Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
34 Cards in this Set
- Front
- Back
|
Which compatibility option should you enable for a program that needs administrative privileges but that triggers a User Account Control prompt?
|
You should enable the Run This Program As An Administrator option because this allows the application to run using elevated privileges. The user is presented with a User Account Control prompt prior to elevated privileges being granted.
|
|
|
Application Compatibility Toolkit (ACT)
|
The Application Compatibility Toolkit (ACT) is a collection of tools that allows you to resolve application compatibility issues.
|
|
|
The ACT contains the following components:
|
Application Compatibility Manager
Compatibility Administrator Internet Explorer Compatibility Test Tool Setup Analysis Tool Standard User Analyzer |
|
|
Application Compatibility Manager
|
allows you to configure, collect, and analyze compatibility data so you can resolve issues prior to deploying Windows 7
|
|
|
Compatibility Administrator
|
allows you to resolve a large number of application compatibility issues that might occur when you attempt to deploy an existing application on Windows 7.
|
|
|
compatibility fix
|
A compatibility fix, also known as a shim, is a piece of software that intercepts application programming interface (API) calls from applications, modifying
them so that Windows 7 provides a similar response as a previous version of Windows did |
|
|
compatibility mode
|
A compatibility mode is a group of compatibility fixes.
|
|
|
Internet Explorer Compatibility Test Tool
|
allows you to test existing
Web sites to determine if they have compatibility problems that adversely influence how they will display on Internet Explorer 8 |
|
|
Setup Analysis Tool
|
The Setup Analysis Tool monitors the actions taken by application installers and can detect the following compatibility issues:
Installation of kernel mode drivers Installation of 16-bit components Installation of Graphical Identification and Authentication dynamic-link libraries (DLLs) Modification of files or registry keys that are guarded by Windows Resource Protection (WRP) |
|
|
Standard User Analyzer
|
allows you to test applications to determine if they might have compatibility issues caused by User Account Control
|
|
|
Application Compatibility Diagnostics Policies
|
Notify Blocked Drivers
Detect Application Failures Caused By Deprecated COM Objects Detect Application Failures Caused By Deprecated Windows DLLs Detect Application Install Failures Detect Application Installers That Need To Be Run As Administrator Detect Applications Unable To Launch Installers Under UAC |
|
|
An application that functions well on a computer that has Windows XP SP3 installed, but
which does not run normally on Windows 7. How do you make it work? |
might run without a problem if you configure it to use the Windows XP SP3 compatibility mode
|
|
|
There are two different technologies that you can use with computers running Windows 7 to restrict the execution of applications
|
AppLocker and Software Restriction Policies
|
|
|
Software Restriction Policies are applied in a particular order
|
the more explicit rule
types overriding more general rule types. The order of precedence from most specific (hash) to least specific (default) 1. Hash rules 2. Certificate rules 3. Path rules 4. Zone rules 5. Default rules If two conflicting rules with different security levels are established for the same program, the most specific rule takes precedence. |
|
|
In environments that use both Software Restriction Policies and AppLocker
|
AppLocker policies take precedence
|
|
|
Default Rules
|
Disallowed
Basic User Unrestricted |
|
|
Enforcement Properties policy
|
You can use the Enforcement Properties policy, to specify whether Software Restriction Policies to all software files except libraries, such as DLLs, or all software files, including DLLs
|
|
|
Designated File Types
|
allows you to determine which file extensions should be recognized as executable files and hence fall under the influence of Software Restriction Policies.
|
|
|
Path rules
|
15, allow you to specify a file, folder, or registry key as the target of a Software Restriction Policy.
|
|
|
Hash Rules
|
work through the generation of a digital fingerprint that
identifies a file based on its binary characteristics. |
|
|
Certificate Rules
|
Certificate rules use a code-signed software publisher’s certificate to identify applications signed by that publisher
|
|
|
Network Zone Rule
|
Zone rules function by differentiating installer packages based on the site
from which they were downloaded |
|
|
What is the advantage of using a hash rule over a path rule?
|
Hash rules are like digital fingerprints that identify a unique file. A path rule only
works based on a file name and path, which means that malware can be inserted into locations covered by path rules and executed. |
|
|
AppLocker policies
|
similar to Software Restriction
Policies, though AppLocker policies have several advantages, such as the ability to be applied to specific user or group accounts and the ability to apply to all future versions of a product |
|
|
AppLocker policies are sometimes called
|
application control policies.
|
|
|
when you enable AppLocker
|
when you enable AppLocker, you cannot execute any application, script, or installer that does not fall under an Allow rule
|
|
|
The fallback Block rule
|
just restricts the execution of any application that has not been allowed specifically
|
|
|
Executable Rules
|
Executable rules apply to files that have .exe and .com file extensions. AppLocker policies are primarily about executable files, and it is likely that the majority of the AppLocker policies that you work with in your organizational environment will involve executable rules.
|
|
|
Windows Installer Rules
|
Windows Installer rules cover files with .msi and .msp file extensions
|
|
|
Script Rules
|
Script rules cover files with the .ps1, .bat, .cmd, .vbs, and .js file extensions
|
|
|
DLL Rules
|
DLL rules cover files known as libraries, which have the .dll and .ocx file extensions.
|
|
|
Publisher Rules
|
Publisher rules in AppLocker work on the basis of the code-signing certificate used by the
file’s publisher. Unlike a Software Restriction Policy certificate rule, it is not necessary to obtain a certificate to use a publisher rule because the details of the digital signature are extracted from a reference application file. |
|
|
Hash Rules
|
Hash rules in AppLocker function in the same basic way that they do in Software Restriction Policies. Hash rules allow you to identify a specific binary file that is not digitally signed by
creating a digital fingerprint of that file |
|
|
Path Rules
|
AppLocker path rules work in a similar way to Software Restriction Policy path rules that you learned about earlier in this lesson. Path rules let you specify a folder, in which case the path rule applies to the entire contents of the folder, including subfolders, and the path to a specific file.
Path rules are only as effective as the file and folder permissions applied on the computer. |
