You work as the network security administrator at certifyme.com. The
certifyme.com network consists of a single Active Directory domain named
certifyme.com. The certifyme.com network contains ten Windows Server 2003
computers and 1,200 client computers running Windows XP Professional.
certifyme.com can fall prey to industrial espionage. To this end Internet Protocol
Security (IPSec) is implemented on the certifyme.com network. However, it has come
to the CIO's attention that one of the certifyme.com users has been changing the
IPSec policies and that it could be a user that is perhaps employed by a rival
company as an industrial spy. 350-001 You then receive instruction from the CIO to identify
the users or users responsible for making these changes to the IPSec policies as well
as attempts to make changes. You need to enable an audit policy to accomplish this
task.
What should you do?
A. Enable success auditing for the Audit logon events.
B. Enable success auditing for the Audit policy change.
C. Enable success auditing for the Audit privilege use.
D. Enable success and failure auditing for the Audit logon events.
E. Enable success and failure auditing for the Audit policy change.
F. Enable success and failure auditing for the Audit privilege use.
Answer: E
Explanation
Leading the way in IT testing and certification tools, www.certifyme.com
- 31 -
: In an effort to identify the culprits making changes to the IPSec policies on the
certifyme.com network, you should enable success auditing for the Audit Policy change
audit policy. And to identify the user/s attempting to make changes to the IPSec policies
on the certifyme.com network, you should also enable failure auditing for the Audit
Policy change audit policy.
Incorrect Answers:
A, D: The success and failure auditing of the Audit logon policy will audit each time a
user attempts to log on or off as well as the successful logon and logoffs. This is not
going to audit the user/s attempting to make changes to the IPSec policies. 640-802
B : This would only provide part of the information required by the CIO.
C, F: The audit privilege use audit policy audits each successful instance of a user
exercising a user right and each failed attempt to exercise a user right. This is not going
to identify users making or attempting to make changes to the IPSec policies of
certifyme.com. VCP-310
Reference:
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment