Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
CTAINASL_Week 12
| Question | Answer |
|---|---|
| A directory server is mainly used as a centralized system for storing and organizing network resources such as users, groups, devices, and services. | True |
| A directory server only stores usernames and passwords, and it does not organize devices, services, or groups. | False. A directory server stores and organizes many network resources, including users, groups, devices, and services. |
| A directory server commonly uses a hierarchical tree-like structure and often follows the LDAP standard. | True |
| Centralized storage in directory servers increases administrative difficulty because data is scattered across different systems. | False. Centralized storage simplifies administration because network resource information is stored and managed in one repository. |
| High availability in directory servers is commonly supported through replication and clustering to reduce single points of failure. | True |
| Scalability in directory servers means they are only effective for small networks with fewer users. | False. Scalability means directory servers can handle large-scale deployments with thousands or even millions of entries. |
| Integration capability is important because directory servers can connect authentication, access control, and user account management across different platforms. | True |
| Directory servers weaken security because they allow all users to access every resource after login. | False. Directory servers support authentication, authorization, and granular access control based on roles, groups, and permissions. |
| Single Sign-On allows users to authenticate once and access multiple applications without repeatedly entering credentials. | True |
| Directory-based policies may include password complexity rules and account lockout thresholds. | True |
| Directory data replication means changes made on one directory server can be synchronized to other servers in the replication topology. | True |
| Access control mechanisms in directory servers may include DAC, RBAC, and ABAC models. | True |
| Schema management controls the structure and allowed attributes of directory entries. | True |
| Auditing and logging are unnecessary in directory servers because replication already records all security events. | False. Auditing and logging track changes, support compliance, assist troubleshooting, and can record who changed what and when. |
| A standalone directory server architecture uses multiple interconnected autonomous directories to support cross-domain collaboration. | False. That describes a federated directory server. A standalone directory server uses a single independent directory server instance. |
| A replicated directory server improves redundancy, high availability, fault tolerance, and load balancing by synchronizing data across multiple instances. | True |
| A federated directory server allows different domains or organizations to exchange information and trust relationships while keeping local directory control. | True |
| LDAP is a lightweight, platform-independent protocol over TCP/IP used to search, add, modify, and delete directory entries. | True |
| X.500 is simpler and more commonly used in practice than LDAP because LDAP is the complex version of X.500. | False. X.500 is the more comprehensive and complex protocol, while LDAP is the lightweight version commonly used in practice. |
| DSML uses XML messages to access and manipulate directory services and can bridge LDAP-based directories with web services. | True |
| Host hardening is the process of securing a host by reducing vulnerabilities and strengthening defenses against attacks. | True |
| Host hardening focuses only on installing antivirus software and does not involve system configuration changes. | False. Host hardening includes many security measures and configurations to reduce unauthorized access, data breaches, and other threats. |
| Patch management helps harden a host by keeping operating systems, applications, and software updated against known vulnerabilities. | True |
| Disabling unnecessary services reduces the attack surface by removing possible entry points for attackers. | True |
| Strong password policies, regular password changes, and limited user privileges help prevent unauthorized access and privilege escalation. | True |
| File system and directory permissions help protect critical system files from unauthorized modification or tampering. | True |
| A server operating system is designed to run on servers that provide services to other computers or devices on a network. | True |
| Windows Server is described as supporting Active Directory integration, Microsoft applications, security features, and a familiar interface. | True |
| Linux is unsuitable for servers because it lacks stability, security, flexibility, and server tools. | False. Linux is widely used for servers and is known for stability, security, flexibility, and many server applications and tools. |
| Unix variants such as IBM AIX, HP-UX, and Oracle Solaris are associated with scalability, stability, and reliability in enterprise environments. | True |
| FreeBSD is a Unix-like operating system known for stability, security, advanced networking, and use in web servers, network appliances, and embedded systems. | True |
| VMware ESXi is a bare-metal hypervisor designed for virtualization, allowing multiple virtual machines to run on one physical server. | True |
| Managing permissions controls what actions users can perform, what data they can access, and what functions they can use. | True |
| Access Control Lists define permissions such as read, write, execute, and delete for users or groups on specific resources. | True |
| The Principle of Least Privilege means users should receive the maximum permissions possible so they can work without restrictions. | False. The Principle of Least Privilege means users should receive only the minimum permissions needed to perform their tasks. |
| Regular permission review helps remove outdated or unnecessary access and reduces the attack surface. | True |
| Group-based permissions make administration harder because permissions must still be assigned to every user individually. | False. Group-based permissions simplify administration by assigning permissions to groups based on roles or access needs. |
| Centralized permission management helps enforce consistent policies, streamline administration, and provide audit trails for permission changes. | True |
| Vulnerability testing supports host hardening by identifying weaknesses before malicious actors exploit them. | True |
| Vulnerability scanning usually uses automated tools to compare system configuration and software versions against known vulnerability databases. | True |
| Vulnerability scanning is typically intrusive and always attempts to exploit discovered weaknesses. | False. Vulnerability scanning is typically non-intrusive and provides an overview of potential vulnerabilities. |
| Penetration testing simulates real-world attacks and may use manual techniques to exploit vulnerabilities and assess their severity. | True |
| Penetration testing and vulnerability scanning are identical because both are fully automated and never require skilled security professionals. | False. Penetration testing often involves manual testing and skilled professionals, while vulnerability scanning is commonly automated and non-intrusive. |
Created by:
MamurMD