20744 MOC
Cybersecurity Knowledge Assessment
Test your understanding of cybersecurity concepts and best practices with our comprehensive 75-question quiz. Whether you're an IT professional or a cybersecurity novice, this quiz offers a chance to challenge your knowledge and learn more about vital security measures.
Key Features:
- Multiple-choice and checkbox formats
- Covers various topics in cybersecurity
- Instant feedback on your answers
Select the common attack vectors from the following.
Email attachment
Popup windows
Deception
All the above
None of the above
Select one malware which is self-copying and replicate itself, that infects computers
Trojan
Ransomware
Viruses
Worms
Select 2 incident strategies for security breach from the list.
Disconnect from network
Relocate the server to different location
Law enforcement
Forensic analysis
Change the password of the administrator
Select 2 statements for principles of least privilege from the knowledge you gain from this course.
Use a single over privileged account.
Only use privileged accounts to perform administrative tasks
Use administrator account to perform administrative task
Avoid single over privileged account.
Select the settings to increase security for privileged accounts.
Logon hours
Late hours
Logon workstation
Logoff hours
Admin workstation
Select the built-in service account types.
Local system
Local service
Remote service
Database service
Network service
Application service
Group managed service accounts passwords are managed by IT operation team
True
False
GMSA must require this following key.
Public key
Private key
KDS root key
Organizations want to give IT Operations personnel the ability to perform administrative tasks such as resetting user passwords, without giving them the ability to perform other tasks, such as creating or deleting accounts. How do you do that
Add the member of the IT operations personal to Administrator group.
Create a Group managed service account and link to the IP operations personnel
Use delegation wizard to delegate the IT Operations personnel with specific task
Select the ways to secure Domain controller, select 2
Use the server core installation
Install windows server 2016
User RODC where security is not assured
Disable wired and wireless network.
LAPS is a password manager that uses active directory to manage and periodically change the passwords for local administrator accounts.
True
False
What is the powershell cmdlet used in LAPS to view the password
GET-AdmPwdPassword
GET-AdmPassword
GET-AdmPwd
GET-LAPSPassword
________________________________Protects the password of the domain by storing them in a virtual container instead of storing in RAM.
Protected user group
Windows defender credential guard
Group managed service account
Microsoft managed service account
You can search for problematic accounts, where no sign-in has occurred for more than 90 days using?
Active directory users and computer
Active directory Federation services
Active directory Administrative center
Active directory domain and trust
Actions are performed by using a special machine local virtual account in Just enough administration
True
False
What are the 2 important files in JEA
Role capability file
Visible function file
Session configuration file
Visible cmdlet file
The above 2 important files are automatically created in JEA.
True
False
What are the limitation of JEA. Write one limitation
JEA only works with Windows PowerShell sessions
Does not work with management consoles or other remote administration GMSPAM
A server can have only one JEA endpoints
True
False
Helps a computer resist attacks and infection from malware, only software or firmware signed with approved keys are allowed to execute
Dual boot
Antivirus
Secure boot
PAM process is implemented through temporary group
True
False
What is the default TTL for PAM
Half an hour
1 hour
1 day
3 days
What is the tool which does same as ADDS with better Graphical user interface
Privileged access management
Microsoft identity management
Microsoft password manager
ESAE forest expansion
Enhanced security administrative environment
What scanning options are available when you use Windows Defender?
Quick
Full
Custom
__offline___
Other than the host server operating system, which two Microsoft products do you need to deploy before you deploy MIM 2016?
MSoffice 2016
SharePoint 2013 and
SQL Server 2008.
Exchange server 2016
What is shadow account?
A new account created without using the production source credentials.
An existing user account from a privileged domain
A copy of the account created in privileged domain, also exist in the production domain.
Shadow accounts are created automatically by PAM.
True
False
What is the minimum number of forests required to deploy PAM?
2
3
4
What are the 2 modes used in Hosted Guardian services? Select 2 answers
TPM Trusted
Forest trusted
Admin trusted
Domain trusted
Applocker uses _____ ____service to verify a file attribute. App policies are not enforced if the service is not running.
Azure identity
Application identity
MIM
A shielded VM is a generation 2 VM (supported on Windows Server 2012 and later)
True
False
To install guarded fabric to your existing windows server 2012
Update hyper-v host windows server 2016 Datacenter edition
Update hyper-V host to windows server 2012 datacenter edition
Update hyper-v host windows server enterprise edition
What is the Posweshell command To verify the host guardian Hyper-V support feature is enabled
Install -WindowsFeature –Name HostGuardianServiceRole
Get-WindowsFeature HostGuardian
Set-WindowsFeature HostGuardian
What is the tool available in SCT to view and compare your local policy and local registry.
Shielded VM
Host guardian services
Policy analyzer
GPO editer
What is abbreviation of SCT in windows server 2016
Session control toolkit
Self-certificate toolkit
Security compliance tool kit
Security baselines are used to do what?
Ensure that user and device configuration settings are compliant with the baseline.
Ensure that user configuration settings are complaint with the baseline.
Ensure that device configuration settings are compliant with the baseline.
Containers share the kernel of the host Operating System.
True
False
What are the 2 types of containers supported in windows server Virtualisation Security? Select 2 answers.
Organisation unit
Container
Hyper-v container
Silos
Windows server container
What are the 2 modes in a container where the codes can run?
User mode
Kernel mode
Computer mode
Virtual mode
You can use bitlocker without TPM
True
False
EFS encryption does not require a Certificate.
True
False
What are the 2 methods used in EFS encryption?
Symmetric encryption to encrypt the file
Public encryption to protect the symmetric key
Hyper-V containers provide an extra isolation boundary where each container has its own copy of the operating-system binaries.
True
False
Cipher.exe
Is a PowerShell tool used to encrypt and decrypt the data
Is a command line tool used to encrypt and decrypt the data?
Is a Microsoft tool to decrypt the data.
Bitlocker provides a recovery mechanism with a _______digit recovery key
57
42
48
32
____________________used in windows 2016 to enable quotas.
Bitlocker encryption
Encrypted file system
File service resource manager
File service replication manager
Distributed file system replication
What is the use of file screening template in FSRM?
Used to block files in a file server
Used to allow files in a file server
Used to allow / block files in a file server.
Select the data governance technology that works along with NTFS permission and shared folder permission to grant or block user based on their identity.
Distributed File system
Data access control
Digital Access control
What are the 3 network profiles available in firewall
Domain networks
Private networks
Guest or public networks
What is the designated port no for HTTPS
8080
80
443
4443
IP sec is a tunnelling protocol which provides security for IP traffic only.
True
False
Message analyser is used to ________________________________
Send messages through email.
Capture network traffic and analyse.
Capture email messages and analyse
What is the risk associated with leaving SMB 1.x enabled in your environment?
If it is disabled in your environment, it could be vulnerable to attacks.
If it is enabled in your environment, it could be vulnerable to attacks
Test -Nonconnection PowerShell cmdlet is equivalent to Ping command.
True
False
IPsec is predominantly used in VPN’s
True
False
What is the latest version of SMB, which supports both Kerberos authentication and connection restore?
SMB.1.0
SMB 2.0
SMB 3.1.1
What is the protocol used in DNSSec
SMB 3.0
DANE
DORA
What do you mean by DNS socket pool, what is the use of it.
Instead of using the predictable source port, it randomizes the port numbers
Overwriting information in DNS cache
Used to analyse the network traffic
You are the administrator of an Active Directory Domain Services (AD DS) domain. All server computers run Windows Server 2016. Some malicious software infects a specific network subnet. The malicious software performs DNS queries to the domain's DNS servers in an attempt to spread itself to other hosts. You need to prevent the infected subnet from performing DNS queries to the domain's DNS servers. Your actions must not disrupt the DNS service in the rest of the subnets in the domain. What technology should you configure?
Domain Name System Security Extensions (DNSSEC) on the DNS servers
DNS-based Authentication of Named Entities (DANE) on the DNS servers
DNS policies on the DNS servers
IP Address Management (IPAM) in the domain
Your network contains an Active Directory domain named contoso.com. You create a Microsoft Operations Management Suite (OMS) workspace. You need to connect several computers directly to the workspace. Which two pieces of information do you require?
The ID of the workspace
The name of the workspace
The URL of the workspace
The key of the workspace
The New-CI Policy cmdlet creates a Code Integrity policy as an .xml file. If you do NOT supply either driver files or rules what will happen?
The cmdlet performs a system scan
An exception/warning is shown because either one is required
Nothing
The cmdlet searches the Code Integrity Audit log for drivers
Windows PowerShell is a task-based command-line shell and scripting language designed especially for system administration. Windows Defender comes with a number of different Defender-specific cmdlets that you can run through PowerShell to automate common tasks. Which Cmdlet would you run first if you wanted to perform an offline scan?
Set-MpPreference -DisablePrivacyMode $true
Set-MpPreference -DisableRestorePoint $true
Start-MpScan
Start-MpWDOScan
A shielding data file (also called a provisioning data file or PDK file) is an encrypted file that a tenant or VM owner creates to protect important VM configuration information. A fabric administrator uses the shielding data file when creating a shielded VM, but is unable to view or use the information contained in the file. Which information can be stored in the shielding data file?
Administrator credentials
All of these
A key protector
Unattended.xml
You are the administrator for your company. Your company is planning to deploy shielded virtual machines (VMs) to an external cloud platform that uses a guarded fabric with Trusted Platform Module (TPM)-attestation. You are implementing an on-premises guarded host on a server that will run Windows Server 2016. You are evaluating the following two installation options for the guarded host server: - Nano Server - Desktop Experience You need to identify any requirements that can only be met by using the Desktop Experience installation option for the on-premises guarded host. Which capability can only be met by the Desktop Experience installation option?
Create new shielded VMs on premises and move the VMs to a guarded fabric.
Manage the server remotely by using PowerShell.
Implement measured boot sequence and code integrity policies.
Manage guarded hosts by using System Center Virtual Machine Manager (SCVMM) 2016.
____________ enables easier management for BitLocker enabled desktops and servers in a domain environment by providing automatic unlock of operating system volumes at system reboot when connected to a wired corporate network. This feature requires the client hardware to have a DHCP driver implemented in its UEFI firmware.
Credential guard
JEA
EFS recovery agent
Network unlock
Your network contains an Active Directory domain. Microsoft Advanced Threat Analytics (ATA) is deployed to the domain. A database administrator named DBA1 suspects that her user account was compromised. Which three events can you identify by using ATA?
Spam messages received by DBA1.
Phishing attempts that targeted DBA1
The last time DBA1 experienced a failed logon attempt
Domain computers into which DBA1 recently signed.
Servers that DBA1 recently accessed.
This question relates to Windows Firewall and related technologies. These rules use IPsec to secure traffic while it crosses the network. You use these rules to specify that connections between two computers must be authenticated or encrypted. What is the name for these rules?
Firewall rules
Connection security rules
TCP rules
DHP rules
You are building a guarded fabric.You need to configure Admin-trusted attestation. Which cmdlet should you use?
Add-HgsAttestationHostGroup
Add-HgsAttestationTpmHost
Add-HgsAttestationCIPolicy
Add-HgsAttestationTpmPolicy
Which service provides the transport keys that are needed to unlock and run shielded VMs on affirmatively attested (or healthy) Hyper-V hosts?
KPS
Attestation services
{"name":"20744 MOC", "url":"https://www.quiz-maker.com/QPREVIEW","txt":"Test your understanding of cybersecurity concepts and best practices with our comprehensive 75-question quiz. Whether you're an IT professional or a cybersecurity novice, this quiz offers a chance to challenge your knowledge and learn more about vital security measures.Key Features:Multiple-choice and checkbox formatsCovers various topics in cybersecurityInstant feedback on your answers","img":"https:/images/course5.png"}