Exam Objectives Frequently Asked Questions

Previous page
Table of content
Next page

The following Frequently Asked Questions, answered by the authors of this book, are designed to both measure your understanding of the Exam Objectives presented in this chapter, and to assist you with real-life implementation of these concepts.

Q.

 

How can I apply security settings to my legacy clients?
A.  You need to use System Policies with the legacy clients because they cannot use Group Policy objects.

Q.

 

Can't I just configure security settings manually instead of using templates and the other tools available?
A.  Yes, you can—it's just not advised that you do it this way. The security templates and tools are provided to make your job easier and to allow you to configure consistent settings across multiple servers.

Q.

 

How does the URLScan ISAPI filter perform its function?
A.  The URLScan Security tool inspects all incoming requests to an IIS Web server, allowing only those that comply with the preconfigured rule set to pass. Security of the IIS server is thus increased because it will only respond to valid requests (those that are allowed in the configuration).

Q.

 

Why do I need to export the Data Recovery Agent certificate and private key off my portable computers? If they are lost or stolen, no one will be able to recover any encrypted data without the users' credentials anyway.
A.  There are two ways to decrypt EFS encrypted information: using the credentials of the user who encrypted it or using the Data Recovery Agent account, which is the built-in local administrator account by default. Several readily available applications exist that can easily crack passwords in Windows 2000 and, more often than not, the built-in administrative account is the easiest to access. By removing the Data Recovery Agent certificate and private keys, you are giving yourself another layer of security.

Q.

 

What does the Microsoft Baseline Security Analyzer do?
A.  The MBSA tool scans the configured computer(s), looking for missing updates, weak passwords, unnecessary user accounts, and various other security concerns. It is used to quickly identify all problematic areas on a computer. After these problems have been corrected, it should be run at least monthly to check for the reoccurrence of any security issues.


Previous page
Table of content
Next page
MCSE. MCSA Implementing & Administering Security in a Windows 2000 Network Study Guide Exam 70-214
MCSE/MCSA Implementing and Administering Security in a Windows 2000 Network: Study Guide and DVD Training System (Exam 70-214)
ISBN: 1931836841
EAN: 2147483647
Year: 2003
Pages: 162
Authors: Will Schmied, Thomas W. Shinder
BUY ON AMAZON
OpenSSH: A Survival Guide for Secure Shell Handling (Version 1.0)
The .NET Developers Guide to Directory Services Programming
The CISSP and CAP Prep Guide: Platinum Edition
Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century: Prevention and Detection for the Twenty-First Century
Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance
Microsoft Office Visio 2007 Step by Step (Step By Step (Microsoft))
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy