Zacker book, Chapter 19

Well, I cant believe Ive reached the end of my 4th server book in fleeting (possibly vain) attempts to pass the 70-410 exam. Its been a
fun ride so far I feel like im probably not completely finished with this text. This chapter on firewall’s was short, sweet and to the point
its exactly the same as a client in terms of set up and the only difference is deploying rules with GP & creating rules with PS. So if you
have been paying attention at all in your studies it should mostly be review. However since im a little out of date with client OS certs and
studies I could absolutely use the refresher course and maybe you could too so, you’ll never guess what im going to do. Did you guess add a
youtube lecture? If you did you where right. We could probably also review this
short article from TechNet. Any way here’s what I picked out to watch, hopefully some one out there in internet land will find it helpful.
I actually picked some thing from windows 7 as it seemed to be fairly strong and a video showing how to create and deploy firewall rules with
group policy.

The second one is really short but I still feel like it sort of shows how to create a GP firewall rule.

Please read the header for this post
regarding the answer key situation for these chapters.

1. Which of the following is the filter criterion most commonly used in firewall rules?

A. IP address

B. Subnet masks

C. Protocol numbers

D. Port numbers

Answer: D, honestly didnt know this one as I found the wording confusing but its quite obvious once the intent became clear to me
which honestly feels like a very nubbish thing to have a verbiage issue with.

2. Connection security rules require that network traffic allowed through the firewall use which of the following security mechanisms?


B. IPsec


D. Kerberos

Answer: B, for more information about IPsec check out the TechNet

3. Which of the following actions can you not perform from the Windows Firewall control panel?

A. Allow an application through the firewall in all three profiles.

B. Block all incoming connections for any of the three profiles.

C. Create firewall exceptions based on port numbers for all three profiles.

D. Turn Windows Firewall off for all three profiles.

Answer: A, i find this confusing, this “control panel” is this the MMC snap in? Reading back through
the chapter it looks like it is but they should specify with “advance security as to be a little
more clear because we could be talking about this is not possible from the local control panel
firewall icon and it is from the mmc snap in. However it would appear to indicate that you have
to create a new rule for each profile. That seems a bit redundant when an extra check box upon rule
creation could solve the problem unless we are worried about users fat fingering mistakes and performing
a PSesque catastrophic issue?

4. Which of the following tools cannot enable and disable the Network Discovery firewall rules?

A. File explorer

B. Network and Sharing center

C. Action Center

D. Allowed Apps dialog box

Answer: B, this seems like it would be a question where experience actually using the software would provide
a vast amount of help. That said Im not 100% certain on what a “network discovery firewall rule” is.
Im surely not alone in that and perhaps should consult with google.

This isnt exactly helpful but at least we learn what “network discovery” is

5. Which of the following statements about Windows Firewall are true? (choose all that apply)

A. Applying firewall rules with Group Policy Overwrites all of the firewall rules on the target computer.

B. Applying firewall rules with GP combines the newly deployed rules with the ones already there.

C. Importing firewall rules save from another computer overwrites all of the rules on the target system

D. Importing firewall rules saved from another computer combines both sets of settings.

Answer: B, C

6. Windows Firewall uses three profiles to represent the type of network to which the server is connected. What are
the three profiles?

A. Private, Temporary, and authenticated

B. Public, DMZ, and Private

C. Internet, Secure, and Private

D. Domain, Private, and Public

Answer: D

7. When a user attempts to visit an Internet-based email account, what is the response of Windows Firewall?

A. Firewall will not permit the user to visit non-corporate website.

B. Firewall by default will not block client-initiated network traffic.

C. Firewall will block the webmail account unless the user is pre-authenticated

D. Firewall will block all outbound traffic

Answer: B

8. In the Windows Firewall with Advanced Security console, while creating a new rule, the Program page specifies whether
the _______

A. Rule applies to all programs, to one specific program

B. Rules applies to all user, to one specific user

C. Rule applies to all systems, to one specific system

D. Rules applies to all programs, to one specific program or to a specific service

Answer: D

9. By exporting the Windows Firewall policy, you have a file with a .wfw extension that contains ______.

A. All its rules, including the pre-configured rules and the ones you have created or modified.

B. All the rules you havce created or modified

C. Pre-configured rules to be applies to another firewall

D. Firewall settings as specified by the group policy settings.

Answer: B

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Website Powered by

Up ↑

%d bloggers like this: