Sunday, July 30, 2017

Microsoft Official Academic Course. 70-410 Installing & Configuring Windows Server 2012 R2

Multiple Choice Select one or more correct answers for each of the following questions.

1. Which of the following rule types apply only to Windows Installer packages?
 a. Hash rules b. Certificate rules c. Internet zone rules[i] d. Path rules
2. Which file type is used by Windows Installer? a. .inf b. .bat c. .msf d. .msi file[ii]
3. Which of the following is not one of the Default Security Levels that can be used with a software restriction policy? a. Basic User b. Unrestricted c. Restricted d. Disallowed
4. As part of your efforts to deploy all new applications using Group Policy, you discover that several of the applications you wish to deploy do not include the necessary installer files. What can you use to deploy these applications? a. Software restriction policies b. .msi files c. .mdb files d. .zap files[iii]
5. Which of the following describes the mathematical equation that creates a digital “fingerprint” of a particular file? a. Hash rule b. Hash algorithm[iv] c. Software restriction policy d. Path rule
6. Which of the following rules will allow or disallow a script or a Windows Installer file to run on the basis of how the file has been signed? a. Path rule b. Hash rule c. Network zone rule d. Certificate rule
7. You want to deploy several software applications using Group Policy, such that the applications can be manually installed by the users from the Add/Remove Programs applet in their local Control Panel. Which installation option should you select? a. Assign b. Disallowed c. Publish d. Unrestricted
8. You have assigned several applications using GPOs. Users have complained that there is a delay when they double-click on the application icon, which you know is the result of the application being installed in the background. What option can you use to pre-install assigned applications when users log on or power on their computers? a. Uninstall when the application falls out of scope b. Install This Application At Logon c. Advanced Installation Mode d. Path rule
9. Which of the following Default Security Levels in Software Restriction Policies will disallow any executable from running that has not been explicitly enabled by the Active Directory administrator? a. Basic User b. Restricted c. Disallowed d. Power User

Microsoft Official Academic Course. 70-410 Installing & Configuring Windows Server 2012 R2 (Microsoft Official Academic Course) (Page 448). Wiley. Kindle Edition.



[i] NETWORK ZONE RULES Network zone rules apply only to Windows Installer packages that attempt to install from a specified zone, such as a local computer, a local intranet, trusted sites, restricted sites, or the Internet. You can configure this type of rule to enable Windows Installer packages to be installed only if they come from a trusted area of the network. For example, an Internet zone rule can restrict Windows Installer packages from being downloaded and installed from the Internet or other network locations.

Microsoft Official Academic Course. 70-410 Installing & Configuring Windows Server 2012 R2 (Microsoft Official Academic Course) (Page 439). Wiley. Kindle Edition.

[ii] The Windows Installer Service requires a package file that contains all the pertinent information about the software. This package file consists of the following information:

• An .msi file, which is a relational database file that is copied to the target computer system, with the program files it deploys. In addition to providing installation information, this database file assists in the self-healing process for damaged applications and clean application removal. • External source files that are required for software installation or removal. • Summary information about the software and the package. • A reference point to the path where the installation files are located.

Microsoft Official Academic Course. 70-410 Installing & Configuring Windows Server 2012 R2 (Microsoft Official Academic Course) (Page 430). Wiley. Kindle Edition.

[iii] Generally, application manufacturers do not support the reengineering of their .msi packages. However, you can use the .mst process to modify manufacturer-supplied .msi packages to reflect the needs of your organization. When repackaging an application is not an option and a Windows Installer file is not available, you can use a .zap file to publish an application. A .z ap file is a non–Windows Installer package that you can create by using a text editor. A .zap file looks and functions similar to an .ini file. Th e disadvantages of creating .zap files are as follows: • They can be published, but not assigned. These two options are discussed in detail later in this lesson. • Deployments require user intervention, rather than being fully unattended. • Local administrator permissions might be required to perform the installation. • They do not support custom installations or automatic repair. • They do not support the removal of applications that are no longer needed or applications that failed to install properly.

Microsoft Official Academic Course. 70-410 Installing & Configuring Windows Server 2012 R2 (Microsoft Official Academic Course) (Page 431). Wiley. Kindle Edition.


[iv] HASH RULES A hash is a series of bytes with a fixed length that uniquely identifies a program or file. A hash value is generated by an algorithm that essentially creates a fingerprint of the file, making it nearly impossible for another program to have the same hash. If you create a hash rule and a user attempts to run a program affected by the rule, the system checks the hash value of the executable file and compares with the hash value stored in the software restriction policy. If the two values match, the policy settings will apply. Therefore, creating a hash rule for an application executable prevents the application from running if the hash value is not correct. Because the hash value is based on the file itself, you can move the file from one location to another and it will still function. If the executable file is altered in any way, such as if it is modified or replaced by a worm or virus, the hash rule in the software restriction policy prevents the file from running.

Microsoft Official Academic Course. 70-410 Installing & Configuring Windows Server 2012 R2 (Microsoft Official Academic Course) (Page 438). Wiley. Kindle Edition.

grep CTF

I used grep grep -i -r "string" /directory  -i to accept lowercase and uppercase  -r recursive __ look for all fol...