1
Security+ Guide to Network Security, Second Edition Lab Manual Solutions 4-
Chapter 4 Lab Manual Review Questions and Answers
Lab 4.1
1. Which MMC snap-in is used to provide a centralized method of defining security?
a. Computer Management
b. Security Configuration and Analysis
c. Security Templates
d. Services
2. Security templates can be used to create security settings. True or False?
3. Which of the following is used in a security template to set security for user rights and logging for security events?
a. Account Policies
b. Local Policies
c. Restricted Groups
d. Registry
4. Which of the following is used to set security for local registry keys? (Choose all that apply.)
a. regedit
b. Local Policies section of a security template
c. Registry section of a security template
d. regedt32
5. The Local Group Policy is used to apply security templates, but these policies cannot be used to override a domain-based policy. True or False?
Answers: c; True; b; c, d; True
Lab 4.2
1. Which of the following security templates can be used on a workstation? (Choose all that apply.)
a. compatws
b. hisecdc
c. hisecws
d. securews
2. Which of the following security templates is most likely to cause a problem with access to the server?
a. basicdc
b. hisecdc
c. securedc
d. the absence of a security template
3. The password policy set by the hisecdc template is identical to the securedc template. True or False?
4. Programs on a workstation that has been upgraded from Windows NT 4 to Windows Server 2003 fail to run as a member of the local user group. Which of the following security templates can be used?
a. basicws
b. compatsw
c. compatws
d. basicsw
5. What number of characters is the minimum password length requirement once the hisecdc template is applied?
a. 0
b. 7
c. 8
d. 14
Answers: a, c, d; b; True; c; c
Lab 4.3
1. Which of the following is the file that contains the Windows accounts database?
a. Accounts
b. Secedit
c. SAM
d. SAM.dbf
2. If the system key is lost, it is impossible to recover the system. True or False?
3. Syskey encrypts which of the following registry hives? (Choose all that apply.)
a. SOFTWARE
b. SAM
c. SYSTEM
d. SECURITY
4. Which of the following are system security component files that are affected by syskey? (Choose all that apply.)
a. Winlogon.exe
b. SAM
c. Samsrv.dll
d. Samlib.dll
5. Which of the following methods are used by LOphtCrack to attack the accounts database? (Choose all that apply.)
a. dictionary
b. brute force
c. random generated
d. sniffing
Answers: c; True; b, c; a, c, d; a, b
Lab 4.4
1. Which of the following terms best describes a service that depends on another service to function properly?
a. required
b. dependence
c. child
d. parent
2. Which of the following is a valid startup type for services?
a. manual
b. automatic
c. disabled
d. all of the above
3. Services authenticate by using the user’s account and password. True or False?
4. Which of the following is equivalent to stopping and starting a service?
a. restart
b. reset
c. redo
d. reboot
5. Which of the following services supports pass-through authentication for computers in a domain?
a. Winlogon
b. Workstation
c. Net Logon
d. Server
Answers: C; D; False; A; A
Lab 4.5
1. Which of the following is a broadcast-based protocol?
a. TCP
b. UDP
c. NetBIOS
d. IP
2. In Windows Server 2003, it is possible to filter which of the following protocols? (Choose all that apply.)
a. TCP
b. UDP
c. NetBIOS
d. IP
3. In Windows Server 2003, which of the following options can be used to filter? (Choose all that apply.)
a. Permit All
b. Deny All
c. Permit Only
d. Deny Only
4. Windows Server 2003 offers another level of TCP/IP protection by supporting which of the following?
a. PGP
b. IPSec
c. EFS
d. MD5
5. To configure TCP/IP filtering, you need to know which of the following? (Choose all that apply.)
a. the protocol
b. the port
c. the IP address
d. the network ID
Answers: c; a, b, d; a, c; b; a, b