Windows Client - Test 2

What is the maximum number of Windows 8 devices on which you can install a Windows app?

Which of the following can be use to turn off automatic download of updates from the Windows store on a Windows 8 computer? (Select all that apply)

Which of the following rule collections is used to configure an AppLocker rule for a packaged app?

To create rules for multiple packaged apps in a single step, which wizard would you use with AppLocker?

Where can you obtain a sideloading product activation key to sideload an app on a Windows 8 Professional computer?

Which option represents the order of precedence for GPOs starting from first to last?

Which represents the correct path for disabling the "Turn off the Store application" using the Local Group Policy editor?

Which command can be used to add a sideloading product activation key?

To create a single rule that allows the Everyone group to run packaged apps that are signed, which wizard would you use in AppLocker?

Which of the following are true regarding updating Windows apps from the Windows Store?

You have 25 Windows 8 computers in a Windows Active Directory domain named "contoso.com". Which of the following tools should be used to disable the automatic download of updates from the Windows Store on all of them with the least amount of administrative effort?

To set up an AppLocker rule that disables access to Windows apps, which of the following rule collections would you create the rule from?

To uninstall a Windows app that you recently purchased on one of your Windows 8 devices last week but now would like to reinstall, which of the following options best describes the process to reinstall it?

As the administrator for a network that has 50 Windows 8 client computers, which of the following approaches can be used to initiate Windows app updates on the users' machines?

You have a Windows 8 computer set up with the 20 Windows Apps that you want everyone to have access to. Which of the following AppLocker wizards will create all the rules in a single step?

Match the following terms with the corresponding definitions: a) [blank_start]Application Identity service[blank_end] - A service that is required by AppLocker to verify the identity of an app. b) [blank_start]Group Policy Management console[blank_end] - Used to configure Group Policy across your entire enterprise. c) [blank_start]Line of Business (LOB) apps[blank_end] - Apps that are unique to the main business of the company. d) [blank_start]AppLocker[blank_end] - Controls which applications and files users can run on their Windows 8 computer. e) [blank_start]Local Security Policy Editor[blank_end] - Used to modify local security settings on your computer (secpol.msc) f) [blank_start]sideloading[blank_end] - Used to bypass the Windows Store and load LOB apps. g) [blank_start]Windows Apps[blank_end] - Also known as as "packaged apps". h) [blank_start]Windows Store[blank_end] - Central location for distributing and purchasing apps. i) [blank_start]rule collections[blank_end] - Includes executables files, scripts, Windows installer files, and Appx. j) [blank_start]Group Policy Object[blank_end] - Can be associated with a selected Active Directory container.

In order of first to last, specify the order of precedence for processing Group Policy objects. [blank_start]2[blank_end] Group Policies linked to the Site container [blank_start]4[blank_end] Group Policies linked to the Organizational Unit [blank_start]1[blank_end] Local Group Policy object [blank_start]3[blank_end] Group Policies linked to the Domain container

After deleting a Windows App that is installed on four other Windows 8 devices, specify the correct order of steps required to reinstall the Windows app. [blank_start]3[blank_end] Click Apps not installed on this PC. [blank_start]1[blank_end] Select the Windows logo key to open the Windows Start menu and select the Store tile. [blank_start]4[blank_end] Select the app you want to install. [blank_start]2[blank_end] Right-click and select Your Apps. [blank_start]5[blank_end] Click Install.

In order of first to last, specify the tasks that must be completed to disable access to the Windows Store using the Local Group Policy editor. [blank_start]3[blank_end] Click Computer Configuration > Administrative Templates > Windows Components > Store. [blank_start]5[blank_end] Click Enabled and then click OK. [blank_start]1[blank_end] Press the Windows logo key + r. [blank_start]4[blank_end] Double-click Turn off the Store application. [blank_start]2[blank_end] In the Run dialog box, type gpedit.msc.

Lee Jensen, owner of a large manufacturing company on the West Coast, recently approved the purchase and installation of 50 Windows 8 Enterprise desktops for his organization. A month earlier, the company installed 25 Windows 8 Professional client computers. All the computers are part of the Windows 2012 Active Directory domain named jensenmfg.com. The company has a Line of Business app called jenMax it would like to make available to its internal employees via the Windows Store. He has asked you to research the process and requirements and report back. What are the potential issues/recommendations you should bring to his attention? Distributing your LOB app via the Windows Store requires that you go through a certification process with Microsoft. Once your app is accepted, it will be made available via the Windows Store to the general public. LOB apps are usually designed for internal use only; therefore, making them available to the public is not the best approach. Instead, the solution is to use a process called sideloading. The Windows 8 Enterprise client computers are enabled for sideloading by joining them to the domain. The Windows 8 Professional client computers need to have the sideloading product activation key installed and activated for them to work correctly.

You have 50 Windows 8 Enterprise client computers on your network that are joined to the company’s Active Directory domain. You have several Group Policy objects linked to the domain including one GPO that has the “Turn off Automatic Download of updates" option set to Enabled. You open the Local Group Policy editor on one of the Windows 8 Enterprise client computers, navigate to the “Turn off Automatic Download of updates” option, and set it to Disabled. What would happen if you made this change? The order of precedence determines which Group Policy settings are applied to a Windows 8 client computer that is a member of a domain. Because the Local Group Policy setting is applied first, policies at the Site, Domain, and Organizational Unit level will overwrite it if there is a conflict. In this scenario, the GPO linked to the domain has turned off automatic updates from the Windows Store; therefore, it will be applied after the local policy.

What is one way that you can open the Search function?

How often does Microsoft check for app updates?

Updates are downloaded and installed automatically.

Which of the following software restriction policy rule types takes the highest precedence?

Which of the following types of rules can be manually created in AppLocker?

Which of the following Windows versions support AppLocker policies? (Choose all that apply.)

When you enable the Prevent installation of removable devices policy in a GPO and link that GPO to a domain, what is the effect on the devices already installed on computers in that domain?

Which of the following rule types cannot be used to create software restriction policies?

When creating an AppLocker rules manually, which of the following is NOT information the wizard prompts you to supply?

Which of the following is NOT a setting for software restriction policies?

Which of the following statements is the primary reason why AppLocker is an improvement over software restriction policies?

2. Which of the following statements is the primary reason why you must start the Application Identity service manually before using AppLocker?

Complete the following exercise by matching the terms with their corresponding definitions: a) [blank_start]Path rules[blank_end] - Applies to applications with a specific file or folder name b) [blank_start]Windows Installer rules[blank_end] - Applies to packages with .msi and .msp extensions c) [blank_start]Certificate rules[blank_end] - Applies to digitally signed applications d) [blank_start]Executable rules[blank_end] - Applies to files with .exe and .com extensions e) [blank_start]Hash rules[blank_end] - Applies to applications with a digital fingerprint f) [blank_start]Packaged app rules[blank_end] - Applies to Windows Store purchases g) [blank_start]default rule[blank_end] - Applies to applications that do not match any other rule type h) [blank_start]Network zone rules[blank_end] - Applies to packages downloaded with Internet Explorer i) [blank_start]Script rules[blank_end] - Applies to files with .psl, .bat, .cmd, . vbs, and .js extensions j) [blank_start]DLL rules[blank_end] - Applies to libraries, as well as executables

Sophie is planning on using AppLocker to control access to applications on a new network she has constructed for the Research and Development department at a major aerospace firm. The software developers in the department have recently deployed a new application called Virtual Wind Tunnel, which is based on government project research and is therefore classified. All of the full-time personnel have sufficient clearance to use the application, but the interns in the department do not. Sophie has placed the user accounts for everyone in the department into a security group called ResDev. The interns are also members of a group called RDint. How can Sophie use AppLocker to provide everyone in the department with access to the Virtual Wind Tunnel application without changing the group memberships and without having to apply policies to individual users? Sophie has to create two rules, an allow rule that grants the ResDev group access to the application, and a deny rule that applies only to the RDint group. Because deny rules take precedence over allow rules in AppLocker, the interns will not be able to access the application.

What are the names of the two security zones in Internet Explorer that have no sites in them by default? (Choose all that apply.)

Which of the following is NOT one of the add-on types supported by Internet Explorer 8?

What does a broken window icon in the Internet Explorer 8 address bar indicate?

Which of the following can be used to highlight content in a browser window instead of typing content directly into the browser’s search box?

When you subscribe to an RSS Feed in Internet Explorer, the content is updated how frequently by default?

When downloading a file from a website in Internet Explorer 10, the browser’s built-in download manager manages the process. Which of the following are valid options from within the download manager? (Choose all that apply.)

Which of the following best describes the role of a WebSocket? (Choose all that apply.)

Which of the following are true regarding Internet Explorer in Windows 8 and the use of mandatory integrity control? (Choose all that apply.)

By default, there are no sites included in which of these Internet Explorer security zones; you must add them manually. (Choose all that apply.)

Which of the following represent techniques used by Internet Explorer to identify potential phishing websites? (Choose all that apply.)

The company is designing a new web-based application that is likely to require extensive access to system resources. Users will connect to it over their local network segment. To make sure the application works as planned, in which security zone should the website be placed to allow it to function at its full capability?

A new company has just installed Windows 8 on their computers. They want to be able to protect themselves against phishing attacks. Which of these combinations will ensure they are using the best approach to defend against these types of attacks?

Several users on the network do sensitive research for the company using Internet Explorer on 50 Windows 8 computers. They do not want IE to maintain a permanent record of their activities during their browser sessions? What is the best approach to use to address their need?

In Windows 8, Internet Explorer runs in protected mode. Which of the following best describes the capabilities of IE when running in this mode?

The company is considering upgrading to Windows 8 but is concerned that some of their web-based applications may not be compatible. What is the best way to test for incompatibilities?

Complete the following exercise by matching the terms with their corresponding definitions: a) [blank_start]Add-ons[blank_end] - Software components that interact with the basic functions of the web browser. b) [blank_start]RSS Feeds[blank_end] - A push technology that simplifies the process of delivery updated content to designated users. c) [blank_start]Social engineering[blank_end] - Describes any attempt to penetrate the security of a system by convincing people to disclose secret information. d) [blank_start]security zones[blank_end] - Used by Internet Explorer to divide websites and assign different sets of privileges to each. e) [blank_start]accelerators[blank_end] - Enable users to highlight content in a browser window instead of using the search box. f) [blank_start]SmartScreen Filter[blank_end] - Examines traffic for evidence of phishing activity. g) [blank_start]WebSockets[blank_end] - Enables clients and servers to exchange data immediately. h) [blank_start]Protected mode[blank_end] - Provides a way to run Internet Explorer with highly reduced privileges. i) [blank_start]InPrivate Mode[blank_end] - Enables surfing the Internet without leaving any record of your activities. j) [blank_start]Compatibility View[blank_end] - Enables browser to display older pages properly.

In order of first to last, specify the correct order of steps to configure a default Search Provider. [blank_start]1[blank_end] On the Start screen, click the Desktop tile. [blank_start]3[blank_end] Click the Tools icon, and from the context menu that appears, select Manage Add-ons. [blank_start]5[blank_end] Select one of the search providers you installed earlier and click Set as default. [blank_start]4[blank_end] Select Search providers in the Add-on types list. [blank_start]6[blank_end] Click Close. [blank_start]2[blank_end] In the taskbar, click the Internet Explorer icon.

Specify the correct order of steps to subscribe to an RSS Feed. [blank_start]4[blank_end] Click the Subscribe to this feed link. [blank_start]1[blank_end] On the Start screen, click the Desktop tile. [blank_start]2[blank_end] In the taskbar, click the Internet Explorer icon. [blank_start]3[blank_end] Press the Alt key to display the menu bar and, on the Tools menu, click Feed Discovery. Then click the name of the feed to which you want to subscribe. [blank_start]5[blank_end] In the Name text box, type a name you want to assign to the feed (if it differs from the default). [blank_start]6[blank_end] Select the folder to which you want to add the feed, or click New folder to create one. Then click Subscribe. The feed page changes to indicate that you have successfully subscribed to the feed.

Specify the correct order of steps to add a site to a Security Zone. [blank_start]3[blank_end] Click the Tools icon and select Internet Options. [blank_start]2[blank_end] In the taskbar, click the Internet Explorer icon. [blank_start]7[blank_end] Type the URL of the website you want to add to the zone into the Add this website to the zone text box, and then click Add. [blank_start]6[blank_end] Click Sites. [blank_start]1[blank_end] On the Start screen, click the Desktop tile. [blank_start]8[blank_end] Click Close to close the Trusted sites or Restricted sites dialog box. [blank_start]5[blank_end] Select the zone, either Trusted sites or Restricted sites, to which you want to add a site. [blank_start]9[blank_end] Click OK to close the Internet Properties sheet. [blank_start]4[blank_end] Click the Security tab.

Several employees at the company you work for have recently been victims of identity theft. These incidents were the result of emails received by the victims requesting that they supply personal bank account information to a website or risk having their accounts closed. The website was, of course, not legitimate, and attackers used the information collected there to transfer funds from the victims’ accounts. The company has recently upgraded all company workstations to Windows 8, and you are examining the capabilities of the SmartScreen Filter in Internet Explorer 8. Your superiors have told you that you can use any of the new IE8 security features for the company workstations, as long as they do not consume any additional Internet bandwidth. Explain to your supervisor the various methods IE8 uses to protect against phishing attacks, and specify which ones you intend to use for the company workstations. The SmartScreen Filter in IE8 has three mechanisms for detecting phishing attempts. One is to analyze incoming web pages for patterns and phrases indicative of a phishing attempt. This mechanism uses no additional Internet bandwidth, so you can implement it on the company workstations. The other two mechanisms perform online lookups of phishing sites and down sites, using a database maintained by Microsoft. Because these mechanisms require Internet bandwidth, you cannot use them.

A web-based site is needed by all users on the company’s network in order to perform research on the company’s competitors. After installing Windows 8, calls start coming into the help desk indicating there are compatibility problems with the site. What are some techniques that can be tried to address the problem? You can move the site to the Trusted zone in the users’ browser. Sites in the Trusted zone do not run in protected mode and receive elevated privileges. You could disable protected mode in IE (not recommended) or modify the application which is the most difficult and time-consuming option if the first option does not work.

Which of the following mechanisms is used most often used in firewall rules to allow traffic onto the network?

Which of the following actions can you NOT perform from the Windows Firewall control panel? (Choose all that apply.)

Connection security rules require that network traffic allowed through the firewall use which of the following security mechanisms?

Windows Firewall uses three profiles to represent the type of network to which the server is connected. What are the three profiles?

When a user attempts to visit an Internet-based web server, what is the default action of the Windows Firewall?

In the Windows Firewall with Advanced Security console, while creating a new rule, the Program page specifies whether the ______.

By exporting the Windows Firewall policy, you have a file with a .wfw extension that contains _____.

Which of the following statements about Windows Defender is true?

Which of the following wireless networking standards uses spatial multiplexing to increase bandwidth?

Which of the following wireless security protocols is the most secure?

What is the primary objective of a firewall?

Windows Firewall Customize Settings contains three profiles (Public, Private, and Domain). What differentiates these profiles from each other?

Windows Firewall allows you to create inbound, outbound, and connection security rules for individual servers or systems. How can you do this for multiple systems?

What is the primary benefit of configuring Windows Firewall through the Windows Firewall with Advanced Security snap-in for the Microsoft Management Console?

When creating a firewall exception, what is the difference between opening a port and allowing an application?

Specify the order of steps for processing an application in Windows Firewall. [blank_start]3[blank_end] Click Allow an app or feature through Windows Firewall. The Allowed Apps dialog box appears. [blank_start]4[blank_end] Scroll down in the Allowed apps and features list and select the check box for the application you want to allow through the firewall. [blank_start]1[blank_end] Log on to Windows 8, using an account with administrator privileges. 5 Click OK to close the Allowed Apps dialog box. [blank_start]2[blank_end] Open the Control Panel and click System and Security > Windows Firewall. The Windows Firewall window appears.

In order of first to last, specify the order of steps for creating Windows Firewall rules. [blank_start]5[blank_end] From the Action menu, select Export Policy. The Save As combo box appears. [blank_start]1[blank_end] Log on to Windows 8, using an account with administrator privileges. [blank_start]4[blank_end] Modify the inbound or outbound firewall rules or create new rules as needed. [blank_start]2[blank_end] Open the Control Panel and select System & Security > Administrative Tools > Windows Firewall with Advanced Security. The Windows Firewall with Advanced Security console appears. [blank_start]3[blank_end] In the left pane, select the Windows Firewall with Advanced Security on Local Computer node. [blank_start]6[blank_end] In the File Name text box, type a name for the policy file and click Save.

You are a desktop technician in the IT department of a small corporation. Today is the day of the company picnic and, as the junior member of the department, you have been left in charge of the entire corporate network while everyone else is out of the office. Shortly after 2:00 PM, an email arrives from the company’s biggest customer, complaining that they can’t access the web server they use to place their orders. After checking the web server logs, it seems clear that the server is undergoing a denial-of-service attack, because there are suddenly hundreds of Internet computers repeatedly trying to access it. What temporary modifications could you make to Windows Firewall on the Windows 8 computer that stands between the web server and the Internet that would allow customers to access the web server while blocking the attackers? You could require IPsec authentication for all incoming communications to TCP port 80, the well-known port for web server communications. Customers would then be able to authenticate and access the server, while the random, unauthenticated DoS connection attempts are blocked.

Ed is a desktop technician at a large law firm. Ed’s firm is a slow adopter of new technologies, and the organization has, to date, not deployed a wireless network. After bringing up the benefits of wireless networks at a recent meeting with the IT staff, Ed was told that the company will not be deploying a wireless network for several years, if ever. The lack of an IT-configured wireless network has not entirely stopped their adoption, however. Yesterday, Ed noticed a junior attorney surfing the web with his laptop in the lunch room, without a network cable. When Ed asked the attorney how he was connected to the network, he confessed that he had plugged a consumer WAP into the network port in his office. Explain the potential risks of having a rogue wireless network in the office. An attacker with a wireless network card could join their Active Directory Domain Services domain. An attacker could use a wireless network card to capture traffic between two wired network hosts. An attacker could use the company’s Internet connection from the lobby of the building with a wireless-enabled mobile computer.

Which of the following is the primary method for transmitting IPv6 traffic over an IPv4 network?

Which of the following is the IPv6 equivalent to a private IPv4 address?

Which of the following is an automatic tunneling protocol used by Windows operating systems that are located behind NAT routers?

What kind of IP address must a system have to be visible from the Internet?

What subnet mask would you use when configuring a TCP/IP client with an IPv4 address on the 172.16.32.0/19 network?

Which protocol is responsible for addressing packets at the data-link layer?

Windows 8 computers can acquire IP addresses in which of the following ways? Select all that apply.

Which of the following are true statements regarding IPv4 and IPv6 addressing? Select all that apply.

Computers with link-local addresses, that do not have access to a DNS server, use which protocol?

In which layer of the OSI model would packet acknowledgment, error correction, and flow control services typically be handled?

A computer is currently experiencing connectivity problems. The network administrator is unsure whether the source of the problem is the local computer, the remote computer, or one of the routers between the two. Which tool would most likely provide the information needed to answer these questions and pinpoint the location of the problem?

Two computers are configured to communicate on a local network segment 192.168.2.0/24. Computer A is currently assigned 192.168.2.17 and Computer B is assigned 192.168.2.22. A new administrator adds a third computer (Computer C) to the network and forgets to configure its IP address. If the DHCP server were temporarily unavailable, which of the following would most likely be the result?

The network administrator is currently having problems connecting and gathering information from a Windows 8 computer using telnet. He wants to use telnet on a very limited basis. Which of the following would represent the best approach to solve this problem?

When troubleshooting computers and networks, it’s wise to use the OSI model as a guide. If a user is experiencing problems with resolving host names to IP addresses, which layer of the OSI model would you focus on to quickly resolve the problem?

A network administrator is trying to locate where packets are being delayed in transit. She uses the tracert command and receives the following information. Which of these hops would be the source of the delay?

Complete the following exercise by matching the terms with their corresponding definitions. a. [blank_start]ipconfig[blank_end] - Used to view the settings assigned to a DHCP-enabled client. b. [blank_start]netstat[blank_end] - Used to display ports that are currently listening for incoming network connections. c. [blank_start]media access control address[blank_end] - A hardware address used at the data-link layer. d. [blank_start]network address translation[blank_end] - Feature built into routers; substitutes a registered address for the computer’s private address and then forwards to destination. e. [blank_start]connectionless protocol[blank_end] - A protocol that does not perform error detection or correction. f. [blank_start]connection-oriented protocol[blank_end] - Protocol in which two system establish a connection before they transmit any data. g. [blank_start]Transmission Control Protocol[blank_end] - A connection-oriented protocol found at the Transport layer. h. [blank_start]Internet Protocol[blank_end] - A connectionless protocol found at the Network layer. i. [blank_start]packet switching network[blank_end] - Also referred to as a local area network. j. [blank_start]Automatic Private IP Addressing (APIPA)[blank_end] - Allows computers on networks without DHCP to communicate with each other when not assigned manual IP addresses.

In order of first to last, specify the correct order of steps to view connection status. [blank_start]1[blank_end] Open the Network and Sharing Center. [blank_start]4[blank_end] Click Close to close the Network Connection Details dialog box. [blank_start]5[blank_end] Click Close to close the Local Area Connection Status dialog box [blank_start]3[blank_end] Click Details. The Network Connection Details dialog box appears. [blank_start]2[blank_end] In the View your active networks section, click Ethernet or the name of the connection whose status you want to view.

Specify the correct order of steps to configure IPv4 settings. [blank_start]2[blank_end] Click Change adapter settings. [blank_start]4[blank_end] Select Internet Protocol Version 4 (TCP/IPv4) and then click Properties. [blank_start]6[blank_end] Select the Use The Following DNS Server Addresses option and then enter appropriate values for the following parameters (preferred DNS Server, alternate DNS server. [blank_start]3[blank_end] Right-click the connection you want to manage and, from the context menu, select Properties. [blank_start]1[blank_end] Open the Network and Sharing Center. [blank_start]7[blank_end] Click OK to close the Internet Protocol Version 4 (TCP/IPv4) Properties sheet. [blank_start]5[blank_end] Select the Use The Following IP Address option and then enter appropriate values for IP address, subnet mask, and default gateway). [blank_start]8[blank_end] Click OK to close the connection’s Properties sheet.

Specify the correct order of steps to configure Advanced Sharing settings. [blank_start]1[blank_end] Open the Network and Sharing Center. 4 Configure the following settings by selecting from the options provided (Network Discovery, Turn on automatic setup of network connected device, file/printer sharing, public folder sharing, media streaming, file sharing connections, password protected sharing, and HomeGroup connections). 5 Click Save Changes. 3 Click the down arrow for the network location whose settings you want to modify. 2 In the left pane, click Change advanced sharing settings. The Change sharing options for different network profiles dialog box appears.