching
What process circumvents security barriers by persuading authorized users to provide passwords or other sensitive information?		social engineering
Which of the following is essentially a series of filters that examine the contents of packets and traffic patterns to and from the network to determine which packets they should allow to pass through the filter?		firewall
Which of the following is not an important criterion that firewalls can use in their rules?		DNS name
Which of the following is not a port that Windows uses for network browsing?		8080
Which network profile is not supported by Windows Server 2008?		server
Which of the following is not a default configuration of Windows Firewall?		The firewall is turned off.
Which of the following is the only technology included in Windows Server 2008 that can protect data while it is in transit?		IPsec
Which of the following is not an operation mode in BitLocker?		volume encryption mode
Proof of identity typically takes one of three forms. Which of the following is not a typical form of proof?		something you see
For encryption on a data network to be both possible and practical, what form of encryption do computers typically use?		public key
What type of list does SAM enable computers to maintain?		local users and groups that function as a decentralized authentication system
Which of the following is an example of a strong password?		55Caterpillars
Which of the following is the default maximum password age?		42 days
What is known as the cryptographic key that is used in exchanges between the security principal and the KDC?		long-term key
In the Kerberos Policy Settings, what is the default value for Maximum Lifetime for User Ticket?		10 hours
An ACL is a collection of individual permissions presented in what form?		access control entries
Effective permissions for a given resource can be assigned in various ways. Which of the following is not a way in which they can be assigned?		application controlled
Which of the following biometric authentication mechanisms is suitable for verification but not identification?		hand geometry
To modify firewall settings, you use the __________ tab of the Windows Firewall Settings dialog box.		Exceptions
IPsec includes a connection establishment routine, during which computers authenticate each other before transmitting data, and a technique called __________, in which data packets are encapsulated within other packets for their protection.		tunneling
The __________ is a dedicated cryptographic processor chip that the system uses to store BitLocker encryption keys.		Trusted Platform Module, TPM
To require a user to authenticate using a smart card, use the Active Directory Users and Computers console to open the user object’s Properties sheet, and select the __________ tab.		Account
__________ is essentially a system in which one character is substituted for another.		Encryption
__________ authentication is required to create an environment in which users can access all network resources with a single set of credentials—a desirable situation known as single sign-on (SSO).		Centralized
Many administrators express concern about whether they have enough bandwidth, but it’s __________ (the time it takes for a packet to travel from a source to a destination) that’s more likely to cause authentication problems across wide area network links.		latency
A security __________ is any user, computer, or service account that logs on to the domain.		principal
Kerberos authentication is based on specially formatted data packets known as __________.		tickets
Permission __________ means that parent resources pass their permissions down to their subordinates.		inheritance



	x of y cards