Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key

image

Play button

image

Play button

image

Progress

1/40

Click to flip

40 Cards in this Set

  • Front
  • Back
How often is recovery agent information for an EFS-encrypted file refreshed?
every time the file system performs an operation on the file
What is the upper limit on the number of groups a user can be in?
1000
By default, the certificate database and log files are installed in which directory?
%systemroot%\system32\certlog
How can remote access be denied on a per-group basis that overrides the user account's remote access permission setting?
create a remote access policy with a connection constraint that cannot be met
Why can't L2TP be used for VPN traffic when using NAT?
L2TP encrypts the UDP port number
What default Terminal Services permissions does a User group have?
User access
What are the four components of a SID, in order?
revision number, assigning authority, domain ID, and RID
At what OSI layer is IPSec encryption applied?
Network layer
What are the three distinct groups of administrators?
desktop support management, data center management, and network management
What are the three phases of a security attack?
reconnaissance, penetration, and control
What port does RDP use?
3389
What does SMB signing protect against?
MITM attacks
By default, where are all certificates provided by a CA stored?
%systemroot%\system32\certlog
During file decryption, what Windows 2000 component decrypts the File Encryption Key (FEK)?
the Local Security Authority Server (LSAS)
When Certificate Services are installed, for what type of cryptographic key can the length be determined?
public keys
How many IPX network ID's should be allocated to 100 VPN clients?
only one- all clients can use the same IPX network ID
By default, members of what group can change Kerberos policies in Windows 2000?
Domain Admins
What three built-in local groups are added when a 2000 server is promoted to a DC?
Account Operators, Print Operators, and Server Operators
What must North American users do tho use 128-bit encryption on Windows 2000 computers?
install Enhanced CryptoPAK
What authentication protocol is an extension of PPP?
EAP
What type of DOS attack occurs when a hacker sends numerous TCP requests to a host?
SYN flood
Which security prinicipal's long-term key is used to encrypt a TGT?
the KDC's long-term key is used to encrypt TGT's
What four protocols are included in the Secure Channel (SChannel) authentication method?
SSL v2.0, SSL v3.0, Private Communication Technology (PCT) v1.0, and Transport Layer Security (TLS) v1.0
By default, how often does policy propagation occur?
every eight hours
What does Microsoft's implementation of Kerberos use to ensure that an authenticator is unique?
a timestamp
When a computer is using only AH, how many Security Associations (SA's) does the computer maintain for each IPSec connection?
two- one for outbound and one for inbound communications
Which special identity represents users who access a resource on a local computer while working on that computer interactively?
Interactive
What peak utilization statistic on a backbone would indicate a network problem?
70% peak utilization
What events should be monitored to review the issuing of Kerberos tickets?
Account Logon Events
What are the three most commonn algorithms for email encryption?
RC2, DES, and 3DES
What size blocks do RC2, DES, and 3DES work on?
64-bit blocks
What advantage does RC2 have over DES and 3DES?
speed
What are the four layers of the Microsoft network model?
Application Programming Interface (API), Transport Driver Interface (TDI), Network Device Interface Specification (NDIS), and Physical
What is Microsoft Directory Synchronization Services (MSDSS) used for?
two-way synchronization of passwords between Active Directory and Novell Directory Services
What is the Microsoft File Migration Utility used for?
migrating NetWare file resources to a 2000 file server
What is the Microsoft Services for UNIX NFS client used for?
allowing Microsoft clients to connect to NFS servers
What is the Microsoft Services for UNIX NFS server used for?
allowing UNIX clients to connect to a 2000 file server
What is the Microsoft Services for UNIX NFS server used for?
allowing UNIX clients to connect to a 2000 file server
What allows integration of identity information from multiple directory services?
Microsoft Metadirectory Services (MMS) 2.2
What allows integration of identity information from multiple directory services?
Microsoft Metadirectory Services (MMS) 2.2