logo image

2.11 & 2.15 Practice Questions

Which of the ff. is the single best rule to enforce when designing complex passwords?
longer passwords
For users on your network, you want to automatically lock their user accounts if four incorrect passwords are used within 10 minutes. What should you do?
configure account lockout policies in group policy
You want to make sure that all users have passwords over 8 character and that passwords must be changed every 30 days. What should you do?
Configure account policies in Group policy
You have hired 10 new temporary workers who will be with the company for 3 months. You want to make sure that these users can only log on during regular business hours. What should you do?
configure time and day restrictions
You are configuring the local security policy of a Windows 7 system. You want to prevent users from reusing old passwords. You also want to force them to use a new password for at least 5 days before changing it again. Which policies should you configure? (Select two.)
enforce password history; minimum password age
You are configuring the local security policy of a Windows 7 system. You want to require users to create passwords that are at least 10 characters long. You also want to prevent logon after three unsuccessful logon attemps. Which policies should you configure? (Select two.)
minimum password length; account lockout threshold
You have just configured the password policy and set the minimum password age to 10. What will be the effect of this configuration?
User cannot change the password for 10 days
You have implemented lockout with a clipping level of 4. What will be the effect of this setting?
the account will be locked for 4 incorrect attempts
Which of the ff. is not important aspect of password management?
enable account lockout
You are teaching new users about security and passwords. Which example of the passwords would be the most secure password?
T1a73gZ9!
Upon running a security audit in your organization, you discover that several sales employees are using the same domain user account to log in and update the company’s customer database. Which action should you take? (2)
Delete the account that the sales employees are currently using.
Train some employees to use their own accounts to update the customer database
You manage a single domain named widgets.com. Organizational units (OUs) have been created for each company department. User and computer accounts have been moved into their corresponding OUs. You define a password and account lockout policy for the domain. However, members of the Directors OU want to enforce longer passwords than are required for the rest of the users. You need to make the change as easily as possible. What should you do???????
implement a granular password policy for the users in the Directors OU
You manage a single domain named widgets.com. Organizational units (OUs) have been created for each company department. User and computer accounts have been moved into their corresponding OUs. You define a password and account lockout policy for the domain. However, members of the Directors OU want to enforce longer passwords than are required for the rest of the users. You would like to define a granular password policy for these users. Which tool should you use?
ADSI edit
You manage a single domain named widgets.com. Organizational units (OUs) have been created for each company department. User and computer accounts have been moved into their corresponding OUs. You define a password and account lockout policy for the domain. However, members of the Directors OU want to enforce longer passwords than are required for the rest of the users. You need to make the change as easily as possible. What should you do?
create a granular password policy. apply the policy to all users in the director’s OU
Yo manage a single domain named widgets.com. Organizational units (OUs) have been created for each company department. User and computer accounts have been moved into their corresponding OUs. Members of the Directors OU want to enforce longer passwords than are required for the rest of the users. You define a new granular password policy with the required settings. All users in the Directors OU are currently members of the DirectorsGG group, a global security group in that OU. You apply the new password policy to that group. Matt Barnes is the chief financial officer. He would like his account to have even more strict password policies than is required for other members of the Directors OU. What should you do?
create a granular password policy for Matt. apply the new policy directly to Matt’s user account.
Which of the following are methods for providing centralized authentication, authorization, and accounting for remote access?
TACACKS+, Radius
You have decided to implement a remote access solution that uses multiple remote access servers. You want to implement RADIUS to centralize remote access authentication and authorization.
Which of the following would be a required part of your configuration?
configure the remote access servers as RADIUS clients
Which of the following are characteristics of TACACS +?
allows for a possible of three different servers, one for each authentication, authorization, and account; uses TCP
Which of the following are differences between RADIUS and TACACS+?
Radius combines authentication and authorization into a single function. TACAS+ allows these services to be split between different servers.
Which of the ff. protocols can be used to centralize remote access authentication?
TCACS
RADIUS is primarily used for what purpose?
authenticating remote clients before access to the network is granted
Which of the ff. is a characteristic of TACACS+?
it encrypts the entire packet, not just authentication packets
Which of the ff. ports are used with TACACS?
49
What does a remote access server use for authorization?
Remote access policies
Which of the ff. is the best example of remote access authentication?
user establishes a dialup connection to a server to gain access to shared resources
Which of the following is a feature of MS-CHAP v2 that is not included in CHAP
Mutual authentication
CHAP performs which of the following security functions?
periodically verifies the identity of a peer using a three-way handshake
Which of the following authentication protocols transmits passwords in clear text, and is therefore considered too insecure for modern networks
PAP
Which remote access authentication protocol periodically and transparently re-authenticates during logon session by default
CHAP
which of the following authentication protocols uses a three-way handshake to authenticate users to the network? (choose 2)
MS-CHAP & CHAP
When using Kerberos authentication, which of the following terms is used to describe the token that verifies the identity of the user to the target system?
ticket
Which of the following are used when implementing Kerberos for authentication and authorization? (Select Two)
ticket granting server; time synchronization
Which of the ff. are requirements to deploy Kerberos on a network? (Select two.)
A centralized database of users and password, Time synchronization between devices
Which ports does LDAP use by default? (Select two.)
389 & 636
You want to deploy SSL to protect authentication traffic with you LDAP-based directory service. Which port would this use?
636
Your LDAP directory service solution uses simple authentication. What should you always do when using simple authentication?
Use SSL
You want to use Kerberos to protect LDAP authentication. Which authentication mode should you choose?
SASL
A user has just authenticated using Kerberos. What object is issued to the user immediately following logon?
ticket granting ticket
What protocol uses port 88?
kerberos
Which of the ff. authentication mechanisms is designed to protect a 9-character password from attacks by hashing the first seven characters into a single hash and then hashing the remaining two characters into another separate hash?
LANMAN
what is mutual authentication?
A process by which each party in an online communication verifies the identity of the other party
A manage has told you she is concerned about her employees writing their passwords for Web sites, network files, and databases resources on sticky notes. Your office runs exclusively in a Windows environment.
Which tool could be used to prevent this?
credential manager
KWalletManger is a Linux based credential management system that stores encrypted account credentials for network resources.
Which encryption methods can KWalletManager use to secure account credentials?(Two)
blowfish & GPG
You want to protect the authentication credentials you use to connect to the LAB server in your network by copying them to a USB drive.
What option would you hit?
back up credentials
In an identity Management System, what is the function of the Authoritative Source?
specify the owner of a data item
In an identity Management System, what is the function of the Identity Vault?
ensure that each employee has the appropriate level of access in each system
You are the network administrator for a small company. Your organization currently uses the following server systems:
• A Windows server that functions as a domain controller and a file server.
• A Novell Open Enterprise Server that functions as a GroupWise e-mail server.
• A Linux server that hosts your organization’s NoSQL database server that is used for big data analysis.

Because each of these systems uses its own unique set of authentication credentials, you must spend a considerable amount of time each week keeping user account information updated on each system.In addition, if a user changes his or her password on one system, it is not updated for the user’s accounts on the other two systems.

implement an identity vault. implement password synchronization

Need essay sample on "2.11 & 2.15 Practice Questions"? We will write a custom essay sample specifically for you for only $ 13.90/page

Can’t wait to take that assignment burden offyour shoulders?

Let us know what it is and we will show you how it can be done!
×
Sorry, but copying text is forbidden on this website. If you need this or any other sample, please register

Already on Businessays? Login here

No, thanks. I prefer suffering on my own
Sorry, but copying text is forbidden on this website. If you need this or any other sample register now and get a free access to all papers, carefully proofread and edited by our experts.
Sign in / Sign up
No, thanks. I prefer suffering on my own
Not quite the topic you need?
We would be happy to write it
Join and witness the magic
Service Open At All Times
|
Complete Buyer Protection
|
Plagiarism-Free Writing

Emily from Businessays

Hi there, would you like to get such a paper? How about receiving a customized one? Check it out https://goo.gl/chNgQy

We use cookies to give you the best experience possible. By continuing we’ll assume you’re on board with our cookie policy