The correct answer is c. Internet zone rules apply only to Windows Installer packages. in Visual C#

Drawer QR Code JIS X 0510 in Visual C# The correct answer is c. Internet zone rules apply only to Windows Installer packages.

Page 13-44

Auditing is a tool for maintaining network security. Auditing allows you to track user activities and system-wide events.

13-90

13

An audit policy defines the categories of events recorded in the security log on each computer. You set the Audit Policy settings in the Computer Configuration/Windows Settings/Security Settings/ Local Policies/Audit Policy extensions in a GPO.

4. Which event categories require you to configure specific objects for auditing to log the events

If you have specified the Audit Directory Service Access event category or the Audit Object Access event category to audit, you must configure the objects for auditing.

5. Which of the following event categories should you audit if you want to find out if an unauthorized person is trying to access a user account by entering random passwords or by using password-cracking software Choose all that apply. a. Logon Events success events b. Logon Events failure events c. Account Logon success events d. Account Logon failure events

The correct answers are b and d. By auditing failure events in the Logon Events category, you can monitor logon failures that might indicate that an unauthorized person is trying to access a user account by entering random passwords or by using password-cracking software. By auditing failure events in the Account Logon category, you can monitor logon failures that might indicate an unauthorized person is trying to access a domain account by using brute force.

Page 13-55

3. In which of the following file formats can you archive a security log Choose three. a. .txt b. .doc c. .rtf d. .bmp e. .evt f. .csv g. .crv

The correct answers are a, e, and f. Logs can be saved as text (*.txt), event log (*.evt), or comma-delimited (*.csv) file format.

13-91

4. In which of the following archived file formats can you reopen the file in the Event Viewer console a. .txt b. .doc c. .rtf d. .bmp e. .evt f. .csv g. .crv

The correct answer is e. If you archive a log in log-file (*.evt) format, you can reopen it in the Event Viewer console.

5. You filtered a security log to display only the events with Event ID 576. Then you archived this log. What information is saved a. The entire log is saved b. The filtered log is saved c. The entire log and the filtered log are each saved separately d. No log is saved

The correct answer is a. When you archive a log, the entire log is saved, regardless of filtering options.

Page 13-68

A security template is a physical representation of a security configuration, a single file where a group of security settings is stored. You can use security templates to define the Account Pol icies, Local Policies, Event Log, Restricted Groups, Registry, and File System settings in a GPO. You can import (apply) a security template file to a local or nonlocal GPO. All computer or user accounts in the site, domain, or OU to which the GPO is applied receive the security template settings. Importing a security template to a GPO eases domain administration by configuring security for multiple computers at once.

You cannot use security templates to define the IP Security, Public Key, Software Restriction, and Wireless Network security settings in a GPO.

The predefined security templates are based on the role of a computer and common security scenarios. These templates can be used as provided, they can be modified, or they can serve as a basis for creating custom security templates.

13-92

13

5. Which of the following predefined security templates can be used to change the default file and registry permissions granted to the Users group so that members of the group can use most noncertified applications a. Compatible workstation or server security settings (Compatws.inf) b. Default security settings updated for domain controllers (DC security.inf) c. Secure domain controller security settings (Securedc.inf) d. Out of the box default security settings (Setup security.inf)

The correct answer is a. Only the Compatible template changes the default file and registry permissions granted to the Users group so that these members can use most noncertified applications.

Page 13-81