Professional Documents
Culture Documents
IT Pro Edition
MI C ROS OF T T E C HNOL OGY AS S OC I AT E
Preparing for MTA Certication
EXAM 98-365 Windows Server Administration Fundamentals
EXAM 98-366 Networking Fundamentals
EXAM 98-367 Security Fundamentals
EXAM 98-349 Windows Operating System Fundamentals
M
T
A
S
t
u
d
e
n
t
S
t
u
d
y
G
u
i
d
e
I
T
P
R
O
E
D
I
T
I
O
N
MTA EXAMS
MICROSOFT TECHNOLOGY ASSOCIATE (MTA)
STUDENT STUDY GUIDE FOR IT PROS
Preparing for MTA Certication
MICROSOFT TECCHNOLOGY SSOCIATE ((MMT
STUDENT STUDY GUIDE F
Preparing ffoor MTA Certtiicaation
A
n
AASSOCIATE
FOR IT PROS
CCeerrttiiccaa
ECHNOLOGY ASSOCIATE (MTA
UDY GUIDE FOR IT PROS
for MTA Certication
A)
98-365 Windows Server Administration
Fundamentals
98-366 Networking Fundamentals
98-367 Security Fundamentals
98-349 Windows Operating System
Fundamentals
Michael Teske (Windows Operating System). Michael has been
teaching in the Network Specialist Program for 10 years at Northeast
Wisconsin Technical College and has been involved as an engineer for
15 years. He has a passion for both teaching and technology and loves
helping people nd happiness in a career. Mike believes that learning
technology should be fun, but he also recognizes that the networking
eld continually changes and can challenge even the brightest students.
Mike also works as an independent consultant for several small
businesses in northeast Wisconsin and enjoys bringing that real-world
experience in to the classroom on a daily basis. Mike has become known
as the Microsoft Guy on campus. His goal is to continue to teach
network technology with the same enthusiasm and passion for many
years to come and to help his students nd the same joy and passion
that he has found in an amazing industry.
Jeffrey Sonnleitner (Windows Operating System). Jeff is a lead Instructor
in the Information Technologies department at Moraine Park Technical
College (MPTC) in Fond du Lac, Wisconsin. Jeff teaches the Network
Specialist degree program and the Advanced Technical Certicate in
Information Security. Jeff is also certied to teach classes in international
business. He is beginning his 10th year at MPTC, and enjoys teaching
courses in networking, Microsoft servers, and information security. Jeffs
goal is to help students succeed and enjoy their college experience in a
future-focused learning environment. He was instrumental in developing
MPTCs student exchange with technical colleges in Darmstadt, Germany,
and he has led the colleges student exchange programs for over six
years. As an advisor to MPTCs student IT Club, he initiated annual tours
to Silicon Valley. Prior to joining the faculty at MPTC, Jeff spent 14 years
as an independent consultant, specializing in medical and dental ofce
computer systems and software.
Tim McMichael (.NET Development). Tim has been a high school
computer science teacher for the past 11 years. He currently teaches
Advanced Placement computer science, .NET programming, and
computer game programming at Raymond S. Kellis High School in
Glendale, Arizona. Prior to teaching, Tim worked for several years as
a database application developer. Tim is the author of the Software and
Windows Development Exam Review Kits in the Developer Exam Review
Kit series.
Tom Indelicato (.NET Development). Tom teaches computer science at
Bishop Guertin High School in Nashua, New Hampshire for 11 years,
including courses on Microsoft Ofce applications, Microsoft Visual Basic
programming, AP computer science, and, most recently, autonomous
robotics programming. Outside the classroom, he runs the schools FIRST
Robotics team. Prior to teaching, Tom was a software engineer for
17 years.
Patricia Phillips (Authoring Manager). Patricia taught computer science
for 20 years in Janesville, Wisconsin. She served on the Microsoft
National K-12 Faculty Advisory Board and edited the Microsoft
MainFunction website for technology teachers for two years. For the
past ve years, she has worked with Microsoft in a variety of roles
related to K-12 curriculum development and pilot programs, such as the
MTA Exam Review Kits and Student Study Guides, Expression Studio web
design, and XNA game development. In her role as an author and editor,
Patricia has written several articles and a student workbook on topics
including computer science, web design, and computational thinking.
She is currently the editor of the Computer Science Teachers Association
newsletter, the Voice.
Authors
This content is only for use by or provision to students for their personal use.
Some examples depicted herein are provided for illustration only and are ctitious. No real association or connection is intended or should
be inferred.
Microsoft and other trademarks listed at http://www.microsoft.com/about/legal/en/us/IntellectualProperty/Trademarks/EN-US
.aspx are trademarks of the Microsoft group of companies. All other marks are property of their respective owners.
2010 Microsoft Corporation. All Rights Reserved. This content is provided as-is and Microsoft makes no warranties, express or implied.
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ixi
Career Planning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x
Exploring Job Roles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiii
Value of Certication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiv
98-365 WINDOWS SERVER ADMINISTRATION FUNDAMENTALS
CHAPTER 1 Understanding Server Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1/1/2 Understand device drivers; Understand services . . . . . . . . . . . . . . 5
1.3 Understand server installation options . . . . . . . . . . . . . . . . . . . . . . . . . . 7
CHAPTER 2 Understanding Server Roles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
2.1 Identify application servers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
2.2 Understand Web services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2.3 Understand remote access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
2.4 Understand le and print services . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
2.5 Understand server virtualization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
98-365 WINDOWS SERVER ADMINISTRATION FUNDAMENTALS
CHAPTER 1
CHAPTER 2
Contents
CHAPTER 3 Understanding Active Directory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
3.1 Understand accounts and groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
3.2 Understand organizational units (OUs) and containers . . . . . . . . . . 25
3.3 Understand Active Directory infrastructure . . . . . . . . . . . . . . . . . . . . 27
3.4 Understand group policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
CHAPTER 4 Understanding Storage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
4.1/4.2 Identify storage technologies; Understand RAID . . . . . . . . . . . . . 33
4.3 Understand disk types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
CHAPTER 5 Understanding Server Performance Management . . . . . . . . . . . . . . 37
5.1 Identify major server hardware components. . . . . . . . . . . . . . . . . . . . 39
5.2 Understand performance monitoring . . . . . . . . . . . . . . . . . . . . . . . . . 41
5.3 Understand logs and alerts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
CHAPTER 6 Understanding Server Maintenance . . . . . . . . . . . . . . . . . . . . . . . . . . 45
6.1 Identify steps in the startup process . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
6.2 Understand business continuity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
6.3 Understand updates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
6.4 Understand troubleshooting methodology . . . . . . . . . . . . . . . . . . . . . 53
98-366 NETWORKING FUNDAMENTALS
CHAPTER 1 Understanding Networking Infrastructures . . . . . . . . . . . . . . . . . . . . 57
1.1 Understand the concepts of the internet, intranet, and extranet . . . 59
CHAPTER 3
CHAPTER 4
CHAPTER 5
CHAPTER 6
CHAPTER 1
98-366 NETWORKING FUNDAMENTALS
iv Contents
1.2A Understand local area networks (LANs) . . . . . . . . . . . . . . . . . . . . . . 61
1.2B Understand local area networks (LANs) . . . . . . . . . . . . . . . . . . . . . . . 63
1.3A Understand wide area networks (WANs) . . . . . . . . . . . . . . . . . . . . . . 65
1.3B Understand wide area networks (WANs) . . . . . . . . . . . . . . . . . . . . . . 67
1.4 Understand wireless networking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
1.5 Understand network topologies and access methods . . . . . . . . . . . . . 71
CHAPTER 2 Understanding Network Hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
2.1A Understand switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
2.1B Understand switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
2.2 Understand routers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
2.3A Understand media types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
2.3B Understand media types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
CHAPTER 3 Understanding Protocols and Services . . . . . . . . . . . . . . . . . . . . . . . . 85
3.1A Understand the OSI model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
3.1B Understand the OSI model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
3.2 Understand IPv4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
3.3A Understand IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
3.3B Understand IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
3.4 Understand names resolution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
3.5 Understand networking services . . . . . . . . . . . . . . . . . . . . . . . . . . 99
3.6 Understand TCP/IP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
CHAPTER 3
Contents v
98-367 SECURITY FUNDAMENTALS
CHAPTER 1 Understanding Security Layers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105
1.1 Understand core security principles . . . . . . . . . . . . . . . . . . . . . . . . . 107
1.2 Understand physical security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109
1.3 Understand Internet security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111
1.4 Understand wireless security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113
CHAPTER 2 Understanding Operating System Security . . . . . . . . . . . . . . . . . . . 115
2.1A Understand user authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117
2.1B Understand user authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119
2.2 Understand permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121
2.3 Understand password policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123
2.4 Understand audit policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125
2.5A Understand encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127
2.5B Understand encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129
2.6 Understand malware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
CHAPTER 3 Understanding Network Security . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
3.1 Understand dedicated rewalls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135
3.2 Understand Network Access Protection (NAP) . . . . . . . . . . . . . . . . 137
3.3A Understand Network Isolation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139
3.3B Understand Network Isolation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
3.4 Understand protocol security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143
CHAPTER 2
CHAPTER 1
CHAPTER 3
vi Contents
CHAPTER 4 Understanding Security Software . . . . . . . . . . . . . . . . . . . . . . . . . . . 145
4.1 Understand client protection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147
4.2 Understand email protection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149
4.3 Understand server protection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151
98-349 WINDOWS OPERATING SYSTEM FUNDAMENTALS
CHAPTER 1 Understanding Operating System Congurations . . . . . . . . . . . . . . 155
1.1/1.2 Congure Control Panel options; Congure desktop settings 157
1.3 Understand native applications and tools . . . . . . . . . . . . . . . . . . . . . 159
1.4/1.5 Understand mobility; Understand remote management and
assistance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161
CHAPTER 2 Installing and Upgrading Client Systems . . . . . . . . . . . . . . . . . . . . . 163
2.1/2.2 Identify Windows operating system editions; Identify
upgrade paths . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165
2.3 Understand installation types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167
2.4 Understand virtualized clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169
CHAPTER 3 Managing Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171
3.1 Understand application installations . . . . . . . . . . . . . . . . . . . . . . . . . . 173
3.2 Understand user account control (UAC) . . . . . . . . . . . . . . . . . . . . . . . 175
3.3 Remove malicious software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177
3.4 Understand services. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179
3.5 Understand application virtualization . . . . . . . . . . . . . . . . . . . . . . . . . 181
CHAPTER 4
98-349 WINDOWS OPERATING SYSTEM FUNDAMENTALS
CHAPTER 1
CHAPTER 2
CHAPTER 3
Contents vii
viii Contents
CHAPTER 4 Managing Files and Folders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183
4.1 Understand le systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185
4.2 Understand le and print sharing . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187
4.3 Understand encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189
4.4 Understand libraries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191
CHAPTER 5 Managing Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193
5.1/5.2 Connect devices; Understand storage . . . . . . . . . . . . . . . . . . . . . 195
5.3 Understand printing devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197
5.4 Understand system devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199
CHAPTER 6 Understanding Operating System Maintenance . . . . . . . . . . . . . . . 201
6.1 Understand backup and recovery methods . . . . . . . . . . . . . . . . . . . 203
6.2/6.3 Understand maintenance tools; Understand updates . . . . . . . . 205
CHAPTER 4
CHAPTER 5
CHAPTER 6
Introducti on ix
M
TA validates building-block technology concepts
and helps students explore, discover and
pursue successful careers in Information Technology
(IT) in an exciting and rewarding way! As the rst step
in the Microsoft Technology Certication Series, this
new, entry-level certication provides students with
condence, credibility, and differentiation.
Explore IT career options without committing
a lot of time and resources MTA exams validate
the core technology knowledge that is in demand
today by businesses around the world. Whether you
want to explore becoming a network administrator,
software engineer, web developer, or database
analyst, MTA gets you started on the right path.
Prepare to compete A little investment in IT can
go a long way in todays job market. Becoming MTA
certied helps you build a solid foundation to prepare
for intermediate technology studies and for Microsoft
Certied Technology Specialist (MCTS) certications.
It can also help you compete on college admissions
and jumpstart your IT career planning!
Empower yourself As the rst step toward
becoming an MCTS, MTA shows your commitment to
technology while connecting you with a community
of more than ve million Microsoft Certied
Professionals. Learn from them and show them what
you know by becoming MTA certied!
This MTA Student Study Guide serves as a study tool
to help students prepare for their MTA certication
exam. Students are challenged with real-life situations
for each of the major topics covered in the exam.
Although successful completion of the study guide
exercises does not guarantee that you will pass your
MTA exam, it is an excellent way to gauge your
readiness to take the exam and build condence
that you know your stuff on exam day.
I wish you all the best as you prepare for a successful
career in technology!
Victoria Pohto
Victoria Pohto
MTA Product Marketing Manager
Introduction
x Career Planning
Career Planning
M
ost IT solutions or infrastructure built on
Microsoft technologies require prociency
with one or all of the following products, often
referred to as The Microsoft Stack.
Microsoft Windows
Server
, and you
have an in-depth understanding of network
protocols, and le and directory security.
Computer Support Technician
Consider starting your IT career by becoming
a consumer support technician. You dont
need any formal work experience, but a
company might require that you know how to
install, administer, and troubleshoot operating
systems in a home network environment that has
desktop computers, laptops, and printers. As a
consumer support technician, youll also handle
network, virus, malicious software, and hardware
support issues. Youll typically nd this position in
small to medium-sized organizations.
Expl oring Job Rol es xiii
Exploring Job Roles
Web Developer
As a web developer, you are an expert in
using the dynamic programming tools and
languages that fuel the web. You might work
independently or be part of a team that builds
and integrates interactive web sites, applications, and
services for both internal and public sites. Your role is
to make it work, which means developing web
applications and testing them on various browsers,
enhancing and modifying them as necessary to
ensure the best experience for the user. As a web
developer, you might also architect websites, design
data-driven applications, and nd efcient client-
server solutions. You must have an in-depth under-
standing of the software development life cycle and
be able to communicate project status, issues, and
resolutions.
Windows Developer
As a Windows client developer, knowing how
to optimize Windows code and track bugs is a
given. But you also know how to use Microsoft
Visual Studio
Server
Ofce 2010 as their mainline ofce production suite. Her company also wants a collaboration
server for their intranet. The collaboration server should support dynamic updating from the employees
of Contoso, Ltd. Company ofcers would like to have the intranet monitored and protected with a threat
management solution.
1. What would be Caris best solution for their messaging system?
a. use a third party email provider and a custom developed calendaring program
b. include Microsoft Exchange Server 2010
c. not recommend any solution because of the potential loss of production with an email messaging
system
2. What can meet the needs of the Contoso. Ltd. Intranet collaboration server?
a. implement SharePoint
Portal Server 2010 which uses Microsoft SQL as an option to support dynamic
updating
b. solicit bids from various web development firms to meet their intranet needs
c. create a Microsoft Word document and send a link to it throughout the company
and call it their messaging board
3. What would be the best fit to meet the companys needs so that they can manage
their employees internet access through Active Directory?
a. have all employees sign an internet usage contract and document the sites they
visit and promise not to install any malicious software onto their systems
b. recommend Microsofts Threat Management Gateway, which provides integration with
Microsoft Forefront
Internet Explorer
click Tools and then click Internet Options to set your security settings.
Mobile phones can be used to connect to a companys servers.
FAST TRACK HELP
http://msdn.microsoft.com/en-us/library/aa503420.aspx
http://support.microsoft.com/kb/174360
http://msdn.microsoft.com/en-us/library/ms953581.aspx
FAST TRACK HELP
_______ /3
Understand l ocal area net works (LANs) 61
OBJECTIVE UNDERSTANDI NG NETWORKI NG I NFRASTRUCTURES 1. 2A
Understand local area networks (LANs)
SCENARIO: Kim is studying to become an animator at the Graphic Design Institute. Michael, Kims friend from
class, asks Kim to study with him after class in the schools computer lab.
When Kim arrives in the lab she sees that Michael has already started his laptop and is connected to the schools
network. Kim starts her laptop and attempts to connect to the schools network when she realizes that she forgot
her wireless card. Kim tells Michael that shell have to run home and get her wireless card. Michael tells her that
she does not need to have her wireless card because she can connect directly to the network.
Kim asks Michael to show her how and he pulls out a cable and starts connecting it to her laptops internal, wired
NIC and explaining the steps.
1. What type of network is Kim trying to connect to?
a. WAN
b. LAN
c. PAN
2. To verify that Kims NIC (network interface card) works, Michael pings 127.0.0.1,
which is known as the:
a. loopback address
b. dynamic address
c. static address
3. A NIC is to a LAN as:
a. lyrics are to a song
b. a key is to a door
c. a movie is to a TV
When
troubleshooting
network connections,
use ping and ipcong.
62 CHAPTER 1: Understanding Net working Infrastructures
Answers
1. Kim is trying to connect to the schools:
b. LAN. A LAN is a Local Area Network.
2. To test Kims NIC Michael pings the:
a. loopback address. The loopback address is 127.0.0.1 and a successful ping verifies that the NIC works.
3. A NIC is to a LAN as:
b. a key is to a door. A key provides access through a door just as a computer is required to have a NIC to
access a LAN.
Essential details
LANs connect local computers together in a small geographical area.
Perimeter networks provide an extra layer of security for a companys internal network.
Computers connect to a LAN through a NIC (network interface card).
The loopback address is a reserved, static address of 127.0.0.1.
In Microsoft Windows
Windows Server
2008 R2 le servers and has determined that folder and share security needs to be revised based on
corporate reorganization. Shawn must present his plan to management and give directions to his team members to
complete the project.
1. Shawn has noticed that some shares on the file system are not secured. What is the default
permission setting when a share is created?
a. everyone with Read permission
b. administrators with the Full Control permission
c. everybody with the Full Control permission
2. Why should Shawn enforce User Account Control (UAC) across the domain?
a. so that he can control the user accounts
b. to help prevent unauthorized changes to computers on the domain
c. to allow the users to authenticate with the administrator password to perform
an administrative task
3. What feature (also available with Active Directory objects) will make Shawns job
easier when reassigning permissions by not having to assign permissions
to every parent and child folder?
a. batch files
b. inheritance
c. staff people
Inheritance allows
the propagation for
rights or permissions
from a parent object
to a child object. This
feature can be blocked
or removed.
122 CHAPTER 2: Understandi ng Operati ng System Securi t y
Answers
1. When a share is created, the default permission is:
a. everyone with Read permission
2. Shawn should enforce User Account Control (UAC) across the domain because:
b. it will help prevent unauthorized changes to computers on the domain
3. Shawns job can be made easier when reassigning permissions by using:
b. inheritance
Essential details
Permissions include Full control, Modify, Read & Execute, List folder Contents, Read, and Write and can be
applied to both folder and file objects. Permissions can also be applied to Active Directory objects.
Inheritance is the concept of permissions that are propagated to an object from a parent object.
Inheritance is found in both file system permissions and Active Directory permissions. It does
not apply to share permissions.
New Technology File System (NTFS), FAT, and FAT32. The primary difference between NTFS and FAT file
systems is the ability apply security to the file system. You can grant or deny various permissions
on NTFS. NTFS also supports the ability to encrypt data.
Share and NTFS permissions are applied based on how the resource is accessed.
Share permissions are effective when the resource is being accessed through the
network whereas NTFS permissions are effective all the time. When share and
NTFS permissions are applying to the same resource, the most restrictive
permission wins.
FAST TRACK HELP
http://technet.microsoft.com/en-us/library/cc730772.aspx
http://technet.microsoft.com/en-us/library/cc771375.aspx
http://technet.microsoft.com/en-us/library/cc770906(WS.10).aspx
FAST TRACK HELP
_______ /3
Understand password poli ci es 123
OBJECTIVE UNDERSTANDI NG OPERATI NG SYSTEM SECURI TY 2. 3
Understand password policies
SCENARIO: Jay Hamlin has been given the unenviable task of enforcing stronger password policies for
Wingtip Toys. He understands the need for complex passwords of a minimum length, but is having a difcult
time making the staff understand how the security of the entire Wingtip Toys organization can depend upon
these couple requirements along with a few more that he plans to put into place. He must also determine how
many times a user can attempt to log in before his or her account is locked out, how often users must change
passwords, and how often users can reuse a favorite password.
His plan for a Password Complexity Policy includes the following criteria for passwords:
Cannot contain the users login name
Must be at least 6 characters or greater
Must contain three of the following four characters: upper case, lower case, number, and special character
1. What dilemma is Jay facing if he makes his password requirements too difficult?
a. a complex password can be hard to guess and difficult to remember
b. Jay will no longer have friends at work
c. users will not use the passwords
2. What does the policy of maximum password age mean?
a. determines how old the user must be to create a password
b. refers to the duration before a password has to be changed
c. refers to how old the password must be before the user is allowed to change it
3. What happens when you set the value of Enforce Password History to 10?
a. the user has 10 attempts to validate his or her password
b. the password must be used for at least 10 days before it can be changed
c. the system remembers the last 10 passwords and will not allow the user to reuse
any of the previous 10
Password history
prevents users from
reusing their passwords.
124 CHAPTER 2: Understandi ng Operati ng System Securi t y
Answers
1. The dilemma Jay faces with difficult password requirements is that:
a. a complex password can be hard to guess and difficult to remember
2. Maximum password age:
b. refers to the duration before a password has to be changed
3. When you set the value of Enforce Password History to 10:
c. the system remembers the last 10 passwords and will not allow the user to reuse any
of the previous 10
E ssential details
Account lockout is a security feature in Windows that locks a user account if a number of failed logon
attempts occur within a specified amount of time, based on security policy lockout settings.
A password attack is an attack on a computer or network in which a password is stolen and decrypted or is
revealed by a password dictionary program.
Password sniffing is a technique employed by hackers to capture passwords by intercepting data packets
and searching them for passwords.
Microsoft Windows Server 2008 allows for fine-grained password policies, which allows
for more flexible password policy assignment throughout an organization within
Active Directory
.
FAST TRACK HELP
http://technet.microsoft.com/en-us/library/cc784090(WS.10).aspx
http://technet.microsoft.com/en-us/library/cc875814.asp
FAST TRACK HELP
_______ /3
Understand audi t poli ci es 125
OBJECTIVE UNDERSTANDI NG OPERATI NG SYSTEM SECURI TY 2. 4
Understand audit policies
SCENARIO: The network for Margies Travel must be very secure. The les contain customer information including
credit card numbers, birthdates, and addresses, as well as photocopies of passports. Identity theft would be a real
possibility if the system was hacked into. Obviously, this is not an acceptable risk for Margies Travel.
Arlene Huff is the systems administrator for Margies Travel. The company has asked her to track who attempts to
log into the system and at what times of the day the attempts occur. They also have asked her to create a system
to track when condential les are opened and by whom. Arlene gladly took on this task and did not raise a huff.
1. Arlene wants to log when someone fails to log into the system as administrator, but why would she
want to log when they are successful also?
a. to determine if and when someone is authenticating successfully with elevated privileges
b. to make sure they are getting in without any problems
c. to monitor drive space on the computer
2. Where are file audit events written when auditing is enabled?
a. audit event log
b. pfirewall.log
c. security event log
3. Why is it important to properly secure audit logs?
a. so that potential hackers cannot delete the event logs to cover their tracks
b. its not important, no one looks at audit logs
c. so only authorized personnel can view the log files
Skilled computer
hackers will modify
the audit logs when
they are nished obtaining
information so that it
will appear as though they
were never there.
126 CHAPTER 2: Understandi ng Operati ng System Securi t y
Answers
1. Arlene wants to log when someone successfully logs into the system as well as when they fail:
a. to determine if and when someone is authenticating successfully with elevated privileges.
If someone failed four times and was then successful the fifth time it could indicate hacker activity.
2. Enabled file auditing events are written in the:
c. security event log
3. It important to properly secure audit logs
a. so that potential hackers cannot delete the event logs to cover their tracks
Essential details
Auditing is the process an operating system uses to detect and record security-related events, such as an
attempt to create, access, or delete objects such as files and directories.
An audit policy is a policy that determines the security events to be reported to the network administrator.
The security log, which can be generated by a firewall or other security device, lists events that could affect
security, such as access attempts or commands, and the names of the users involved.
FAST TRACK HELP
http://technet.microsoft.com/en-us/library/dd408940(WS.10).aspx
http://technet.microsoft.com/en-us/library/dd349800(WS.10).aspx
FAST TRACK HELP
_______ /3
Understand encr ypti on 127
OBJECTIVE UNDERSTANDI NG OPERATI NG SYSTEM SECURI TY 2. 5A
Understand encryption
SCENARIO: Adventure Works has recently expanded its mobile sales force. The management team has recently
come to recognize the unique security considerations associated with hundreds of laptop computers
simultaneously located in hundreds of unsecure locations.
David Johnson is the network administrator in charge of the Adventure Works mobile sales force. He has recently
come under re from the management team regarding the sensitive data that could potentially fall into the
competitions hands if any of the laptop computers were to be stolen or misplaced. They must have a solution
that can ensure the condentiality of data on the mobile stations that are all running Windows
7 Enterprise
and they need it soon!
1. What can David enable to make sure their data is safe?
a. Encrypting File System (EFS)
b. password protected screen saver
c. BitLocker
2. What must be configured to ensure that the Bitlocker
Forefront