Question 1

1. Firewall rules function in two ways: admit all traffic, except that which conforms to the
applied rules, and secondly, block all traffic, except that which conforms to the applied
rules. How does the Windows Firewall work for inbound traffic and for outbound traffic?
P454
Inbound-permit all. Outbound-block all

Inbound-block all. Outbound-block all

Inbound-block all. Outbound-permit all

Inbound-permit all. Outbound-permit all

3.7 points

Question 2
1. What does a firewall protect your company against? P453
Network intrusion attempts, such as a denial of service attack

Physical intrusion attempts, such as a broken front door

Personnel intrusion attempts, such as social engineering

Natural acts, such as an electrical surge caused by a lightning strike

3.7 points

Question 3

1. Windows Firewall uses three profiles to represent the type of network to which the server
is connected. What are the three profiles? P457
Private, temporary, and authenticated

Public, DMZ, and private

Internet, secure, and private

Domain, private, and public

3.7 points

Question 4
1. For the Windows Firewall private profile, what type of network is expected? P457
An unsecure network where unauthenticated users are probable

An unsecure network where users must authenticate to the server

An internal network that is not accessible by unauthorized users

No network-private means no network connection allowed

3.7 points

Question 5
1. What does the term filter refer to in the Windows Firewall With Advanced Security
console? P465
The ability to screen traffic segments or packets

The ability to display inbound or outbound rules according to a profile

The ability to filter Group Policy settings per firewall

The ability to filter Group Policy settings per traffic type

3.7 points

Question 6
1. If a user attempts to use an Internet-based e-mail account, how will Windows Firewall
respond? P454
The firewall permits the user to visit a non-corporate website.

The firewall does not block client-initiated network traffic by default.

The firewall blocks the webmail account unless the user is already authenticated.

The firewall blocks all outbound traffic.

3.7 points

Question 7
1. What tool offers more flexibility in creating rules compared with the Windows Firewall
interface under Control Panel? P459
Active Directory Users and Computers

Windows Firewall With Advanced Security snap-in for the Microsoft Management
console

Windows Firewall With Advanced Settings in the Server Manager Tools menu

Run > Windows Firewall

3.7 points

Question 8
1. In the Windows Firewall With Advanced Security console, while creating a new rule, the
Program page specifies whether the ______. P462
rule applies to all programs, or to one specific program

rule applies to all users, or to one specific user

rule applies to all systems, or to one specific system

rule applies to all programs, to one specific program, or to a specific service

3.7 points

Question 9
1. By exporting the Windows Firewall policy, you have a file with a .wfw extension that
contains _____. P464
all its rules, including the preconfigured rules and the ones you have created or modified

all the rules you have created or modified

preconfigured rules to be applied to another firewall

firewall settings as specified by the Group Policy settings

3.7 points

Question 10
1. If an administrator wants to enable the "Block all incoming connections, including those
in the list of allowed apps" setting, to which of the firewall profiles does it apply? P457
Public

Public and private

Public, private, and domain

If a firewall profile is configured, this setting does not apply.

3.7 points

Question 11
1. Windows Firewall allows an administrator to import and export firewall rules. What are
the rules' file extension? P464
.wfw

.inf

.wfr

.inr
3.7 points

Question 12
1. What is the typical incoming port number for a web server? P454
53

25

118

80
3.7 points

Question 13
1. You can configure the Windows Firewall to allow or block specific _________. P453
ports and protocols

applications and users

ports, protocols, and applications, but not users

ports, protocols, applications, users, and IP address ranges

3.7 points

Question 14
1. What GPO node presents the interface with which to configure Windows Firewall
properties? P465
Computer Configuration\Policies\Windows Settings\Security Settings\Windows Firewall

with Advanced Security

Computer Configuration\Policies\Windows Settings\Windows Firewall with Advanced

Security

User Configuration\Policies\Windows Settings\Windows Firewall with Advanced Security

User Configuration\Policies\Windows Settings\Security Settings\Windows Firewall with

Advanced Security
3.7 points

Question 15
1. What is the primary objective of a firewall? P453
To authenticate and authorize users past the network perimeter

To permit traffic in and out for legitimate users, and to block the rest

To compare traffic information against a list of known valid traffic

To protect a network by allowing certain types of network traffic in and out of the system
3.7 points

Question 16
1. In Windows Firewall Customized Settings, there are three profiles (public, private, and
domain). What differentiates these profiles from each other? P457
Public is for servers accessible to temporary users. Private is for servers on an internal
network. Domain is for servers in which users are all authenticated.

Public is for servers accessible to unauthenticated users. Private is for inaccessible servers.
Domain is for servers accessible only to authenticated users.

Public is for servers accessible to temporary users. Private is for servers on an internal
network. Domain is for servers across multiple sites.

Public is for servers accessible to unauthenticated users. Private is for servers on a private
network. Domain is for servers spanning different domain groups.
3.7 points

Question 17
1. When creating a firewall exception, what is the difference between opening a port and
allowing an application through? P458-459
Opening a port is permanent, and thus is less risky than allowing an application.

Allowing an application opens the specified port only while the program is running, and
thus is less risky.

Both options are available in the Windows Firewall with Advanced Security console.

There is no functional difference between opening a port and allowing an application.

3.7 points

Question 18
1. Windows Firewall allows you to create inbound, outbound, and connection security rules
for individual servers or systems. How can you do this for multiple systems? P465
You can delegate to administrators the task of performing the same configuration to their
local servers.

You can create a new Group Policy Object and create matching rules to match the desired
configuration. Then deploy the GPO to other systems on the network.

You can visit individual systems and configure them as you have the initial system.

You can create a new Group Policy Object and you can import settings from a policy file
created earlier. Then deploy the GPO to other systems on the network.
3.7 points

Question 19
1. What parameter in the Windows Firewall New Inbound Rule Wizard specifies the IP
address range of local and remote systems to which the rule applies? P462
Program

Action

Scope

Protocol and Ports

3.7 points

Question 20
1. What parameter in the Windows Firewall New Inbound Rule Wizard specifies the exact
type of traffic at the network or transport layer, which the firewall can block or allow?
P462
Program

Action

Scope

Protocol and Ports

3.7 points

Question 21
1. What parameter in the Windows Firewall New Inbound Rule Wizard specifies what the
firewall should do when a packet matches the rule? P462
Program

Action

Scope

Protocol and Ports

3.7 points

Question 22
1. What parameter in the Windows Firewall New Inbound Rule Wizard specifies whether
the rule applies to all programs, to one specific program, or to a specific service? P462
Program

Action

Scope

Protocol and Ports

3.7 points

Question 23
1. Which of the three Windows Firewall profiles is most appropriate for a library kiosk?
P457
Public- its intended for servers that are accessible to unauthenticated or temporary users
Such as computers in an open lab or kiosk
3.8 points

Question 24
1. Which of the three Windows Firewall profiles is most appropriate for a company file and
print server? P457
Private- its intended for a server on an internal network that isnt accessible by unauthorized
users
3.7 points

Question 25
1. Which of the three Windows Firewall profiles is most appropriate for a company domain
controller? P457
Domain- it applies to servers that are members of an Active Directory Domain Services domain,
In which all users are identified and authenticated
3.7 points

Question 26
1. Which of the three firewall profiles will turn on the firewall by default?
All of them
3.7 points

Question 27
1. A firewall is essentially a series of _____ that examine the contents of packets and the
traffic patterns to and from the network to determine which packets they should allow to
pass through. P453
Filters