daywalker
18-12-2006, 10:42
انا لقيت اختلاف في سؤال في امتحان 291-70 و مش عارف الحل الصحيح ارجو المساعدة
السؤال في التيست كنج
You are the network administrator for Testking.com. The network consists of a
single Active Directory domain named testking.com. The functional level of the
domain is Windows Server 2003. All client computers run Windows XP
Professional.
An application named TestKing.exe is installed on all computers in the domain to
remotely gather software inventory information. The application runs as a service in
the security context of the Local System. The startup type of the service is set to
Automatic.
In the Default Domain Policy GPO, the security administrator has configured a
software restrictive policy that is applied to all computers in the domain. The policy
contains a hash rule for the TestKing.exe application, and the hash rule is
configured with a security level of Unrestricted.
The client computers on the network are attacked by a worm that is distributed by
e-mail messages received over the Internet. The worm detects the presence of
TestKing.exe on a computer, then starts a new instance of the application in the
security context of the logged-on user. The worm exploits a bug in the application to
cause the computer to fail.
You need to ensure that TestKing.exe cannot be started by the worm, while still
allowing the application to run as a service.
What should you do?
A. In the computer settings section of the Default Domain Policy GPO, configure a
software restriction policy that contains a zone rule for the Internet Zone. Configure the
zone rule with a security level of Disallowed.
B. In the user settings section of the Default Domain Policy GPO, configure a software
restriction policy that contains a zone rule for the Internet zone. Configure the zone rule
with a security level of Disallowed.
C.
Leading the way in IT testing and certification tools, www.testking.com
- 330 -
In the computer settings section of the Default Domain Policy GPO, configure a software
restriction policy that contains a hash rule for the TestKing.exe application. Configure the
zone hash rule with a security level of Disallowed.
D. In the user settings section of the Default Domain Policy GPO, configure a software
restriction policy that contains a hash rule for the TestKing.exe application so that the
hash rule has a security level of Disallowed.
Answer: D
Explanation: A hash is a fixed-size result that is obtained by applying a one-way
mathematical function (sometimes called a hash algorithm) to an arbitrary amount
of data. The hash changes if there is a change in the input data. The hash can be
used in many operations, including authentication and digital signing. Also called a
message digest. We need to prevent unauthorized applications from running. We
should set the default security level to Disallowed. If the software restriction policy
containing the hash rule for that application is set to the disallowed level in the user
settings section of the Default domain Policy GPO, then it will still allow the
application to be run whilst ensuring that the worm cannot start the TestKing.exe.
الجابة في باس فور شور هي C
ما هو الحل الصحيح و شكرا
السؤال في التيست كنج
You are the network administrator for Testking.com. The network consists of a
single Active Directory domain named testking.com. The functional level of the
domain is Windows Server 2003. All client computers run Windows XP
Professional.
An application named TestKing.exe is installed on all computers in the domain to
remotely gather software inventory information. The application runs as a service in
the security context of the Local System. The startup type of the service is set to
Automatic.
In the Default Domain Policy GPO, the security administrator has configured a
software restrictive policy that is applied to all computers in the domain. The policy
contains a hash rule for the TestKing.exe application, and the hash rule is
configured with a security level of Unrestricted.
The client computers on the network are attacked by a worm that is distributed by
e-mail messages received over the Internet. The worm detects the presence of
TestKing.exe on a computer, then starts a new instance of the application in the
security context of the logged-on user. The worm exploits a bug in the application to
cause the computer to fail.
You need to ensure that TestKing.exe cannot be started by the worm, while still
allowing the application to run as a service.
What should you do?
A. In the computer settings section of the Default Domain Policy GPO, configure a
software restriction policy that contains a zone rule for the Internet Zone. Configure the
zone rule with a security level of Disallowed.
B. In the user settings section of the Default Domain Policy GPO, configure a software
restriction policy that contains a zone rule for the Internet zone. Configure the zone rule
with a security level of Disallowed.
C.
Leading the way in IT testing and certification tools, www.testking.com
- 330 -
In the computer settings section of the Default Domain Policy GPO, configure a software
restriction policy that contains a hash rule for the TestKing.exe application. Configure the
zone hash rule with a security level of Disallowed.
D. In the user settings section of the Default Domain Policy GPO, configure a software
restriction policy that contains a hash rule for the TestKing.exe application so that the
hash rule has a security level of Disallowed.
Answer: D
Explanation: A hash is a fixed-size result that is obtained by applying a one-way
mathematical function (sometimes called a hash algorithm) to an arbitrary amount
of data. The hash changes if there is a change in the input data. The hash can be
used in many operations, including authentication and digital signing. Also called a
message digest. We need to prevent unauthorized applications from running. We
should set the default security level to Disallowed. If the software restriction policy
containing the hash rule for that application is set to the disallowed level in the user
settings section of the Default domain Policy GPO, then it will still allow the
application to be run whilst ensuring that the worm cannot start the TestKing.exe.
الجابة في باس فور شور هي C
ما هو الحل الصحيح و شكرا