Lab Manual Soluitons 14-1

Guide to MCSE 70-290, Enhanced

Chapter 14 Solutions

Lab 14.1 Review Question Answers

  1. Which of the following is not a Local Policy that can be set in a security template?

Answer: c

  1. Which local security option should be disabled to prevent a potential denial of service attack?

Answer: d

  1. Which of the following account lockout policy configurations would lock out a user after more than 2 invalid login attempts in one day?

Answer: b

  1. Which of the following audit settings should be configured to audit local logons to this domain controller?
    Answer: c
  2. Which of the following audit settings should be configured to audit logons to the domain?
    Answer: a

Lab 14.2 Review Question Answers

  1. What is the primary advantage the secedit /analyze has over using the graphical Security Configuration and Analysis?

Answer: c

  1. In a secedit analysis log what indicates a difference in configured values between the analyzed computer and the template?

Answer: b

  1. In a secedit analysis log what indicates when a value exists in the computer but not in the template??

Answer: a

  1. If the /log switch is not specified what is the default location of the scesrv.log file?
    Answer: a
  2. Which command will perform a security analysis?
    Answer: c

Lab 14.3 Review Question Answers

  1. Which of the following is not a valid area to be specified in a secedit /configure command?

Answer: c

  1. Which area includes settings for the event log?

Answer: a

  1. What is the extension of a security template file?

Answer: c

  1. What is the extension of a security analysis database?
    Answer: d
  2. Which command refreshes computer and user group policy settings?
    Answer: b

Lab 14.4 Review Question Answers

  1. Which of the following is not a valid format to export a filtered list of events?

Answer: b

  1. It is not possible to filter by Event ID.

Answer: b. False

  1. Which of the following event types can be filtered out? (Select all that apply)

Answer: a, b, d

  1. If an event log has been exported as a csv file it cannot be imported back into the event log.
    Answer: a. True
  2. Which of the following event logs cannot be cleared without generating an event?
    Answer: b

Lab 14.5 Review Question Answers

  1. Which of the following users would not have the rights necessary to restore security settings using secedit.exe unless specifically granted the right?

Answer: d

  1. Which of the following template files should only be applied to domain controllers?

Answer: c

  1. Which of the following template files should only be applied to the computer the file originated on?

Answer: a

  1. Which of the following template files should only be applied to workstations and member servers?
    Answer: b
  2. Which of the following commands will merge DC Security.inf into a previously configured security database named default.sdb?
    Answer: c