ch08

advertisement
Security+ Guide to Network Security, Second Edition
Lab Manual Solutions 8- 1
Chapter 8 Lab Manual Review Questions and Answers
Lab 8.1
1. What file systems are compatible with Windows NT Server 4.0?
(Choose all that apply.)
a.
b.
c.
d.
FAT
FAT32
OSPF
NTFS
2. Which of the following are features of NTFS version 5 that are not
available with FAT partitions? (Choose all that apply.)
a.
b.
c.
d.
share-level security
file-level security
compression
encryption
3. Which of the following commands converts a FAT partition to
NTFS?
a.
b.
c.
d.
update C: /FS:NTFS
upgrade C: /FS:NTFS
convert C: /FS:NTFS
convert C: /NTFS
4. What permissions are available for Windows folder shares?
(Choose all that apply.)
a.
b.
c.
d.
Read
Modify
Change
Full Control
5. Once a FAT partition has been converted to NTFS, the only way
to change it back to FAT is to rebuild the drive and restore it from
a backup. True or False?
Answers: (a, d), (b, c, d), c, (a, c, d), True
Security+ Guide to Network Security, Second Edition
Lab Manual Solutions 8- 2
Lab 8.2
1. Data confidentiality is best defined as __________.
a. data that has not been tampered with intentionally or
accidentally
b. data that has been scrambled for remote transmission
c. data that is secured so only intended users have access
d. data that can be accessed when it is needed
2. When comparing the Full Control and Modify NTFS permissions,
what differentiates the two?
a. Full Control is exactly the same as Modify.
b. Full Control allows you to change permissions and
ownership.
c. Modify only allows changes, while Full Control
allows changes as well as deletions.
d. Modify allows you to change permissions and
ownership.
3. A safeguard in Windows NT/2000/2003 allows administrators to
access data even if they have been explicitly denied. How is this
possible?
a.
b.
c.
d.
Administrators can take ownership and change the
permissions to allow access.
Administrators can log on as a user with permissions
and grant themselves access.
Administrators cannot be denied access to data.
This safeguard does not exist; administrators can be
denied access to data.
4. When NTFS permissions are combined with other NTFS
permissions, what are the effective permissions?
a.
b.
most restrictive
least restrictive
5. When NTFS permissions are combined with share permissions,
what are the effective permissions?
a.
b.
Answers: c, b, a, b, a
most restrictive
least restrictive
Security+ Guide to Network Security, Second Edition
Lab Manual Solutions 8- 3
Lab 8.3
1. Data availability is best defined as __________.
a.
b.
c.
d.
data that has not been tampered with intentionally or accidentally
data that has been scrambled for remote transmission
data that is secured so only intended users have access
data that can be accessed when it is needed
2. What technologies can be used to help reduce downtime and increase the time that
data is readily available? (Choose all that apply.)
a.
b.
c.
d.
backups
clustering
load balancing
RAID
3. A user took a leave of absence from your company for personal reasons. A
junior administrator deleted the user’s account from Active Directory. To fix
the problem, the junior administrator re-created the account. When the user
returned to work, he could not access any of his files. What is the cause?
a. Accounts with the same name should work; that is not the cause of
the problem.
b. The user’s account had expired.
c. The user’s password did not comply with the domain security policy.
d. Even though the two accounts have the same name, the SIDs are different.
4. How can data confidentiality affect data availability?
a.
b.
c.
d.
They are two independent areas that do not affect each other.
For data to be available, it cannot be confidential.
Data that is secured too strongly might conflict with the availability.
Data that is secured too weakly might conflict with the availability.
5. What percentage of downtime would be acceptable for an e-commerce business?
a.
b.
c.
d.
95%
100%
0%
50%
Answers: d, (a, b, c, d), d, c, c
Security+ Guide to Network Security, Second Edition
Lab Manual Solutions 8- 4
Lab 8.4
1. Data integrity is best defined as ________.
a. data that has not been tampered with intentionally or
accidentally
b. data that has been scrambled for remote transmission
c. data that is secured so only intended users have access
d. data that can be accessed when it is needed
2. Data integrity can be damaged by which of the following? (Choose all
that apply.)
a.
b.
c.
d.
viruses
worms
hackers
Trojan horses
3. An administrator restores a folder of files at the request of the
folder’s owner. Two days later the user calls the Help desk to
complain that some data is missing from files that were updated
two weeks ago. What could have happened?
a.
b.
c.
d.
The restore failed and corrupted the data.
The restore was successful but restored some files that
should not have been restored.
The original backup was corrupt.
The user’s files were infected with a virus.
4. Data integrity can be threatened by environmental hazards such as
dust, surges, and excessive heat. True or False?
5. Which of the following helps maintain data integrity? (Choose all
that apply.)
a.
b.
c.
d.
disaster recovery plans
an equipment standards policy
system documentation
preventive maintenance
Answers: a, (a, b, c, d), b, True, (a, b, c, d)
Security+ Guide to Network Security, Second Edition
Lab Manual Solutions 8- 5
Lab 8.5
1. Encryption is best defined as __________.
a. data that has not been tampered with intentionally or
accidentally
b. data that has been scrambled
c. data that is secured so only intended users have access
d. data that can be accessed when it is needed
2. In Windows Server 2003, who can access encrypted files? (Choose
all that apply.)
a.
b.
c.
d.
the owner of the files
the administrator
the recovery agent
all users
3. If data that is encrypted with NTFS encryption is copied to a FAT
partition, the data is decrypted. True or False?
4. What is the Windows Server 2003 command-line utility that can be
used to encrypt data?
a.
b.
c.
d.
Crypto
EncryptIt
Encrypt
Cipher
5. You have decided to use NTFS encryption to enhance security on
your network of six servers. Five of the six servers have compressed
drives, and a new administrator says that it would not be a good idea
to implement an encryption policy now. Why is or isn’t the
administrator correct?
a.
b.
c.
d.
The administrator is not correct; encryption helps
secure your network.
The administrator is not correct; encryption decreases
the performance of the servers, but is not noticeable to
the users.
The administrator is correct; encryption adds too
much overhead to the servers.
The administrator is correct; encryption and
compression cannot be used at the same time.
Answers: b, (a, b, c), True, d, d
Download