- Home
- Server Administration
- Windows
- Installing and Configuring Windows server 2012 (70-410)
86.
Which of the following is not one of the software restriction rule types supported by
Windows Server 2012 R2?
- A.Hash rules
- B.Certificate rules
- C.Path rules
- D.Firewall rules
- Answer & Explanation
- Report
Answer : [D]
Explanation :
Explanation :
|
A. Incorrect: Hash rules is one of the software restriction rule types. B. Incorrect: Certificate rules is one of the software restriction rule types. C. Incorrect: Path rules is one of the software restriction rule types. D. Correct: Firewall rules is not one of the software restriction rule types. |
87.
Which of the following strategies for enforcing software restrictions will prevent any
executable from running except for those that have been specifically allowed by an
administrator?
- A.Basic user
- B.Disallowed
- C.Power user
- D.Unrestricted
- Answer & Explanation
- Report
Answer : [B]
Explanation :
Explanation :
|
A. Incorrect: The Basic User strategy prevents any application from running that
requires administrative rights, but enables programs to run that only require
resources that are accessible by normal users. B. Correct: The Disallowed strategy prevents all applications from running except those that are specifically allowed. C. Incorrect: There is no Power User strategy for enforcing software restrictions. D. Incorrect: The Unrestricted strategy enables all applications to run except those that are specifically excluded. |
88.
Under which of the following conditions will a hash rule in a software restriction policy
cease to function? (Choose all that apply.)
- A.When you move the file on which the hash is based to a different folder
- B.When you update the file on which the hash is based to a new version
- C.When the file on which the hash is based is modified by a virus
- D.When you change the permissions for the file on which the hash is based
- Answer & Explanation
- Report
Answer : [B, C]
Explanation :
Explanation :
| A. Incorrect: The hash is based on the file, not on its location, so moving it does not affect its functionality. B. Correct: Substituting a different version of the file renders the hash unusable. C. Correct: Modifying the file in any way renders the hash unusable. D. Incorrect: Changing the file’s permissions does not modify the file itself, so the hash remains functional. |
89.
Which of the following rule types applies to files with an .msi extension?
- A.Executable rules
- B.Windows Installer rules
- C.Script rules
- D.Packaged app rules
- Answer & Explanation
- Report
Answer : [B]
Explanation :
Explanation :
| A. Incorrect: Executable rules apply to files with .exe and .com extensions. B. Correct: Windows Installer rules apply to Windows Installer packages with .msi and .msp extensions. C. Incorrect: Script rules apply to script files with .ps1, .bat, .cmd, .vbs, and .js extensions. D. Incorrect: Packaged app rules apply to applications purchased through the Windows Store. |
90.
Which of the following services must you manually start before Windows can apply
AppLocker policies?
- A.Application Identity
- B.Application Management
- C.Credential Manager
- D.Network Connectivity Assistant
- Answer & Explanation
- Report
Answer : [A]
Explanation :
Explanation :
| A. Correct: To use AppLocker, Windows Server 2012 R2 requires the Application Identity service to be running. B. Incorrect: The Application Management service is not necessary for Windows to apply AppLocker policies. C. Incorrect: The Credential Manager service is not necessary for Windows to apply AppLocker policies. D. Incorrect: The Network Connectivity Assistant service is not necessary for Windows to apply AppLocker policies. |
|
|
||||||||||||||||||||||||||||
