Exam Braindumps
Sign in
Microsoft 98-367
- Share:
Security Fundamentals
Free Questions in OTE format
| File | Date | Q&A | Votes | Size | |
|---|---|---|---|---|---|
| Microsoft.98-367.v2021-09-30.90q.ote | 2021-09-30 | 90 | 0/0 | 236.96 Kb |  |
| Microsoft.98-367.v2018-11-11.244q.ote | 2018-11-11 | 244 | 0/0 | 609.63 Kb | |
| Microsoft.98-367.v2018-09-20.229q.ote | 2018-09-20 | 229 | 0/0 | 471.99 Kb | |
| Microsoft.98-367.v2015-08-29.161q.ote | 2015-08-29 | 161 | 0/0 | 291.13 Kb | |
| Microsoft.98-367.v2015-03-19.159q.ote | 2015-03-19 | 159 | 0/0 | 143.59 Kb | |
Notification about new Microsoft 98-367 files
About Microsoft 98-367 dump
This exam measures your ability to accomplish the technical tasks listed below.
This exam validates that a candidate has fundamental security knowledge and skills. It can serve as a stepping stone to the Microsoft Certified Solutions Associate (MCSA) exams. It is recommended that candidates become familiar with the concepts and the technologies described here by taking relevant training courses. Candidates are expected to have some hands-on experience with Windows Server, Windows-based networking, Active Directory, anti-malware products, firewalls, network topologies and devices, and network ports.
- Understand security layers (25–30%)
- Understand core security principles
Confidentiality; integrity; availability; how threat and risk impact principles; principle of least privilege; social engineering; attack surface - Understand physical security
Site security; computer security; removable devices and drives; access control; mobile device security; disable Log On Locally; keyloggers - Understand Internet security
Browser settings; zones; secure websites - Understand wireless security
Advantages and disadvantages of specific security types; keys; service set identifiers (SSIDs); MAC filters
- Understand core security principles
- Understand operating system security (30–35%)
- Understand user authentication
Multifactor; smart cards; Remote Authentication Dial-In User Service (RADIUS); Public Key Infrastructure (PKI); understand the certificate chain; biometrics; Kerberos and time skew; use Run As to perform administrative tasks; password reset procedures - Understand permissions
File; share; registry; Active Directory; NT file system (NTFS) versus file allocation table (FAT); enable or disable inheritance; behavior when moving or copying files within the same disk or on another disk; multiple groups with different permissions; basic permissions and advanced permissions; take ownership; delegation
- Understand password policies
Password complexity; account lockout; password length; password history; time between password changes; enforce by using Group Policies; common attack methods
- Understand audit policies
Types of auditing; what can be audited; enable auditing; what to audit for specific purposes; where to save audit information; how to secure audit information - Understand encryption
Encrypting file system (EFS); how EFS-encrypted folders impact moving/copying files; BitLocker (To Go); TPM; software-based encryption; MAIL encryption and signing and other uses; virtual private network (VPN); public key/private key; encryption algorithms; certificate properties; certificate services; PKI/certificate services infrastructure; token devices - Understand malware
Buffer overflow; worms; Trojans; spyware
- Understand user authentication
- Understand network security (20–25%)
- Understand dedicated firewalls
Types of hardware firewalls and their characteristics; why to use a hardware firewall instead of a software firewall; SCMs and UTMs; stateful versus stateless inspection - Understand Network Access Protection (NAP)
Purpose of NAP; requirements for NAP - Understand network isolation
Virtual local area networks (VLANs); routing; honeypot; perimeter networks; network address translation (NAT); VPN; IPsec; server and domain isolation - Understand protocol security
Protocol spoofing; IPsec; tunneling; DNSsec; network sniffing; common attack methods
- Understand dedicated firewalls
- Understand security software (15–20%)
- Understand client protection
Antivirus; User Account Control (UAC); keep client operating system and software updated; encrypt offline folders, software restriction policies - Understand email protection
Antispam, antivirus, spoofing, phishing, and pharming; client versus server protection; Sender Policy Framework (SPF) records; PTR records - Understand server protection
Separation of services; hardening; keep server updated; secure dynamic Domain Name System (DNS) updates; disable unsecure authentication protocols; Read-Only Domain Controllers (RODC); separate management VLAN; Microsoft Baseline Security Analyzer (MBSA)
- Understand client protection
This exam validates that a candidate has fundamental security knowledge and skills. It can serve as a stepping stone to the Microsoft Certified Solutions Associate (MCSA) exams. It is recommended that candidates become familiar with the concepts and the technologies described here by taking relevant training courses. Candidates are expected to have some hands-on experience with Windows Server, Windows-based networking, Active Directory, anti-malware products, firewalls, network topologies and devices, and network ports.