Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key

image

Play button

image

Play button

image

Progress

1/61

Click to flip

61 Cards in this Set

  • Front
  • Back
What is the user right "Profile Single Process" used for?
Profiling a non-system process
What utility will show which Group Policies were applied to a computer or user?
Gpresult
What two permissions must a security group have in order to apply a Group Policy?
Read Group Policy and Apply Group Policy
What kind of file does MBSA store its results in?
an XML file
What OS's does Hfnetchk work on?
NT 4.0 and above
What OS's can MBSA run on?
Windows 2000 and above
What OS's is MBSA capable of scanning?
NT 4.0 and above
What two types of command-line scans can MBSA perform?
MBSA-style scans and HFNetchk-style scans
How many clients can an SUS server support?
15000 clients
What are the hardware requirements for SUS Server?
2000 Server SP2; P3 700 Mhz; 512 Mb RAM; network adapter; 100 Mb free space (+ space for updates); IE 5.5 or higher; IIS
What is the Initialization Vector used for?
creating keys used to create a random number for encryption
What three weaknesses does EAP-MD5 have?
use of username/password is vulnerable to offline dictionary attacks; no mutual authentication; inadequate number of nonces to derive session key
What two 802.1x authentication methods are available for XP prior to SP1?
EAP-TLS and EAP-MD5
What two 802.1x authentication methods does XP SP1 support?
EAP-TLS and Protected EAP (PEAP)
What does EAP-TLS use for authentication?
certificates
What two locations can EAP-TLS certificates be located in?
the registry or on smart cards
What security issue does EAP have?
authentication occurs before WEP encryption is enabled
How does PEAP address EAP security concerns?
a secure channel is created with TLS for authentication, then a new channel is created for data transfer
What two versions of PEAP are supported by XP SP1?
PEAP with MS-CHAPv2 and PEAP with EAP-TLS
What Windows server can act as the IAS server for 802.1x?
2000 Server SP3
What two methods does 2000 use to provide authenticity and integrity of transmitted data?
SMB signing and digital signing
What algorithm is used for SMB signing?
MD5
What size message digest does MD5 create?
128-bit message digest for every 512-bit data block
Is SMB signing considered to be vulnerable to replay attacks?

Why or why not?
no- the packet sequence number is hashed as well as the data
What OS's support SMB signing?
Windows 98 and above (excluding ME)
What versions of NT4 can support SMB signing?
SP3 and higher
What two registry values control NT4 server SMB signing?
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\LanManServer\Parameters

values: EnableSecuritySignature and RequireSecuritySignature
What two registry values control NT4 server SMB signing?
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\LanManServer\Parameters

values: EnableSecuritySignature and RequireSecuritySignature
What two registry values control NT4 client SMB signing?
HKEY_LOCAL_MACHINE\SYSTEM\
CurrentControlSet\Services\Rdr\Parameters

values: EnableSecuritySignature and RequireSecuritySignature
What two registry values control Windows 98 SMB signing?
HKEY_LOCAL_MACHINE\SYSTEM\
CurrentControlSet\Services\VxD\Vnetsup

values: EnableSecuritySignature and RequireSecuritySignature
What do digital signatures require that SMB signing does not?
a Public Key Infrastructure (PKI) to deploy public/private key pairs
What two protocols provide digital signatures for email?
PGP and S/MIME
When run from the command line, what is the syntax for the RUNAS command?
RUNAS /user:username command
When in mixed mode, what entities are allowed membership in a Domain Local group?
user accounts from any domain and global groups from any domain
When in native mode, what entities are allowed membership in a Domain Local group?
user accounts from any domain; global groups from any domain; universal groups from any domain; domain local groups from same domain
What advantage does RC2 have over DES and 3DES?
optimized for speed- faster than DES or 3DES
What port does SSL-encrypted IMAP traffic use?
993
What port does SSL-encrypted LDAP traffic use?
636
What port does SSL-encrypted NNTP traffic use?
563
What port does SSL-encrypted POP3 traffic use?
995
What port does SSL-encrypted SMTP traffic use?
465
What makes IPSec transparent to applications?
IPSec encryption occurs below the application layer
What are the three default Windows 2000 IPSec policies?
Secure Server (Require Security); Server (Request Security); Client (Respond Only)
When using the SMS Network Monitor to troubleshoot IPSec, what type of packet indicates that IKE negotiation has taken place?
ISAKMP packets
When using the SMS Network Monitor to troubleshoot IPSec, what type of packet indicates that IPSec negotiation succeeded?
AH and ESP packets
What kind of attack is SPAP vulnerable to?
server impersonation
What important security function is enabled by MS-CHAPv2?
mutual authentication
What standard do most digital certificates adhere to?
X.509
When in mixed mode, what entities are allowed membership in a global group?
user accounts from the same domain
When in native mode, what entities are allowed to be members of global groups?
user accounts from the same domain and global groups from the same domain
When in mixed mode, what entities are allowed to be members of a Universal group?
N/A- Universal groups cannot exist in mixed mode
When in native mode, what entities are allowed to be members of a Universal group?
user accounts from any domain; global groups from any domain; and universal groups from any domain
When in mixed mode, what entities are allowed to be members of computer local groups?
local user accounts; domain user accounts from any domain; and global groups from any domain
When in native mode, what entities are allowed to be members of computer local groups?
user accounts from any domain and global groups from any domain
Why is Account Policy an exception to the L-S-D-OU order of applying Group Policy settings?
Account Policy is always set by the Default Domain Policy
What command will list which users can decrypt a file?
efsinfo /U /C
What command will list which recovery agents can decrypt a file?
efsinfo /R /C
To import or export an EFS private key, what kind of file would be used?
a PKCS#12 file
What entity might be assigned the user right "Act As Part Of The Operating System"?
a service account that must authenticate as a user
What OU must the user right "Add Workstations To A Domain" be assigned at to be effective?
the Domain Controllers OU
What does the user right "Enable Computer And User Accounts To Be Trusted For Delegation" do?
allows a computer or process hosting an application to authenticate to a back-end service using the credentials of the user running the application