On your Windows 2003 system, you want to control inbound access to various ports. What feature
of Windows 2003 will allow you to do this?

You wish to install a new Windows 2003 Server in your network, and are deciding which of the
server roles will best suit your environment. From the following answers, select the option that is
not a Windows 2003 Server Role.

You are running a computer that boots to multiple operating systems on multiple partitions and
wish to use Windows 2003 data encryption to protect your files. Which of the following options will
Windows 2003’s EFS perform?

Logging is critical when you want to determine whether or not your server is being attacked. You
must enable logging on your Web servers. To help prevent malicious users from deleting files to
cover their tracks, you should make sure the ACLs on the IIS-generated log files
(%systemroot%\system32\LogFiles) are set to Administrators (Full Control) and System (Full
Control). The ACL for the Everyone group should not be greater than which of the following?

One of your assistants has configured a Windows 2003 Server to use EFS. This server is only
accessed from internal network clients over a 100BaseT infrastructure. You tell your assistant that
the security offered by EFS in this situation will not increase the security of the data transferred.

Why is your statement correct?

You have recently hired an assistant to help you with managing the security of your network. You
are currently running an all Windows environment, and are describing NTFS permission issues.
You are using some demonstration files to help with your discussion. You have two NTFS
partitions, C:\ and D:\ There is a test file, C:\DIR1\test.txt that is currently set so that only
Administrators have Full Control. If you move this file to the C:\DIR2 folder, what will the
permissions be for this file?

You have just become the senior security professional in your office. After you have taken a
complete inventory of the network and resources, you begin to work on planning for a successful
security implementation in the network. You are aware of the many tools provided for securing
Windows 2003 machines in your network. What is the function of The Security Configuration and
Analysis snap-in?

Windows 2003 Server can utilize many different forms of authentication, from standard passwords
to Smart Cards. What are the advantages of using NTLM Authentication over LM Authentication in
Windows?

In Windows 2003, there are four methods of implementing IPSec. They are:
1 – Require Security
2 – Request Security
3 – Respond Only
4 – No IPSec Policy
Your network hosts many servers, and different security policies are in place in different locations
in the network. The Clients and Servers in your network are configured as follows:
-You have servers numbered 1-9, which have a policy stating they require no network traffic
security.
-You have servers numbered 10-19, which have a policy stating they are not required to be
secure, but will encrypt network traffic if the client is able to receive it.
-You have servers numbered 20-29, which have a policy stating they are required to be secure
and all network traffic they deliver must be secured.
-You have clients numbered 60-79 that are required to access secure servers 20-29.
-You have clients numbered 80-99 that are not required to access secure servers 20-29, but are
required to access servers 1-9 and 10-19.
Based on the Client and Server configuration provided above, which of the following computers
must implement IPSec method 3?

You are the main person responsible for the security of a mid-sized company. To have control
over all the aspects of the security of the network, you study and analyze each component
thoroughly. Your network is running all Windows 2003 servers, and you are studying the logon
process. You know there are many components of the process, and are now at the point where
you are analyzing the Security Accounts Manager (SAM). What is the SAM?