Correct Answer:

https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-overview https://docs.microsoft.com/en-us/windows/security/information-protection/tpm/trusted-platform-module-overview

Correct Answer: B

NAP enforces health policies by inspecting and assessing the health of client computers, restricting network access when client computers are noncompliant with health policy, and remediating noncompliant client computers to bring them into compliance with health policy before they are granted full network access. NAP enforces health policies on client computers that are attempting to connect to a network; NAP also provides ongoing health compliance enforcement while a client computer is connected to a network. Reference: http://technet.microsoft.com/en-us/library/cc754378(v=ws.10).aspx

Correct Answer: C

Correct Answer: C

Correct Answer: C

Reference: http://en.wikipedia.org/wiki/Network_address_translation

Correct Answer: C

Reference: http://www.microsoft.com/mscorp/safety/technologies/senderid/technology.mspx

Correct Answer: D

Correct Answer: A

To minimize the amount of spam that is hitting the Microsoft Exchange server, it is required to enable reverse DNS lookup on the SMTP virtual server. It forces a system to crosscheck the domain name with a PTR record (IP address

associated with the domain name) and if the IP address is not matched the record associated with that domain name, it will not delivered.

Answer: C is incorrect. SPF is used to permit the administrator to configure the server to establish who is acceptable to send email from their domain. Answer: D is incorrect. User Account Control (UAC) is a technology and security

infrastructure introduced with Microsoft's Windows Vista and Windows Server 2008 operating systems, with a more relaxed version also present in Windows 7 and Windows Server 2008 R2. It aims to improve the security of Microsoft

Windows by limiting application software to standard user privileges until an administrator authorizes an increase or elevation.

Answer: B is incorrect. Read-only Domain Controller (RODC) is a domain controller that hosts the read-only partition of the Active Directory database. RODC was developed by Microsoft typically to be deployed in a branch office environment.

RODC is a good option to enhance security by placing it in a location where physical security is poor. RODC can also be placed at locations having relatively few users and a poor network bandwidth to the main site. As only the read-only

partition of the Active Directory database is hosted by RODC, a little local IT knowledge is required to maintain it.

Correct Answer: A

Social engineering can be defined as any type of behavior used to inadvertently or deliberately aid an attacker in gaining access to an authorized user's password or other sensitive information. Social engineering is the art of convincing people and making them disclose useful information such as account names and passwords. This information is further exploited by hackers to gain access to a user's computer or network. This method involves mental ability of people to trick someone rather than their technical skills. A user should always distrust people who ask him for his account name, password, computer name, IP address, employee ID, or other information that can be misused.

Answer: B is incorrect. The group policies are used to disable the use of floppy drives or USB drives to ensure physical security of desktop computers. Several computers are able to use the mechanism of attaching a locking device to the desktops, but disabling USB and floppy drives can disable a larger set of threats. Answer: D is incorrect. While stressing the Con? dentiality, Integrity, and Availability triangle in the training of users, the process of providing availability is related to security training to ensure the protection against a Distributed Denial of Services attack.

Correct Answer: C