Fill This Form To Receive Instant Help

Help in Homework
trustpilot ratings
google ratings


Homework answers / question archive / Test Bank, Lesson 15 Configuring Service Authentication Multiple Choice 1) What is the default authentication protocol for non-domain computers? a

Test Bank, Lesson 15 Configuring Service Authentication Multiple Choice 1) What is the default authentication protocol for non-domain computers? a

Business

Test Bank, Lesson 15 Configuring Service Authentication

Multiple Choice

1) What is the default authentication protocol for non-domain computers?

a. NTLM

b. PAP

c. CHAP

d. Kerberos

 

 

2. What does the acronym NTLM stand for?

a. NT Link Messenger

b. NT Link Manager

c. NT LAN Manager

d. NT LAN Messenger

 

 

3. NTLM uses a challenge-response mechanism for authentication without doing what?

a. revealing the client’s operating system to the server

b. revealing the protocol to the server

c. sending a password to the server

d. sending an encrypt/decrypt message to the server

 

4. What type of protocol is Kerberos?

a. a secure network authentication protocol

b. a simple Microsoft-only protocol

c. a uni-directional authentication protocol

d. a certificate-based authentication protocol

 

 

5. Kerberos security and authentication are based on what type of technology?

a. secure transmission

b. secret key

c. challenge-response

d. legacy code

6. What is the default maximum allowable time lapse between domain controllers and client systems for Kerberos to work correctly?

a. 1 minute

b. 5 minutes

c. 15 minutes

d. 45 minutes

 

 

7. Which three components make up a service principal name (SPN)?

a. service name, IP address, and port number

b. service name, URL, and host name

c. service name, host name, and IP address

d. service class, host name, and port number

 

8. What happens if a client submits a service ticket request for an SPN that does not exist in the identity store?

a. An event is written to the Kerberos server’s event log.

b. The client receives an access denied error.

c. The Kerberos server receives an access denied error.

d. The Kerberos ticket for that service is destroyed.

 

9. Which tool can you use to add SPNs to an account?

a. Notepad

b. LDAP

c. Microsoft Word

d. ADSI Edit

 

 

10. What are the two restrictions for adding SPNs to an account?

a. Domain Administrator privileges

b. full control permissions for the folder

c. local administrator privileges

d. the editor runs from the domain controller

 

11. Identify another utility that you can use to add SPNs to an account.

a. dnscmd

b. spnedit

c. setspn

d. netsh

 

 

12. What type of account is an account under which an operating system, process, or service runs?

a. user

b. system

c. service

d. network

 

13. When creating accounts for operating systems, processes, and services, you should always configure them with what two things in mind?

a. using strong passwords

b. using cryptic user names

c. granting the least rights possible

d. using built-in accounts

 

 

14. Name two benefits to using Managed Service Accounts (MSAs).

a. Microsoft technology

b. automatic password management

c. simplified SPN management

d. simplified account troubleshooting

 

15. By default, which service accounts will the Windows PowerShell cmdlets manage?

a. standalone MSAs

b. standard local service accounts

c. group MSAs

d. domain user accounts designated as service accounts

 

16. Which of the following is the format for a virtual account used with Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2?

a. domainname\servicename

b. computername\servicename

c. NT Service\servicename

d. NT Service\servicename$

 

 

Short Answer

 

17. Kerberos is more secure than NTLM but it is also more __________________.

 

 

18. For Kerberos to work properly, which service needs to be accurate and generally synchronized between systems?

 

19. Name the two ways that Kerberos authentication improves overall authentication performance.

 

20. What is meant by the term double-hop authentication?

 

21. How do you make double-hop authentication more secure?

 

 

22. A service or application that is secured by Kerberos must have an identity in the domain. What is an identity?

 

Best Answer

 

23. What is the default authentication protocol for contemporary domain computers?

a. NTLM

b. PAP

c. CHAP

d. Kerberos

 

24. What is the name by which a client uniquely identifies an instance of a service?

a. service instance name

b. service account name

c. service provider name

d. service principal name

25. Before you can create an MSA object type, you must create what?

a. a key services MSA group

b. a key services MSA distributed domain account

c. a key distribution services root key

d. a key distribution services Master MSA

 

 

26. What service right does an MSA account automatically receive upon creation?

a. log on interactively

b. log on as a service

c. domain administrator

d. domain power user

 

 

Build List

 

27. Order the following steps required to use the SPN with a service.

a. Connect to the domain.

b. Expand Default Naming Context in the console tree, expand the domain, and then expand the nodes representing the OUs.

c. Open the ADSI Edit console.

d. Add SPN to the service account.

e. Select the OU where the service account exists.

 

28. Order the following steps required to create a service account.

a. Open the Domain node.

b. Open Active Directory Users and Computers.

c. Open the OU where you want to add the user account.

d. Select Password never expires.

e. Create the new user account.

 

 

29. Order the following steps required to use the MSA with a service.

a. Open the service to show the properties.

b. Select Log On As a Service.

c. Restart the service.

d. Click the Log On tab.

e. Clear the Password and Confirm password text boxes.

f. Open the Service console.

g. Select This account option and enter the name of the service account.

 

Repeated Answer

 

30. Which Kerberos setting defines the maximum time skew that can be tolerated between a ticket’s timestamp and the current time at the KDC?

a. maximum lifetime for service ticket

b. maximum lifetime for user ticket

c. maximum lifetime for user ticket renewal

d. maximum tolerance for computer clock synchronization

 

31. Which Kerberos setting defines the maximum lifetime ticket for a Kerberos TGT ticket?

a. maximum lifetime for service ticket

b. maximum lifetime for user ticket

c. maximum lifetime for user ticket renewal

d. maximum tolerance for computer clock synchronization

 

32. Which Kerberos setting defines the maximum lifetime of a Kerberos ticket?

a. maximum lifetime for service ticket

b. maximum lifetime for user ticket

c. maximum lifetime for user ticket renewal

d. maximum tolerance for computer clock synchronization

33. Which Kerberos setting defines how long a service or user ticket can be renewed?

a. maximum lifetime for service ticket

b. maximum lifetime for user ticket

c. maximum lifetime for user ticket renewal

d. maximum tolerance for computer clock synchronization

 

Option 1

Low Cost Option
Download this past answer in few clicks

8.87 USD

PURCHASE SOLUTION

Already member?


Option 2

Custom new solution created by our subject matter experts

GET A QUOTE