CIS 297 Wk 3 Apply – Module 16 Test

Click MindTap Access in the Course Content section to locate the test.

Complete the Module 16 Test in the Apply folder.

Note: You have one attempt to complete the test.

A coworker asks your opinion about how to minimize ActiveX attacks while she browses the Internet using Internet Explorer. The coworker recalls there is a setting in the Internet Options dialog box to prompt the user before downloading ActiveX controls, but can’t remember which tab to use.

Which of the following tabs will you suggest to the coworker?

1. Security tab

1. Privacy tab

1. General tab

1. Programs tab

Which of the following security settings can best help minimize brute force attacks on local user account passwords?

1. Account lockout threshold

1. Screen lock timeout

1. Audit logon failures

1. Logon time restrictions

A company asked you help mitigate the brute force attacks carried out against its users’ Windows account passwords. You successfully removed the malware responsible for the attacks and need to better secure the passwords assigned to the user accounts without limiting the system’s usability.

Which of the following should be included in securing the user accounts? (Select THREE.)

1. Require user account passwords.

1. Require strong passwords.

1. Set failed logon restrictions.

1. Add each user to the Guests group.

1. Change each account type to Administrator.

1. Disable password complexity requirements.

A Windows 10 Home user is attempting to encrypt the contents of a folder on a volume formatted with NTFS. The user contacted you to ask why the option to encrypt the folder is disabled.

What is the most likely reason the encryption option is disabled?

1. Windows Home editions do not support EFS.

1. The NTFS file system is corrupt.

1. The user account is not a member of the Administrators group.

1. A volume formatted with NTFS does not support EFS.

You have been tasked with training end users in security best practices and have observed a trend among users in which many are writing down their passwords.

Which of the following procedures can be implemented to provide enough security to protect resources while minimizing the need for users to write down their passwords?

1. Lengthen the time period between forced password changes.

1. Disable required passwords.

1. Disable password complexity requirement.

1. Increase password length requirement.

You have received several trouble tickets from the employees in the warehouse for the stand-alone computers used to control various shipping machines because the computers are not booting when powered. Each time a technician resolves the booting issue the boot order is changed in the firmware. Each computer is required to have the USB ports disabled in the firmware to keep employees from connecting rogue devices.

Which of the following steps should be taken to eliminate these trouble tickets?

1. Enable the supervisor password in the BIOS/UEFI setup.

1. Disconnect the USB ports from the motherboard.

1. Require all employees to use a unique Windows user account and password.

1. Install a lock on the computer case to prevent removal of the covers.

You need to secure your Windows 7 computer in a way that prevents access to the entire HDD even if the drive is moved to another system.

Which solution will you implement?

1. BitLocker

1. BitLocker To Go

1. Encrypting File System

1. VPN using IPSec

Which of the following best meets the requirements of a strong password?

2. t*M&2.zY7

1. qwerty1234567890

1. p@ssw0rd

1. johndoe123

An administrator is assigning Windows user accounts to user groups based on the user’s role and notices the built-in Power Users group.

What is the purpose of the Power Users group in Windows 7 and later?

1. Backward compatibility for legacy operating systems and applications.

1. Members have limited privileges and are given a temporary profile.

1. Provides a method for assigning rights to Guests who require Administrator access.

1. Allows members to take ownership of files and folders.

Several computers in your organization are being used from within the building after hours when the company is closed. Your manager has asked you to configure the computers to limit access to business hours.

Which of the following steps can be taken to limit access to the computers?

1. Configure logon time restrictions.

1. Set the BIOS to automatically power off the computers at closing time.

1. Disable Microsoft account resources.

1. Change the user account passwords.

Your computer has a single HDD formatted with NTFS with the following data folders:

C:\Documents

C:\Pictures

You create a new child folder under the C:\Documents folder.

What term describes the permissions the new folder automatically attains from the C:\Documents folder?

1. Inherited permissions

1. Explicit permissions

1. Allow permissions

1. Deny permissions

A technician is configuring the Windows computers on a network to print to a printer that is directly connected to the network via UTP cable.

What term best describes this method of printer connectivity?

1. Network printer

1. Shared printer

1. Network drive mapping

1. Administrative share

A Windows user called the help desk to request that her local user account password be reset on her computer. The help desk technician connected to the computer using RDC and reset the password using the Network Places Wizard. After the password was reset, the user lost access to all the data files on the local HDD.

Which of the following describes the most likely reason for the lost data files?

1. The user had previously encrypted her data files and folders using EFS.

1. The user attempted to enter an incorrect password too many times.

1. The technician erased all the data files while resetting the password.

1. The user lost access to the network shared drive when her password was reset.

You recently created several new user accounts in the Sales OU and configured them with the appropriate group membership, logon scripts, and printer access. Except for one new sales employee, all employees are actively using the account. The remaining employee will be using the account within the next two weeks.

What is best practice for the remaining unused account?

1. Disable the account until the employee is ready to use it.

1. Delete the account and re-create it when the employee is ready to use it.

1. Remove the account membership to all groups.

1. Leave the account active since it will be unused for only two weeks.

You are having difficulty changing permissions for a folder on an NTFS volume that was created by another user.

How can you best solve this issue without losing data in the folder?

1. Take ownership of the folder and then change permissions.

1. Disable permission inheritance and explicitly assign the new permissions.

1. Enable permission inheritance so the new permissions are inherited from the parent folder.

1. Delete the folder and re-create it. Then assign the new permissions.

The users in the sales department need a central location on the network to share data files. All the client computers in the organization are running Windows 10 and have network and Internet connectivity. The file server that hosts the network drive for the sales department is running Windows Server 2016.

Which of the following is the first step in implementing this data share?

1. Share the folder or volume on the file server that will store the shared data files.

1. Map a network drive to the shared folder or volume on the file server on the sales computers.

1. Run a system image backup of the file server, including all data folders.

1. Create a system restore point on the server and all sales computers.

A technician is using the Security tab in the Properties dialog box in an attempt to remove the inherited status from a file’s permissions but cannot locate where to make the change.

Which of the following steps should the technician take to make this change?

1. Click the Advanced button to open Advanced Security Settings for the file.

1. Click the Administrator user name and click the Edit button.

1. Click the Sharing tab and click Advanced Sharing.

1. Click the Previous Versions tab, highlight the file, and click Restore.

Which of the following is a hardware component used to hold the BitLocker encryption key and ensures encrypted data is not accessed in the event a hard drive is lost or stolen?

1. TPM

1. NIC

1. EFS

1. MFA

Your organization recently deployed a Windows domain controller with Active Directory. All the domain OU users need to run the same script file each time they sign in to Windows.

How can the settings be configured with the least effort by the admin?

1. Configure Group Policy to run a logon script.

1. Configure Local Group Policy on each workstation to run a logon script.

1. Configure user account properties for each domain user in Active Directory to run a logon script.

1. Configure folder redirection in Group Policy.

A technician wants to limit access to a group of folders and is using Group Policy to prevent the users in the sales department from accessing folders assigned to the accounting department. The technician is having difficulty achieving acceptable results.

Which of the following is the most likely reason the technician is having difficulties?

1. The technician should be setting NTFS permissions instead of using Group Policy.

1. The technician should be using Local Security Policy instead of Group Policy.

1. The technician is not signed in as a Domain Admin.

1. The users in the sales department are in a different domain than the accounting department users.