Level 4 COC theory

1. A security policy defines

A. When users cannot log in to their computers

B. What users can and cannot do with their computer
C. How the user should install their own software
D. How complex user password should be

2. A type of network that supports two /more organizations and that allows controlled access
from the outside for specific purposes.

A. Intranet
B. Extranet
C. Internet
D. Wide Area Network (WAN)

3. You want all network clients to download and install updates automatically during night
hours, and you have configured scheduled installation behavior for Automatic Updates.
However, you discover that some users are turning off their machines at night and updates
are not being applied. The group policy that enables you to correct this situation without
changing the installation schedule?

A. Configure Automatic Updates

B. No Auto-Restart For Scheduled Automatic Updates Installations
C. Specify Intranet Microsoft Update Service Location
D. Reschedule Automatic Updates Scheduled Installations

4. Assume that you are giving a service and you want to measure its quality. The best way to do
this is
A. Asses the time it takes to deliver the service
B. Implement periodic self assessment to be completed by staff only
C. To give out survey at the end of each interaction with customers to measure their
satisfaction
D. Wait until you receive a complaint from customers

5. A user can login to his computer but cannot access network resources. The user has all the
appropriate group memberships and permissions, but he still cannot access shared resources.
The cause of this problem

A. User has attempted to access a shared folder without appropriate permissions.

B. User has entered the wrong password.
C. User has logged on to the domain instead of the local computer.
D. User has logged on to the local computer instead of the domain.
6. Your organization consists of four physical locations connected by a wide-area network
(WAN). Each site has its own independent Internet connection. If the primary concern about
installing Windows Server Update Services (WSUS), the best way to configure the WSUS
servers without affecting WAN link.
A. All clients download updates from a single WSUS server at the head office.
B. Each location has an independent WSUS server that serves local clients.
C. Each remote location has replica WSUS servers that copy their configuration from
the head office WSUS server.
D. Each remote location has a disconnected WSUS server and updates are imported on
those servers from DVD.
7. Your company has a main office and a branch office. You deploy a read-only domain
controller (RODC) that runs Microsoft Windows Server 2008 to the branch office. You need
to ensure that users at the branch office are able to log on to the domain by using the RODC.
What should you do?
A. Add another RODC to the branch office.
B. Configure a new bridgehead server in the main office.
C. Configure the Password Replication Policy on the RODC.
D. Decrease the replication interval for all connection objects by using the Active
Directory Sites and Services console.

8. A technician receives an urgent call that the switch in Accounting Department is down.
Which of the following should the technician do FIRST to troubleshoot this issue?

A. Identify symptoms and problems

B. Document the process and solutions
C. Establish the most probable cause
D. Escalate if necessary

9. A common method used to prevent the unauthorized network devices from sending traffic
across a network is port.

A. Spanning
B. Address translation
C. Mirroring
D. Authentication

10. The type of license key allows you to host an activation service locally within your own
network.
 A. Multiple Activation Key
B. Key Management System
C. Key Activation System
D. Multiple Management System

11. A new project requires that users in your domain and in the domain of a partner Organization
have access to a shared folder on your file server. Which type of group should you create to
manage the access to the shared folder?

A. Domain local security group

B. Universal security group
C. Global security group
D. Domain local distribution group

12. You are giving training about computer and network maintenance for a maintenance team.
As a trainer, the first step in the maintenance process you recommend.

A. Gather data from the computer

B. Verify the obvious issues
C. Evaluate the problem and implement the solution
D. Gather data from the customer

13. You are going to build Internet infrastructure with 31 subnets and 7 usable host addresses per
each subnet. The class C subnet mask for this case.

A. 255.255.255.240
B. 255.255.255.244
C. 255.255.255.250
D. 255.255.255.242

14. The reason that end users need to be aware of the security policy.

A. Some security decisions are usually in their hands

B. They should understand the probability of every risk
C. They need to be aware of every threat
D. They should avoid responsibility for their actions
15. You are a network administrator at XYZ Company, and one of your tasks is designing the
company security policy. The element NOT to be specified in an enterprise security policy.

A. Risks and how to manage the risks

B. User roles and responsibilities
C. Software versions of the security products
D. Contingency plan in case of compromise

16. The first step in establishing a disaster recovery plan (DRP).

A. Demonstrate adherence to a standard disaster recovery process

B. Agree on the goals and objectives of the plan
C. Identify applications to be run during a disaster
D. Identify the causes of the disaster.

17. Firewall function.

A. Allowing only packets that pass security restriction to be forwarded

B. Rejecting all packets regardless of security restriction
C. Forwarding all packets that is forwarded
D. Allowing all packets that is forwarded

18. A security implementation principle that recommends division of responsibilities so as to

NOT allow one person to commit an undetected fraud.

A. Separation of duties
B. Collusion
C. Least privilege
D. Delegation of power

19. While you are configuring new wireless clients, none of the new clients is able to connect to
the network, but clients already on the same access point do not have any connectivity
problem. Which is NOT the possible reason for this problem?

A. A poor signal due to interference

B. A bad access point
 C. An incorrect IP address
D. An incorrect same service set identifier (SSID)

20. You a network administer for ABC Company. You are verifying the configuration of a newly
installed host by establishing an FTP connection to the remote server. The highest layer of
the protocol stack you are using for this operation.

A. Application
B. Presentation
C. Session
D. Transport

21. You have a domain controller that runs Windows Server 2008 and is configured as a DNS
Server. You need to record all Inbound DNS queries to the Server. What should you
configure in the DNS Manager console?

A. Enable automatic testing for simple queries

B. Enable automatic testing for recursive queries
C. Enable debug logging
D. Configure event logging to log errors and warning

SECTION B – MATCHING TYPE QUESTIONS

Column A Column B

_m___ 1. The degree of excellence of something A. Strategy

B. Local Policies
__C__ 2. Specify the users permitted to be members of specific C. Restricted Group
groups. D. System Services
E. Protocol
__H___3. Server used to allocate IP addresses to large number of PCs
F. Rules and
in a network environment.
Regulations
___E__4. An original draft or record of documents. G. WINS Server
H. DHCP Server
___Q_ 5. Server that provides access connectivity for mobile user I. File system
through the Internet. Permission
J. Event Log Policies
__K__ 6. A series of actions conducted in a certain manner. K. Procedure
__B__ 7. Configure audit policies, user rights assignments, and L. DNS Server
security options policies.
__I__ 8. Specify access control permissions for NTFS files and M. Quality
folders N. Policy
O. RAS Server
_O___9. Server that provides access connectivity for mobile user P. Account Policies
through telephone line. Q. VPN Server
R. POP Server
__A__10. A plan of action designed to achieve a long term aim.
__P__11. Specify password restrictions, account lockout policies, and
Kerberos policies.
__L__12. Server used to resolve names to IP address and IP addresses
to names.
_N___ 13. A principle to guide decision and achieve rational
outcomes.
__D__ 14. Specify the startup types and permissions for system
services.
__R__15. Server used for mail receiving purpose in the network.