Self Test

1.  

Best Fit Inc is a clothing retailer that has been in business for over 25 years and grosses over 100 million dollars in annual sales. The company is experiencing tremendous growth and has added a Web store to reach customers in areas where it doesn t have a retail presence. This venture into the Web now poses a security issue for them. The company has asked the IT department to ensure proper procedure is in place so that they are informed anytime anyone attempts to access confidential data that s stored on the Web server. Which audit policy should you enable on the Web server? (Choose all that apply.)

1. Audit success and failure of process tracking

2. Audit success and failure of object access

3. Audit success and failure of logon events

4. Audit success and failure of directory service access

2.  

Elineken is a new brand of beer that is being produced by the Eli bottling company, which employs over 35,000 employees worldwide. The corporate headquarters is in San Francisco and the company has production facilities in Holland, Ireland, Germany, and Hong Kong. After finding great response to their brand of beer and getting numerous awards, the company is now expanding its market into the Middle East and has acquired a large production facility in Lebanon. This new facility will be home to some 2,000 employees who will service the needs of the area, and as such will require several file servers, Exchange servers, and DCs to be available on site for speedier authentication, mail delivery, and to avoid WAN reliability issues. The CIO is especially interested in the security procedures that will be in place to secure the local servers and has asked you to ensure the company is using best practices and that the servers will be as safe as possible. The CIO also has decided that the Lebanon facility will be incorporated into the existing domain model. How should you secure the new servers at the new Lebanon facility?

1. Install the servers into a new OU and implement group policies at the site level.

2. Install the servers into a new OU and implement group policies at the OU level.

3. Install the servers into their own Active Directory tree and implement group policies at the domain level.

4. Install the servers into the same Active Directory tree as stores and modify the schema.

3.  

Ground Up Properties is the third largest shopping mall owner and operator in the world with over 300 malls in the United States alone spread out across all states. The company currently has over 4000 employees and is headquartered in New York. Ground Up has been experiencing tremendous growth in its sector and is ready to acquire a major European real estate company that owns and operates 50 malls in Europe. The acquired European company does not have any network in place, and your integration team has decided to incorporate the newly acquired malls into the existing infrastructure and treat them as sites within the existing domain. This means that every site would need a DC that will also act as a file and print server and an exchange server. Because of time difference and language barriers, the company decides to hire a few local techs in the Paris regional office to accommodate the needs of the users in these malls. The CIO is requesting that the local helpdesk personnel be give enough access to manage the users and groups in the newly acquired facilities. Which strategy should you use to accommodate the newly acquired malls?

1. Add the helpdesk employee to the Domain Admins group.

2. Add the helpdesk employee to the Enterprise Admins group.

3. Delegate authority at the domain level to the Paris helpdesk employees to manage users and groups.

4. Delegate authority to the Paris helpdesk employees to modify accounts and groups in the European malls OUs.

4.  

Didisoft is a technology company with products for the security industry. The company is a new startup based in San Francisco and employs 500 employees. The CIO is very aggressive about security and intrusion detection and has requested that the Windows Server 2003 architect implement all the tools and features the operating system offers in that direction so that it can be combined with the Didisoft Intrusion Squasher software that, in his opinion, would render the system impenetrable. The CIO wants to ensure that the sensitive administrative-level domain groups are not tampered with. What can you do to ensure only the appropriate users are members of domain Admins?

1. Implement ACLs on the domain Admins group.

2. Implement ACLs on the OU in which the domain Admins group resides.

3. Use Restricted groups in Group Policy to enforce the membership.

4. Regularly check the domain Admins group membership to ensure no one has been modified.

5.  

Chocolate Chip is a chocolate-making company based in New Orleans. It employs 5000 employees. The company has recently experienced a security breach in which valuable information about the new chocolate flavor was stolen together with marketing strategy. The company had no security measures in place because the CIO claimed that security breaches are rare and overly exaggerated by the media and has assured management that no such thing would occur in the company. After the main competitor for Chocolate Chip released a product with a slightly different name and used the exact same marketing strategy that the Chocolate Chip company was planning to use, management found this a strange coincidence and started an investigation, only to be tipped off by an IT employee in the other company bragging about how easy it was to hack and steal from the Chocolate Chip network. The CIO immediately called a meeting of the IT staff and requested that auditing be enabled as a first step in a list of security measures that will follow. What should you include in an audit policy for the domain?

1. Failure audit for account logon events Failure audit for directory service access Success and failure audit for policy change Success and failure audit for account management

2. Failure audit for object access Failure audit for account logon events Failure audit for directory service access Success and failure audit for policy change

3. Success and failure audit for object access Success and failure audit for policy change Success and failure audit for account logon events Success and failure audit for process tracking

4. Success and failure audit for object access Success and failure audit for policy change Success and failure audit for account logon events Success and failure audit for directory service access

6.  

SV Corporation is a computer chip manufacturer based in San Francisco. The company employs 500 employees and is one of the leading computer chip manufacturers. The company recently avoided a security breach in which sensitive information could have been compromised or stolen by an international competitor. This incident immediately prompted the company to hire an external organization to attempt a penetration test and discover the possible vulnerabilities that exist on the SV network. During the penetration test, the security consultants were able to penetrate the network and gain full access to it. The CIO gathers all the different teams within MIS to discuss this and requests that each group take immediate measures to ensure their systems are as secure as possible in accordance with industry best practices. Since you are responsible for the Windows environment at SV, which policies should you include in a security strategy for the domain? (Choose two.)

1. Enable account lockout

2. Disable password aging

3. Disable account lockout

4. Enforce strong passwords and password aging

7.  

Best Pix Inc. is the largest chain of photography studios in the world, with several locations in every country in Europe and several locations in almost all states in the United States. They currently employ over 20,000 employees. The company is undergoing a major migration from Windows NT to Windows Server 2003. Every location currently has a manager with several employees. As part of the company s marketing strategy, they are interested in offering their customers access to their photos with the ability to order reprints over the Web. Security is a large concern for Best Pix, and they want to ensure that the service they are offering does not compromise security for their network. This service is also posing a challenge to the IT department in terms of how customer accounts will be created and deleted. Because the company is so big and widespread, the IT team has decided to grant the office manager at each location some kind of delegation to assist with this task and to be able to respond to customer needs in a timely fashion. That office manager can also respond to security threats on customer accounts in a quick and time-effective fashion. Which task should you delegate to the office managers?

1. Modify the membership of a group

2. Manage Group Policy links

3. Create, delete, and manage customer accounts

4. Create, delete, and manage groups

8.  

Gourmet Distribution specializes in wholesale distribution of canned foods to supermarkets. The company has many distribution locations spread out across the United States. Every distribution site employs about 100 employees. The IT director has decided to place a DC, an Exchange server, and a file server at every location to meet each site s IT needs. An IT administrator will also be hired at every location to see to server maintenance. As part of the migration from Windows NT to Windows Server 2003, you have decided to adopt a single domain model with separate OUs for every location. How should you grant the necessary permissions to the IT administrator at each distribution center?

1. Create a new administrator account for each distribution center s OU. Grant the necessary permissions to this account.

2. Create an administrator group for each distribution center s OU. Add an existing user designated as an administrator to this account. Grant the necessary permissions to this group.

3. Create a new administrator account for each distribution center s OU in the headquarters root. Grant the necessary permissions to each new administrator s account.

4. Create an administrator group for each OU at the headquarters root. Add an existing user designated as an administrator from each OU to this group. Grant the necessary permissions to this group.

1.  

B, C

2.  

B

3.  

D

4.  

C

5.  

D

6.  

A , D

7.  

C

8.  

B