click below
click below
Normal Size Small Size show me how
nos ch789
Question | Answer |
---|---|
The network load balancing method that assigns multiple IP addresses to a single host name is called | DNS round robin |
The application high availability method that uses redundant servers with only one activeat any time is called a | failover cluster |
The Windows Server 2008 feature that enables end users to store copies of server-baseddocuments on a local drive is called | Offline Files |
The servers in a network load balancing cluster continually exchange status messages called | heartbeats |
Windows Server 2008 servers can maintain multiple versions of a volume’s files using a feature called | shadow copies |
The process by which servers are automatically added to and removed from a network load balancing cluster is called | convergence |
A failover cluster stores its configuration database on a | witness disk |
The role service that enables disconnected Terminal Services clients to reconnect to thesame server is called | TS session broker |
The application high availability mechanism that uses redundant servers, with all runningsimultaneously, is called | network load balancing |
The Windows Server 2008 feature that enables a computer to verify an application before launching it is called | Windows Installer 4.0 |
In addition to the application data, what is stored on a failover cluster’s shared storage | the witness disk |
Which of the following windowers server 08 features enable users to access files that have accidentally overwritten? | |
what server clustering solutions can make use of a storage area network? | failover cluster |
Which of the following RAID levels yields the largest percentrage of usable disk space | |
To use Shadow copies, you must enable the feature at which of the following levels? | Volume level |
How many heartbeat messages must a server in an NLB cluster miss before it is removed form the cluster? | |
What is not a requirement to use the the TS session broker role service? | TS session broker role server must be installed on one of the terminal servers |
WHat is true about DNS Round robin Load balancing? | |
What is the function of the port rules in an NLB cluster? | Port rules specify what application traffic is to be distributed among the cluster servers |
What operating system does not include the previous versions client needed to access shadow copies files? | |
Windows firewall enables you to create rules that call for the use of IPsec to encapsulate data packets within other packets. Process is called | tunneling |
process of granting users access to file server shares by reading their permissions is called | authorization |
combination of permissions assigned to a file, plus the permissions inherited from parent folders and group memeberships, is called the file's ______ permission | effective permission |
In the NTFS permission system, _____ permissions are actually combinations of _____ permissions | standard , special |
Kerberos is a _____ authentication method. | centrailized |
To use the windows firewall control panel to enable traffic for a specific application, you must create a _______ | program exception |
The users, computers and services to which you assign permissions are also known as | Security principals |
The hardware requirements for Bitlocker called for either a USB flash drive or a _________ | Trusted platform module (TPM) chip |
Advanced security settings dialog box displays a list of | Access Control Entries (ACEs) |
Software module on an Active Directory domain controller that is primarily responsible for implementing the Kerberos authentication protocol is called the | Key Distribution Center (KDC) |
What is a security Principal? | network resource receiving permissions |
Do Inherited permissions take precedence over explict permissions? | NO |
What biometric authentication mechanism is suitable for certification but not identification? | Hand geometry |
What is the filter criterion most commonly used in firewall rules? | port numbers |
What devices is BitLocker unable to use to store its volume encryption key | floppy disk, system BIOS |
What Group Policy settings prevent users from changing their passwords and then changing them immediately back again? | Enforce password history |
Is is possible to lock out a file or folder by assigning a combination of permissions that permits access to no one at all, including the owner of the file or folder. true or false. | False |
Data encrypted with the public key can be decrypted only with the private key. True or False? | True |
ACLs are composed of ACEs. True or False | True |
Standard permissions are composed of special permissions. T or F | True |
All permissions are stored as part of the protected resource. T or F | True |
The __________ authentication protocol stores user passwords in clear text | PAP |
The certificate revocation lists that a CA publishes daily are called __________ | Delta CRLs |
A Remote Access connection that uses the Internet for a network medium is called a __________ connection | Virtual Private Network |
__________ encapsulates PPP traffic using the Secure Sockets Layer (SSL) protocol | SSTP |
__________ is a shell protocol that provides a framework for the use of various types of authentication mechanisms | EAP |
A set of rules that a CA uses to determine whether it should approve a certificate request,deny it, or mark it as pending for later review by an administrator, is called a __________. | Policy Module |
A(n) __________ CA can use Active Directory, but does not require it | standalone |
The first CA you create in your PKI must be a __________ CA. | root |
The default authentication protocol used by Remote Access on a Windows Server 2008computer is __________ | MS-CHAPv2 |
10.To issue your own certificates, you must install a __________. | Certification Authority |
In which of the following scenarios would public key encryption keep a message sent from User A to User B private? | User A encrypts a message with User B’s public key. |
what is a feature unique to enterprise CAs? | Certificate Autoenrollment |
what tasks can you not perform on a version 1 certificate template? | Change the expiration date of the template |
Your organization’s security policy has a requirement that passwords not be stored with reversible encryption. Which of the following authentication protocols can you not use for Remote Access connections | CHAP requires password to be stored with reverse encryption, PAP does not encrypt them at all |
What CA types requires administrators to manually issue certificates? | standalone |
what VPN protocols uses IPsec for encryption? | Layer 2 Tunneling Protocol |
What certificate enrollment methods can a client use to request a certificate from either an enterprise or a standalone CA? | Web enrollment |
what protocol negotiates the authentication method used by a client and a server while establishing a Remote Access connection? | Point-to-Point Protocol |
In a three-level PKI hierarchy, what CA types always receives its own certificate from the root CA? | Intermediate CA |