Your company has a wireless network that connects to a wired network. Your boss is concerned about data being intercepted as it is sent over the wireless network. He wants to ensure that only employees can use the wireless network.
What steps should you take? (Select TWO.)
1. >>Enable WEP.
2. Disable MAC address filtering.
3. >>Disable broadcast SSID.
4. Use ad hoc mode.
5. Enable EFS.
Explanation : You should enable Wired Equivalent Privacy (WEP). Doing so will cause the traffic sent over the wireless network to be encrypted using 40-bit encryption by default. Some access points and wireless network adapters also support 128-bit encryption, so you should use it if it is available. It is also more secure to use dynamic WEP keys if they are supported.
You should also disable broadcast Service Set Identifier (SSID). The SSID is used to publish the availability of the wireless network, sort of like a network name. If you disable broadcast SSID, only clients that are configured with the SSID will be able to find wireless network and connect. This will help prevent non-employees from connecting to the network.
Enabling Encrypting File System (EFS) will not cause data to be encrypted on the network. EFS is used to encrypt files where they are stored, not to encrypt network traffic.
Disabling Media Access Control (MAC) filtering will not resolve the problem. You might or might not want to use MAC filtering. MAC filtering can be used to increase the security of the network by only allowing certain network adapters to connect. However, it is more difficult to manage. Wireless Access Points (WAPs) have MAC filtering disabled by default.
You should not use ad hoc mode. Ad hoc mode is used for peer-to-peer wireless networking. When a WAP connects to a wired network, you need to configure the wireless clients for infrastructure mode. By configuring them for infrastructure mode only, you can prevent them from connecting to ad hoc wireless networks.
Objective: Security
Showing posts with label EFS. Show all posts
Showing posts with label EFS. Show all posts
Sunday, December 16, 2007
Security: Upgrading and obtaining the EFS for your partition
You are upgrading a user's computer from Windows 98 to Windows XP Professional.
The computer currently has a hard disk partition formatted as FAT. The main reason for the upgrade is to allow users to secure files on that hard disk using permissions and encrypting file system (EFS).
What should you do?
1. >>Convert the hard disk to NTFS.
2. Convert the hard disk to FAT32.
3. Reformat the hard disk as NTFS.
4. Reformat the hard disk as FAT32.
Explanation : To use file permissions and EFS, you need to use the NTFS file system. You can convert the system hard disk to NTFS during installation. You can convert any hard disk from FAT or FAT32 to NTFS after installing Windows XP by using the Convert utility.
You should not convert the hard disk to FAT32. FAT32 does not support permissions or EFS.
You should not reformat the hard disk as FAT32. FAT32 does not support permissions or EFS. Also, reformatting the hard disk will cause all data stored on it to be lost.
You should not format the hard disk as NTFS. Formatting the hard disk will cause all data on it to be lost. A hard disk can be converted from FAT or FAT32 to NTFS, but not the other way around.
Objective: Security
The computer currently has a hard disk partition formatted as FAT. The main reason for the upgrade is to allow users to secure files on that hard disk using permissions and encrypting file system (EFS).
What should you do?
1. >>Convert the hard disk to NTFS.
2. Convert the hard disk to FAT32.
3. Reformat the hard disk as NTFS.
4. Reformat the hard disk as FAT32.
Explanation : To use file permissions and EFS, you need to use the NTFS file system. You can convert the system hard disk to NTFS during installation. You can convert any hard disk from FAT or FAT32 to NTFS after installing Windows XP by using the Convert utility.
You should not convert the hard disk to FAT32. FAT32 does not support permissions or EFS.
You should not reformat the hard disk as FAT32. FAT32 does not support permissions or EFS. Also, reformatting the hard disk will cause all data stored on it to be lost.
You should not format the hard disk as NTFS. Formatting the hard disk will cause all data on it to be lost. A hard disk can be converted from FAT or FAT32 to NTFS, but not the other way around.
Objective: Security
Thursday, November 29, 2007
Security: FAT32 vs NTFS partitions
When would it be necessary to convert a FAT32 disk partition to NTFS? (Select TWO.)
1. You want to support long file names.
2. >>You want to be able to set local file access permissions.
3. You want to use the Windows Backup utility to back up the partition.
4. >>You want to enable encrypting file system (EFS) support.
5. You want you configure a dual-boot computer with Windows 98 and Windows XP.
Explanation : You would need to convert a FAT32 disk partition to NTFS if you want to enable EFS support or local file access permissions. Both of these features require NTFS. EFS lets you encrypt files stored on the disk partition. Setting local file access permissions lets you set access permissions by user and group. This means that you can control who can access the files and the level of access permitted. For example, you might let some users view and modify files, while other users can view the files only.
You should not convert a FAT32 disk partition to NTFS to configure a dual-boot computer with Windows 98 and Windows XP. Windows 98 does not support NTFS, so FAT32 would be required in this situation.
You should not convert a FAT32 disk partition to NTFS to support long file names (names longer than the DOS 8.3 standard). FAT32 supports long file names for operating systems that support long file names.
You should not convert a FAT32 disk partition to NTFS to use the Windows Backup utility. The Windows Backup utility can be used to back up from and restore to a FAT32 partition.
Objective: Security
1. You want to support long file names.
2. >>You want to be able to set local file access permissions.
3. You want to use the Windows Backup utility to back up the partition.
4. >>You want to enable encrypting file system (EFS) support.
5. You want you configure a dual-boot computer with Windows 98 and Windows XP.
Explanation : You would need to convert a FAT32 disk partition to NTFS if you want to enable EFS support or local file access permissions. Both of these features require NTFS. EFS lets you encrypt files stored on the disk partition. Setting local file access permissions lets you set access permissions by user and group. This means that you can control who can access the files and the level of access permitted. For example, you might let some users view and modify files, while other users can view the files only.
You should not convert a FAT32 disk partition to NTFS to configure a dual-boot computer with Windows 98 and Windows XP. Windows 98 does not support NTFS, so FAT32 would be required in this situation.
You should not convert a FAT32 disk partition to NTFS to support long file names (names longer than the DOS 8.3 standard). FAT32 supports long file names for operating systems that support long file names.
You should not convert a FAT32 disk partition to NTFS to use the Windows Backup utility. The Windows Backup utility can be used to back up from and restore to a FAT32 partition.
Objective: Security
Security: Features supported by XP and 2kpro out of the box
Which of the following security features are supported by both Windows XP Professional and Windows 2000 Professional without installing additional software? (Select TWO.)
1. Encrypting File System (EFS)
2. Kerberos
3. Voice print recognition
4. Smart card support
5. >>Windows Firewall
6. >>Windows Security Center
Explanation : Kerberos authentication support and encrypting file system (EFS) are supported by both Windows 2000 Professional and Windows XP Professional. Kerberos is the default authentication method for Windows 2000 Professional and Windows XP Professional. EFS lets you configure your file system so that files are encrypted automatically. You can enable encryption for a file folder.
Windows Firewall, Windows Security Center, and smart cards are supported by Windows XP, but not Windows 2000. However, additional updates are required for Windows XP support. Windows Firewall and Windows Security Center are installed as part of Windows XP Service Pack 2. Windows 2000 can support smart cards but requires installation of add-on software to enable the support. Unmodified copies of Windows XP and Windows 2000 that have not be updated to current service pack versions do not support these security features.
Voice print recognition is not supported by either Windows XP or Windows 2000 unless you install additional software support. There are applications that can run on either that add voice print recognition as a biometric security method, but the functionality is not built into the operating system.
Objective: Security
1. Encrypting File System (EFS)
2. Kerberos
3. Voice print recognition
4. Smart card support
5. >>Windows Firewall
6. >>Windows Security Center
Explanation : Kerberos authentication support and encrypting file system (EFS) are supported by both Windows 2000 Professional and Windows XP Professional. Kerberos is the default authentication method for Windows 2000 Professional and Windows XP Professional. EFS lets you configure your file system so that files are encrypted automatically. You can enable encryption for a file folder.
Windows Firewall, Windows Security Center, and smart cards are supported by Windows XP, but not Windows 2000. However, additional updates are required for Windows XP support. Windows Firewall and Windows Security Center are installed as part of Windows XP Service Pack 2. Windows 2000 can support smart cards but requires installation of add-on software to enable the support. Unmodified copies of Windows XP and Windows 2000 that have not be updated to current service pack versions do not support these security features.
Voice print recognition is not supported by either Windows XP or Windows 2000 unless you install additional software support. There are applications that can run on either that add voice print recognition as a biometric security method, but the functionality is not built into the operating system.
Objective: Security
Subscribe to:
Posts (Atom)