Chapter 9

1.

1 point

1. What are examples of password policies? Select all that apply.

a. history

b. length

c. complexity

d. age

2.

1 point

2. Why primarily are account lockout policies put into place?

a. privacy

b. security

c. policy

d. regulations

3.

1 point

3. What is the default setting for password history?

a. 6

b. 10

c. 16

d. 24

4.

1 point

4. What is the default minimum password length in characters?

a. 5

b. 7

c. 8

d. 10

5.

1 point

5. What setting can you give for account lockout duration that requires an administrator to manually unlock the account?

a. 0

b. 10

c. 99

d. 99,999

6.

1 point

6. By default, who has read/write capability to the Default Domain Policy?

a. local administrators

b. power users

c. domain users

d. domain administrators

7.

1 point

7. How should you assign Password Settings objects (PSOs) to users?

a. Assign the PSOs directly to individual users.

b. Assign the PSOs to a new group and add the users to the new group.

c. Assign the PSOs to a global security group and add users to the group.

d. Assign the PSOs to various Active Directory groups as needed.

8.

1 point

8. What is the primary advantage of using Group Policies in a domain environment?

a. ease of enforcement

b. user compliance

c. centralized management

d. ease of creation

9.

1 point

9. What is the secpol.msc utility used for?

a. editing group policies

b. editing local security policies

c. editing global security policies

d. editing domain-level policies

10.

1 point

10. What does the minimum password age setting control?

a. how many seconds a user must wait before a password reset

b. how many minutes a user must wait before a password reset

c. how many hours a user must wait before a password reset

d. how many days a user must wait before a password reset

11.

1 point

11. Why should administrator passwords change more often than user passwords?

a. because administrator passwords are usually simpler than user passwords

b. because administrator accounts carry more security sensitivity than users do

c. because administrators are paranoid about security

d. because administrator accounts are watched by management in large companies

12.

1 point

12. What is the range of password history settings?

a. 0 to 9

b. 0 to 15

c. 0 to 24

d. 0 to 63

13.

1 point

13. What is an easy method of creating a strong password?

a. Use your username and add numbers and special characters.

b. Use your favorite football team’s name with numbers and special characters.

c. Ask a friend for some ideas for good passwords and then add your own number and characters.

d. Start with a sentence and then add numbers and special characters.

14.

1 point

14. Why is a setting of 0 for maximum password age not a good idea? Check all that apply.

a. It means that passwords never expire, which is a major security problem.

b. It means that your passwords expire every day.

c. It means that you’ve disabled password aging.

d. It means that you’ve disabled the use of passwords.

15.

1 point

15. Account policies contain various subsets. Which of the following are legitimate subsets of account policies? Check all that apply.

a. Password Policy

b. Account Lockout Policy

c. Kerberos Policy

d. Username Policys.

16.

1 point

16. By default, which of the following represents the maximum amount of time by which a computer’s internal clock can be inaccurate yet still be able to use Kerberos authentication?

a. 30 seconds

b. 1 minute

c. 5 minutes

d. 8 minutes