98-367 Security Fundamentals

Published: August 2, 2010
Languages: English, Chinese (Simplified), Chinese (Traditional), French, German, Italian, Japanese, Korean, Portuguese (Brazil), Russian, Spanish, Spanish (Latin America)
Audiences: Academic
Technology: Windows 10
Credit toward certification: MTA

Skills measured
This exam measures your ability to accomplish the technical tasks listed below. The percentages indicate the relative weight of each major topic area on the exam. The higher the percentage, the more questions you are likely to see on that content area on the exam. View video tutorials about the variety of question types on Microsoft exams.

Please note that the questions may test on, but will not be limited to, the topics described in the bulleted text.

Do you have feedback about the relevance of the skills measured on this exam? Please send Microsoft your comments. All feedback will be reviewed and incorporated as appropriate while still maintaining the validity and reliability of the certification process. Note that Microsoft will not respond directly to your feedback. We appreciate your input in ensuring the quality of the Microsoft Certification program.

If you have concerns about specific questions on this exam, please submit an exam challenge.

If you have other questions or feedback about Microsoft Certification exams or about the certification program, registration, or promotions, please contact your Regional Service Center.

As of June 23, 2016, this exam includes updates for Windows 10, in addition to updates to security and threat terms. To learn more about these changes and how they affect the skills measured, please

Understand security layers (25–30%)
Understand core security principles
Confidentiality; integrity; availability; how threat and risk impact principles; principle of least privilege; social engineering; attack surface analysis; threat modelling
Understand physical security
Site security; computer security; removable devices and drives; access control; mobile device security; keyloggers
Understand Internet security
Browser security settings; secure websites
Understand wireless security
Advantages and disadvantages of specific security types; keys; service set identifiers (SSIDs); MAC filters

Preparation resources
Windows Server 2008 in an organization’s defense in depth strategy
Secure Windows Server
Using Windows Server 2008: Controlling communication with the Internet

Understand operating system security (35-40%)
Understand user authentication
Multifactor authentication; physical and virtual smart cards; Remote Authentication Dial-In User Service (RADIUS); biometrics; use Run As to perform administrative tasks
Understand permissions
File system permissions; share permissions; registry; Active Directory; enable or disable inheritance; behavior when moving or copying files within the same disk or on another disk; multiple groups with different permissions; basic permissions and advanced permissions; take ownership; delegation; inheritance
Understand password policies
Password complexity; account lockout; password length; password history; time between password changes; enforce by using Group Policies; common attack methods; password reset procedures; protect domain user account passwords
Understand audit policies
Types of auditing; what can be audited; enable auditing; what to audit for specific purposes; where to save audit information; how to secure audit information
Understand encryption
Encrypting file system (EFS); how EFS-encrypted folders impact moving/copying files; BitLocker (To Go); TPM; software-based encryption; MAIL encryption and signing and other uses; virtual private network (VPN); public key/private key; encryption algorithms; certificate properties; certificate services; PKI/certificate services infrastructure; token devices; lock down devices to run only trusted applications
Understand malware
Buffer overflow; viruses, polymorphic viruses; worms; Trojan horses; spyware; ransomware; adware; rootkits; backdoors; zero day attacks

Preparation resources
Windows authentication
Password policy
Audit policies

Understand network security (20–25%)
Understand dedicated firewalls
Types of hardware firewalls and their characteristics; when to use a hardware firewall instead of a software firewall; stateful versus stateless firewall inspection; Security Compliance Manager; security baselines
Understand network isolation
Routing; honeypot; perimeter networks; network address translation (NAT); VPN; IPsec; server and domain isolation
Understand protocol security
Protocol spoofing; IPsec; tunneling; DNSsec; network sniffing; denial-of-service (DoS) attacks; common attack methods

Preparation resources
Windows Firewall
Network Access Protection
IPsec

Understand security software (15–20%)
Understand client protection
Antivirus; protect against unwanted software installations; User Account Control (UAC); keep client operating system and software updated; encrypt offline folders, software restriction policies; principle of least privilege
Understand email protection
Antispam, antivirus, spoofing, phishing, and pharming; client versus server protection; Sender Policy Framework (SPF) records; PTR records
Understand server protection
Separation of services; hardening; keep server updated; secure dynamic Domain Name System (DNS) updates; disable unsecure authentication protocols; Read-Only Domain Controllers (RODC)

Preparation resources
What’s new for operating system hardening and integrity for Windows Server 2008
Software restriction policies
What’s new for server protection in Windows Server 2008

---

QUESTION 1
A mail system administrator scans for viruses in incoming emails to increase the speed of mail processing.
Select the correct answer if the underlined text does not make the statement correct. Select “No change is needed” if the underlined text makes the statement correct.

A. Decrease the chances of a virus getting to a client machine
B. Verify that the senders of the messages are legitimate
C. Ensure that all links in the messages are trustworthy
D. No change is needed.

Answer: A

---

QUESTION 2
Coho Winery wants to increase their web presence and hires you to set up a new web server. Coho already has servers for their business and would like to avoid purchasing a new one.
Which server is best to use as a web server, considering the security and performance concerns?

A. SQL Server
B. File Server
C. Domain Controller
D. Application Server

Answer: C

---

QUESTION 3
To protect systems from buffer overflow errors, you can use:

A. Antivirus software
B. Data Execution Prevention
C. A proxy server
D. An Intruder Prevention System

Answer: B

---

QUESTION 4
Windows Server Update Services (WSUS) is a tool that:

A. Updates data stored in Windows servers
B. Manages the services that run on a server
C. Updates licensing for Windows servers
D. Manages updates for Microsoft software

Answer: D

Explanation:
Windows Server Update Services (WSUS) enables information technology administrators to deploy the latest Microsoft product updates to computers that are running the Windows operating system. By using WSUS, administrators can fully manage the distribution of updates that are released through Microsoft Update to computers in their network. Reference: https://technet.microsoft.com/en-us/windowsserver/bb332157.aspx