Homework answers / question archive / Test Bank, Lesson 18 Configuring Account Policies Multiple Choice 1) What are examples of password policies? Select all that apply

Test Bank, Lesson 18 Configuring Account Policies Multiple Choice 1) What are examples of password policies? Select all that apply

Business

Share With

---

Test Bank, Lesson 18 Configuring Account Policies

Multiple Choice

1) What are examples of password policies? Select all that apply.

a. history

b. length

c. complexity

d. age

 

 

2. Why primarily are account lockout policies put into place?

a. privacy

b. security

c. policy

d. regulations

 

 

3. What is the default setting for password history?

a. 6

b. 10

c. 16

d. 24

 

 

4. What is the default minimum password length in characters?

a. 5

b. 7

c. 8

d. 10

 

5. What setting can you give for account lockout duration that requires an administrator to manually unlock the account?

a. 0

b. 10

c. 99

d. 99,999

 

 

6. By default, who has read/write capability to the Default Domain Policy?

a. local administrators

b. power users

c. domain users

d. domain administrators

 

 

7. How should you assign Password Settings objects (PSOs) to users?

a. Assign the PSOs directly to individual users.

b. Assign the PSOs to a new group and add the users to the new group.

c. Assign the PSOs to a global security group and add users to the group.

d. Assign the PSOs to various Active Directory groups as needed.

 

 

8. What is the primary advantage of using Group Policies in a domain environment?

a. ease of enforcement

b. user compliance

c. centralized management

d. ease of creation

 

9. What is the secpol.msc utility used for?

a. editing group policies

b. editing local security policies

c. editing global security policies

d. editing domain-level policies

 

10. What does the minimum password age setting control?

a. how many seconds a user must wait before a password reset

b. how many minutes a user must wait before a password reset

c. how many hours a user must wait before a password reset

d. how many days a user must wait before a password reset

 

11. Why should administrator passwords change more often than user passwords?

a. because administrator passwords are usually simpler than user passwords

b. because administrator accounts carry more security sensitivity than users do

c. because administrators are paranoid about security

d. because administrator accounts are watched by management in large companies

 

 

12. What is the range of password history settings?

a. 0 to 9

b. 0 to 15

c. 0 to 24

d. 0 to 63

 

 

13. What is an easy method of creating a strong password?

a. Use your username and add numbers and special characters.

b. Use your favorite football team’s name with numbers and special characters.

c. Ask a friend for some ideas for good passwords and then add your own number and characters.

d. Start with a sentence and then add numbers and special characters.

 

 

14. Why is a setting of 0 for maximum password age not a good idea? Check all that apply.

a. It means that passwords never expire, which is a major security problem.

b. It means that your passwords expire every day.

c. It means that you’ve disabled password aging.

d. It means that you’ve disabled the use of passwords.

 

 

15. Account policies contain various subsets. Which of the following are legitimate subsets of account policies? Check all that apply.

a. Password Policy

b. Account Lockout Policy

c. Kerberos Policy

d. Username Policy

 

16. By default, which of the following represents the maximum amount of time by which a computer’s internal clock can be inaccurate yet still be able to use Kerberos authentication?

a. 30 seconds

b. 1 minute

c. 5 minutes

d. 8 minutes

 

Short Answer

 

17. Describe a complex password.

 

 

18. What is wrong with a 14-character password?

 

 

29. What is the purpose behind enforcing password history?

 

 

20. Explain account lockout.

 

 

21. If you have departments within your administrative jurisdiction and some are more security-sensitive than others, what can you do to make their user accounts more secure?

 

 

22. Identify the one restriction with using fine-grained password policies on your domain.

 

Best Answer

 

23. Which of the following passwords is considered complex?

a. M!croS0ft

b. candybar01

c. bobj

d. fred@local

 

24. What character length for a password generally accepted as minimum?

a. four

b. six

c. eight

d. fourteen

25. The default maximum password age is how long?

a. 12 days

b. 36 days

c. 42 days

d. 86 days

 

26. Which aspect of passwords is a key component of their strength?

a. easy to remember

b. number of characters

c. dictionary basis

d. keyboard complexity

 

Build List

 

27. Order the following steps required to configure password policies.

a. Edit the Default Domain Policy.

b. Open the Group Policy Management console.

c. Modify the properties for the settings you want to change.

d. Open Security Settings > Account Policies > Password Policy.

e. Open Computer Configuration > Policies > Windows Settings.

28. Order the following steps required to create and configure password settings container.

a. Enter a name for the Password Settings Container.

b. Open the Active Directory Administrative Center.

c. Enter a Precedence number.

d. Open the Password Settings Container.

e. Apply the Password Settings Container to users or groups.

f. Create a new task and then select Password Settings.

g. Open the System folder in ADAC.

 

29. Order the following steps required to view the msDS-ResultantPSO Attribute.

a. Select Properties.

b. Select Filter and then Constructed.

c. Select the Attribute Editor tab.

d. Open View and check Advanced Features.

e. Find the msDS-ResultantPSO attribute to see the current PSO being applied.

f. Open Active Directory Users and Computers.

 

30. Order the following steps required to manage GPO permissions.

a. Open the Group Policy Management console.

b. Select the Delegation tab.

c. Select the appropriate permissions in the Permissions list.

d. Add the user or group in the Enter the object name to select field.

e. Select Default Domain Policy.

 

Repeated Answer

 

31. This setting defines a default password filter that is enabled by default.

a. enforce password history

b. maximum password age

c. minimum password length

d. complexity requirements

 

32. This setting defines the number of days that a password can be used before the user must change it.

a. enforce password history

b. maximum password age

c. minimum password length

d. complexity requirements

 

33. This setting defines the number of unique, new passwords that must be associated with a user account before an old password can be reused.

a. enforce password history

b. maximum password age

c. minimum password length

d. complexity requirements

34. This setting defines the minimum number of characters that a user’s password must contain.

a. enforce password history

b. maximum password age

c. minimum password length

d. complexity requirements