David Fisher Knowledge Assessment Chapter 8

1.

Windows Firewall enables you to create rules that call for the use of IPSec to encapsulate data packets within other packets. This process is called __________.( tunneling) The process of granting users access to file server shares by reading their permissions is called __________.( Authorization) The combination of permissions assigned to a file, plus the permissions inherited from parent folders and group memberships, is called the files __________ permissions. (effective) In the NTFS permission system, __________ permissions are actually combinations of __________ permissions. (standard, special) Kerberos is a __________ authentication method. (centralized) To use the Windows Firewall control panel to enable traffic for a specific application, you must create a __________. (program exception) The users, computers, and services to which you assign permissions are also known as __________. (security principals) The hardware requirements for BitLocker call for either a USB flash drive or a __________. (trusted platform module (TPM) chip) The Advanced Security Settings dialog box displays a list of __________. (access control entries (ACEs)

2.

3.

4.

5. 6.

7.

8.

9.

10.

The software module on an Active Directory domain controller that is primarily responsible for implementing the Kerberos authentication protocol is called the ___?( Key Distribution Center (KDC)

Multiple Choice 1. Which of the following is the nest description of a security principal? Answer : ( B ) 2. Which of the following is an example of a complex password by Microsofts definition? Answer : ( D ) 3. Which of the following statements about effective permissions is not true? Answer : ( A )

4. Which of the following biometric authentication mechanisms is suitable for verification, but not identification? Answer : ( C ) 5. Which of the following is the filter criterion most commonly used in firewall rules? Answer : ( D )

6. Which of the following devices is BitLocker unable to use to store its volume encryption key? Answer : ( A and B ) 7. Which of the following Group Policy settings prevents users from changing their passwords and then changing them immediately back again? Answer : ( A ) 8. Which of the following statements is not true in reference to resource ownership? Answer : ( D ) 9. Which of the following statements about public key encryption are true? Answer : ( B and D ) 10. Which of the following statements about permissions are true? Answer : ( D )

Review Questions 1. Is showing your identification to prove that you are old enough to purchase a pack of cigarettes an example of authentication or authorization? Explain your answer. Authorization. They are asking for how old you are, not who you are.. 2. Is showing your identification to a cashier to verify that the credit card you are using belongs to you an example of authentication or authorization? Explain your answer. Authentication. Here you are proving who you are, that you are the person that matches the name on credit card.