Solutions 14-1

Guide to MCSE 70-290, Enhanced

Chapter 14 Solutions

Review Questions

  1. Which of the following Event Viewer log files are success and failure events written to?
    Answer: B
  2. What is the default size of the Security log on a Windows Server 2003 system?
    Answer: C
  3. Which of the following is not a default security template included with Windows Server 2003?
    Answer: D
  4. Which of the following audit settings should be configured to audit access to files and folders?
    Answer: C
  5. Which of the following audit settings should be configured to audit server reboots?
    Answer: A
  6. Which of the following audit settings should be configured to audit the creation of group objects?
    Answer: B
  7. Which of the following audit settings should be configured to audit successful password changes?
    Answer: A
  8. No auditing settings are configured for domain controllers by default on Windows Server 2003 systems. (True or False?)
    Answer: B
  9. Which of the following security features is used to encrypt data as it is transmitted over a network?
    Answer: A
  10. Which of the following security features is used to encrypt files and folders stored on an NTFS volume?
    Answer: B
  11. Which of the following security features is used to validate the identity of a user on a Windows Server 2003 network?
    Answer: B
  12. Which of the following security features is used to secure files and folders on an NTFS partition?
    Answer: A
  13. Which of the following security templates contains the default security settings applied to a Windows Server 2003 system by default?
    Answer: A
  14. Security template settings can be applied via Group Policy. (True or False?)
    Answer: A
  15. Which of the following command-line tools can be used to create and apply security templates?
    Answer: B
  16. Which of the following is not a supported switch with the SECEDIT command in Windows Server 2003?
    Answer: D
  17. Where are security templates stored by default on a Windows Server 2003 system?
    Answer: A,B,C
  18. Which of the following MMC snap-ins can be used to compare current server security settings to those stored in a security template?
    Answer: A
  19. Which security template is automatically applied to a Windows Server 2003 system when it is promoted to the role of domain controller?
    Answer: A
  20. True or False? It is possible to configure access control settings on Active Directory objects such as user accounts. (True or False?)
    Answer: A

Case Projects

Case Study 1

The tool to create new templates would be the Security Templates MMC snap-in. Once configured, the most efficient way to distribute these settings would be via Group Policy.

Case Study 2

You can use auditing to track access to shared resources. Begin by configuring the audit policy through a non-local GPO or through the local security policy enabling auditing for object access. Then enable auditing for specific actions on the shared resources.