98-367 Online Practice Questions and Answers

Correct Answer:

Correct Answer: C

Correct Answer: D

In the above scenario, Mark will ask his employees to delete the email whenever he receives an email from a company that they know with to click the link to "verify their account information", because companies do not ask for account

information via email now a days.

Answer: C is incorrect. Read-only Domain Controller (RODC) is a domain controller that hosts the read-only partition of the Active Directory database. RODC was developed by Microsoft typically to be deployed in a branch office environment.

RODC is a good option to enhance security by placing it in a location where physical security is poor. RODC can also be placed at locations having relatively few users and a poor network bandwidth to the main site. As only the read-only

partition of the Active Directory database is hosted by RODC, a little local IT knowledge is required to maintain it.

Correct Answer: D

Identity spoofing (IP address spoofing) will occur when the attacker wants to use an IP address of a network, computer, or network component without being authorized for this task. It allows the unprivileged code to use someone else's identity, and use their security credentials Answer: B is incorrect. A honey pot is a computer that is used to attract potential intruders or attackers. It is for this reason that a honey pot has low security permissions. A honey pot is used to gain information about the intruders and their attack strategies. Answer: C is incorrect. RIP and SAP are used to broadcast network information in a regular way regardless of no changes in the routing or service tables. RIP/SAP spoofing method is used to intercept the SAP and RIP broadcasts by using a spoofing modem/router, and then re-broadcast network information via its own routing table or service table. Answer: A is incorrect. In the distributed denial of service (DDOS) attack, an attacker uses multiple computers throughout the network that it has previously infected. Such computers act as zombies and work together to send out bogus messages, thereby increasing the amount of phony traffic. The major advantages to an attacker of using a distributed denial-of-service attack are that multiple machines can generate more attack traffic than one machine, multiple attack machines are harder to turn off than one attack machine, and that the behavior of each attack machine can be stealthier, making it harder to track down and shut down. TFN, TRIN00, etc. are tools used for the DDoS attack.

Correct Answer: D

The Phishing filter of IE 7+ provides protection from online phishing attacks, frauds, and spoofed Web sites. The filter helps determine whether a Web site is a legitimate site or a phishing site. The filter blocks the Web sites and cautions the users about both reported and suspected phishing Web sites. Answer: B is incorrect. A Pop-up blocker allows users to block most pop-ups while surfing the Internet on their computers. The users can select the level of blocking; they can either block all pop- up windows or allow pop-ups that they want to see. Answer: A is incorrect. The protected mode feature of IE 7+ prevents a computer from saving the files or programs of a Web site. The protected mode makes it more difficult for malware to be installed. In case such a program is installed, it makes it difficult for the program to damage a user's file and the other operating system files. Protected mode is enabled by default for Internet, local intranet, and restricted sites. However, it is not enabled for the trusted sites. Answer: C is incorrect. IE 7+ provides a user the facility of configuring security through the security zones. It allows a user or systems administrator to categorize Web sites that a user visits into several groups with a suitable security level.

Correct Answer: D

The Active Directory Sites and Services MMC snap-in console is used to administer the replication of directory data among all sites in an Active Directory Domain Services (AD DS) forest.

Answer: A is incorrect. The Active Directory Domains and Trusts console is used to administer domain trusts, domain and forest functional levels, and user principal name (UPN) suffixes.

Answer: B is incorrect. Active Directory Administrative Center is used to administer and publish information in the directory, including managing users, groups, computers, etc.

Answer: C is incorrect. Group Policy Management Console (GPMC) is used to provide a single administrative tool for managing Group Policy across the enterprise.

Correct Answer: BC

Answer: B and C

In such a situation, when John receives an error message revealing that Kernel32.exe is encountering a problem, he needs to come to the conclusion that his antivirus program needs to be updated, because Kernel32.exe is not a Microsoft

file (It is a Kernel32.DLL file.).

Although such viruses normally run on stealth mode, he should examine the process viewer (Task Manager) to see whether any new process is running on the computer or not. If any new process (malicious) is running on the server, he

should exterminate that process.

Answer: A and D are incorrect. Since kernel.exe is not a real kernel file of Windows, there is no need to repair or download any patch for Windows Server 2003 from the Microsoft site to repair the kernel.

Note: Such error messages can be received if the computer is infected with malware, such as Worm_Badtrans.b, Backdoor.G_Door, Glacier Backdoor, Win32.Badtrans.29020, etc.

Correct Answer: A

UDP is often used for one-to-many communications, using broadcast or multicast IP datagrams. User Datagram Protocol (UDP) is one of the core members of the Internet Protocol Suite, the set of network protocols used for the Internet. With UDP, computer applications can send messages, in this case referred to as datagrams, to other hosts on an Internet Protocol (IP) network without requiring prior communications to set up special transmission channels or data paths. UDP is sometimes called the Universal Datagram Protocol. Answer: D is incorrect. Simple Mail Transfer Protocol (SMTP) is a protocol for sending e-mail messages between servers. E-mailing systems use this protocol to send mails over the Internet. SMTP works on the application layer of the TCP/IP or OSI reference model. The SMTP client typically initiates a Transmission Control Protocol (TCP) connection to the SMTP server on the well-known port designated for SMTP, port number 25. However, e-mail clients require POP or IMAP to retrieve mails from e-mail servers. Answer: B is incorrect. File Transfer Protocol (FTP) is a standard network protocol used to copy a file from one host to another over a TCP/IP-based network, such as the Internet. FTP is built on a client- server architecture and utilizes separate control and data connections between the client and server applications, which solves the problem of different end host configurations (i.e., Operating System, file names). FTP is used with user-based password authentication or with anonymous user access. Answer: C is incorrect. The Hyper Text Transfer protocol is a standard application-level protocol used to request and transmit files, especially web pages and webpage components, on the World Wide Web. HTTP runs on top of the TCP/IP protocol. Web browsers are HTTP clients that send file requests to Web Servers, which in turn handle the requests via an HTTP service.

Correct Answer: B

Correct Answer: B