Exam 70-298 Suggested Exercises | 493
4. Explain Restricted groups and where they apply.
5. Understand the ways to control a Windows service using Group Policy.
6. Explain software restriction policies and the four exception rule types.
7. Explain folder redirection and why it would be used.
8. Explain WMI filtering, where it can be used, and why it would be used.
9. Explain the various methods to confirm Group Policy application.
10. Define the default Windows Security Templates and when each would be
11. Decide when to use the Security Configuration and Analysis console tool
12. Explain the Windows Firewall, its default settings, and when exceptions are
13. Describe methods for securing legacy clients.
Data Security Strategies
1. Understand the difference between Share and NTFS permissions, and when
2. Understand, in detail, the various Share and NTFS permissions.
3. Know the 14 “advanced” NTFS permissions and which ones make up the
seven “summary” higher-level permissions that most users normally work
4. Explain what the Full Control permission gives a user when all other permis-
sions are given except for Full Control.
5. Explain when a Deny permission does not override an Allow permission.
6. Explain inheritance.
7. List the various mechanisms that can have an impact on Windows security
8. Explain the NTFS Effective Permissions tab and what is reported there.
Encrypting File System
1. Explain how EFS works.
2. Explain the differences in EFS when used with Microsoft Certificate Services.
3. List the new features in EFS in Windows XP Pro and Windows Server 2003,
as compared with Windows 2000.
4. Describe when delegation is needed for EFS.
5. Explain the various methods to protect EFS files when they are being trans-
ferred across a network.