1.) What is SSL used for?
a. Encrypt data as it travels over a network
b. Encrypt files located on a Web server
c. Encrypt passwords for storage in a database
d. Encrypt specific elements of data for application-specific purposes
e. Encrypt digital certificates used to authenticate a Web site
Answer
2.) Which port does HTTPS use?
a. 21
b. 53
c. 80
d. 137
e. 443
Answer
3.) True or False: An IT security risk analysis is the same as an IT vulnerability assessment.
Answer
4.) Phishing differs from adware and spyware because…
a. it is not a problem for organizations but individuals.
b. it installs malicious software on your PC.
c. it uses social engineering and technical subterfuge whereas the other two do not.
d. it is easier to stop.
e. None of the above
Answer
5.) Which is the recommended setting for auditing policy settings to audit Object Access?
a. Success: Off, Failure: Off
b. Success: Off, Failure: On
c. Success: On, Failure: Off
d. Success: On, Failure: On
e. None of the above
Answer
6.) As the administrator for a Windows-based network, you are installing Windows 2000 Server on a computer, which will run IIS
and be connected to the Internet. Your domain name is mycompany.com. During the setup the installer asks whether you want this computer to be a
member of a domain. Which option do you select?
a. No, this computer is not on a network or is on a network without a domain.
b. Yes, make this computer a member of the following domain: mycompany.com.
Answer
7.) Which of the following services is not required to run a Windows server solely configured to run IIS and publish a Web
site?
a. IIS Admin Service
b. Performance Logs and Alerts
c. Protected Storage
d. Server Service
e. World Wide Web Publishing Service
Answer
8.) By default, IIS is configured to support many different common file name extensions that are related to a variety of
features in IIS. Your site uses Active Server Pages and PHP for creating pages on the fly. Besides .asp and .php, what other file name extensions
should be mapped to IIS?
a. .htw
b. .printer
c. .sthm
d. .idq
e. None of the above
Answer
9.) Which is the recommended log file format for logging IIS events?
a. Microsoft IIS Log File Format
b. NCSA Common Log File Format
c. W3C Extended Log File Format
Answer
10.) Web server A is set up to log system and IIS activity. Which is the best set up from the list below?
a. Log File Directory: %WinDir%\System32\LogFiles
b. Log File Directory: C:\Inetpub\wwwroot\LogFiles
c. Log File Directory: E:\Inetpub\wwwroot\LogFiles
d. Log File Directory: E:\Inetpub\LogFiles
e. Log File Directory: F:\LogFiles
Answer
11.) Which of the following network designs is considered the most secure?
a. Flat network
b. Triple-homed perimeter network
c. Back-to-back perimeter network
Answer
12.) Which of the following steps is not required to configure IIS to handle encrypted sessions?
a. Create a public-key pair in IIS to submit to a Certificate Authority (CA) when you request a certificate.
b. Request a server certificate from the CA.
c. Sign for the certificate when FedEx delivers it.
d. Install the certificate.
e. Configure the directories and pages that you want to secure.
Answer
13.) True or False: You don't need a digital certificate installed on your Web server to be able to securely manage it
remotely using Windows Terminal Services.
Answer
14.) True or False: You can use the Microsoft Event Viewer snap-in to view your Windows and IIS log files.
Answer
15.) Which of the following is the best definition of risk analysis when discussing IT security?
a. Risk analysis looks at the probability that a hacker may break in to your system.
b. Risk analysis looks at the probability that your security measures won't stop a hacker breaking in to your system.
c. Risk analysis determines what resources you need to protect and quantifies the costs of not protecting them.
d. Risk analysis looks at the probability that a vulnerability exists in your system.
e. Risk analysis looks at the consequences of being connected to the Internet.
Answer
16.) Which is the correct set of network components that need to be available for the Internet-facing network card of a
dual-homed IIS Web server running on Windows 2000?
a. Client for Microsoft Networks, File and Printer Sharing for Microsoft Networks, Internet Protocol (TCP/IP)
b. Client for Microsoft Networks, Internet Protocol (TCP/IP)
c. Internet Protocol (TCP/IP)
d. File and Printer Sharing for Microsoft Networks, Internet Protocol (TCP/IP)
e. None of the above
Answer
17.) Which is the correct definition of the Windows user right assignment "Log on locally"?
a. Determines which users can log on at the computer
b. Determines which users are prevented from logging on at the computer
c. Determines which service accounts can register a process as a service
d. Determines which users and groups are allowed to connect to the computer over the network
e. Allows a user to be logged on by means of a batch-queue facility
Answer
18.) What are the correct ACLs for IIS-generated log files?
a. System (Full Control), Administrators (Full Control), Everyone (RWC)
b. System (RWC), Administrators (Full Control), Everyone (RWC)
c. System (Full Control), Administrators (Full Control)
d. System (Full Control), Administrators (RWC)
e. System (Full Control), Administrators (Full Control), Guest (RWC)
Answer
19.) Which one of the following components does not need to be installed to run IIS on a Windows server?
a. Common Files
b. Internet Information Services Snap-in
c. Networking Services
d. World Wide Web Server
e. They all need to be installed
Answer
20.) The Security Accounts Manager database stores usernames, account privileges and security context information for every
user allowed to log on to a Windows machine locally. Which copy of the SAM database should you delete on a Windows Web server?
a. Program Files\Microsoft\SAM
b. WINNT\SYSTEM32\SAM
c. WINNT\SYSTEM32\CONFIG\SAM
d. WINNT\REPAIR\SAM
e. None of them
Answer
Return to Web attack prevention and defense
