I have a few questions on my assignment over Windows XP could you please check them? Thanxs!

Short Answer

17. Danni, an employee of a small medical group, manages a network of 30 PCs running Windows XP Professional on NTFS volumes. Eight of the PCs, located in three different offices, are used to track patient records. Because of the medical profession’s need to insure the security of patient data, Danni institutes folder-level file encryption using EFS on each of the PCs. One of the managing partners is PC literate, and is also very concerned about compliance with data security laws. He approaches Danni with a plan to implement additional security software to supplement EFS. His concern regarding EFS is that sensitive data remaining in the Windows XP paging file after shutdown exposes the firm to liability concerns. Is the partner correct in believing that Danni has failed to properly secure patient data?

I say that the partner is not right.

NARRATIVE MULTIPLE CHOICE (can have more than one answer)

18. Simon, a consultant, is called to the offices of a video production firm to assist in optimizing a number of Windows XP Professional computers for use as media editing stations. These machines are each equipped with three large hard drives, high performance video cards, 1 GB of memory, and high-end processors. Users are complaining that the performance of the systems has deteriorated steadily during the first six months of use and is now unacceptable. Simon analyzes the workstations and rules out mechanical defects as the cause of the performance issues. He then performs a number of operations designed to help the machines meet the performance expectations of the users. Which of the following operations would NOT be expected to improve the speed of the workstations?

a. Reconfiguring the three hard drives as dynamic disks, and arranging them into one large striped volume.

b. Moving the media data files out of the NTFS compressed volumes the data was stored in to conserve space.

c. Using Disk Cleanup to free disk space used by temporary files and unnecessary programs.

d. Using Disk Defragmenter to analyze and repair disk fragmentation.

e. Disabling the Encrypting File System
(On this question I got only E)

19. Mike, a consultant, is asked to check the configuration of a stand-alone desktop machine used in a warehouse environment. This Windows XP Professional machine is located on the loading dock, runs barcode scanning software and tracks all the shipping and receiving activities at the dock. The information it contains is considered vital. At the end of each day, the desktop is brought into the warehouse office where it is connected to the network and backed up. While reading through the machine’s system logs, Mike discovers that the machine has frequently experienced unexpected shutdowns. A conversation with the operator who usually runs the machine reveals that power fluctuations are common on the loading dock, with the desktop shutting down and rebooting several times a week. Mike immediately recommends the installation of a UPS, which he is told will be installed within a week. Which of the following additional procedures will be most helpful in protecting this machine’s vital data until the backup power supply is installed?

a. Add a second hard drive, and, using Disk Management, set up both the original and new hard drives as dynamic disks, and install the second drive as a spanned volume.

b. Using Disk Management, repartition the existing hard drive into three separate volumes, one for the operating system, one for applications, and one for data.

c. Using Disk Management, access the existing hard drive and, under Policies, deselect the Enable Write Caching check box to turn off write caching.

d. Using Disk Management, access the existing hard drive and Refresh the disk information in order to insure that all data is present.

e. Using Disk Defragmenter, defragment the disk in order to improve the integrity of the data.
(On this one I got B as the answer)

20. Winifred is the Office Manager of Contoso Limited. Contoso uses a payroll subscription service to generate company payroll. Payroll data is kept on a stand-alone machine supplied by the payroll subscription service. The machine, supplied and set up by the payroll subscription service, runs Windows XP Professional with workgroup membership. During the training period, the subscription service trainer implemented data encryption and instructed Winifred in the use of encrypted files. Since that time, Winifred has kept all payroll data encrypted on this machine. On Thursday afternoon, Winifred is unable to boot the system. The BIOS reports that there is no hard drive present. Winifred calls her network administrator, Damien, who diagnoses the problem as a defective hard drive and installs a replacement. Damien reinstalls Windows XP, the payroll software, and the payroll files from last week’s backup. Winifred logs on to the system but is unable to access the payroll files. Damien asks Winifred for her copy of the file encryption certificate. The file is not immediately available as Winifred has placed her copy of the certificate on a disk that is stored offsite with the company’s backup tapes. Which of the following recovery options will allow Winifred to recover the encrypted files?

a. Winifred, who is a member of the local administrator’s group, can create a new account for herself, add the new account to the administrator group, and decrypt the encryopted files with those credentials.

b. Damien, as a Contoso domain administrator, can log on to the payroll computer and decrypt the encrypted files.

c. Damien, as a Contoso domain administrator, can add the payroll computer to the Contoso domain, then log on and decrypt the files as a Contoso domain administrator.

d. Winifred or Damien can contact the payroll services company and obtain the local administrator password and associated private key. After logging on as the local administrator, they can use the administrators key as the default recovery agent for a standalone computer to decrypt the file, or send the file via e-mail for decryption at the system where the agent’s file recovery certificate is located.

e. Damien, as a Contoso domain administrator, can copy the encrypted file to a Contoso domain controller, where his access level as a domain administrator will allow him to authenticate and decrypth the file.

(On this question I got E for the answer)

uynid iuwrsoaf mvytw lrzat jhcbusd pjohu acfn

17. To determine if the partner is correct in believing that Danni has failed to properly secure patient data, we need to understand the details of the situation. Danni has implemented folder-level file encryption using EFS on each of the PCs. EFS provides encryption at the file level and ensures that only authorized users can access the encrypted data. However, the partner's concern is about sensitive data remaining in the Windows XP paging file after shutdown.

To verify if the partner's concern is valid, we need to consider two factors:
- Does the Windows XP paging file contain sensitive patient data?
- Can the data in the paging file be accessed by unauthorized users?

The Windows XP paging file, also known as the "Pagefile.sys," is used by the operating system as virtual memory when the physical RAM is full. It is used for temporary storage of data and does not typically contain user data. However, in some cases, if data from sensitive files was in memory when the system shut down, it could be stored in the paging file.

To address the partner's concern, Danni could configure Windows XP to clear the paging file on shutdown, also known as "ClearPageFileAtShutdown." This can be done by modifying the registry. After enabling this setting, the paging file will be securely overwritten with zeros when the system shuts down, preventing any potential exposure of sensitive data.

In conclusion, whether the partner is correct or not depends on whether Danni has implemented measures to clear the paging file on shutdown. If Danni has enabled the "ClearPageFileAtShutdown" setting, then the partner's concerns about data exposure would be mitigated, and Danni would be considered to have properly secured the patient data.

18. To identify the operation that would NOT be expected to improve the speed of the workstations, let's analyze each option:

a. Reconfiguring the three hard drives as dynamic disks and arranging them into one large striped volume: This operation, known as "RAID 0," uses disk striping to spread data across multiple drives, improving read/write performance. Therefore, this operation is expected to improve the speed of the workstations.

b. Moving the media data files out of the NTFS compressed volumes: NTFS compression reduces the disk space used by files, but it can have a negative impact on performance due to the need to compress and decompress files during read/write operations. Moving the files out of compressed volumes is expected to improve the speed of the workstations.

c. Using Disk Cleanup to free disk space used by temporary files and unnecessary programs: Disk Cleanup helps remove temporary files and unnecessary data, freeing up disk space. This operation can improve the speed of the workstations by reducing disk clutter.

d. Using Disk Defragmenter to analyze and repair disk fragmentation: Disk fragmentation affects the performance of a hard drive by scattering file data across different physical locations. Disk Defragmenter helps reorganize files, improving read/write speeds. This operation is expected to improve the speed of the workstations.

e. Disabling the Encrypting File System (EFS): EFS provides file-level encryption, ensuring data confidentiality. Disabling EFS will not directly impact the speed of the workstations, but it will compromise data security.

Based on the above analysis, Option E (Disabling the Encrypting File System) is the operation that would NOT be expected to improve the speed of the workstations.

19. To identify the additional procedure most helpful in protecting the machine's vital data until the backup power supply is installed, let's analyze each option:

a. Adding a second hard drive and setting up both the original and new hard drives as dynamic disks: This operation does not directly address the issue of protecting data in the event of power fluctuations. It focuses more on expanding storage capacity rather than ensuring data resilience.

b. Repartitioning the existing hard drive into three separate volumes: This operation organizes the data into separate partitions, but it does not directly protect data during power fluctuations.

c. Deselecting the Enable Write Caching check box to turn off write caching: Write caching improves disk performance but can sometimes result in data loss during unexpected system shutdowns. By disabling write caching, the impact of power fluctuations on data integrity is reduced. This operation can help protect the machine's vital data until the backup power supply is installed.

d. Refreshing the disk information to ensure all data is present: Refreshing disk information does not directly protect data during power fluctuations. It is more focused on updating disk information and ensuring data consistency.

e. Defragmenting the disk to improve data integrity: Disk defragmentation rearranges files on the disk to improve efficiency, but it does not directly protect data during power fluctuations.

Based on the above analysis, Option C (Deselecting the Enable Write Caching check box to turn off write caching) is the additional procedure most helpful in protecting the machine's vital data until the backup power supply is installed.

20. To identify the recovery option that will allow Winifred to recover the encrypted files, let's analyze each option:

a. Creating a new account for herself, adding it to the administrator group, and decrypting the encrypted files: This option is not applicable in this case because the new account does not have access to the encryption certificate required to decrypt the files.

b. Damien, as a Contoso domain administrator, logging on to the payroll computer and decrypting the encrypted files: As a domain administrator, Damien can access the encrypted files and decrypt them, ensuring data recovery.

c. Damien, as a Contoso domain administrator, adding the payroll computer to the Contoso domain and decrypting the files: Adding the payroll computer to the domain does not directly enable decryption of the files. The encryption certificate for the files is stored on a different disk that Winifred has placed offsite.

d. Winifred or Damien contacting the payroll services company and obtaining the local administrator password and associated private key: This option involves obtaining the necessary credentials to decrypt the files. The local administrator's key can act as the default recovery agent for a standalone computer.

e. Damien copying the encrypted file to a Contoso domain controller and decrypting it: Copying the file to a domain controller does not directly enable decryption. The encryption certificate is required to decrypt the file, which Winifred has placed offsite.

Based on the above analysis, Option D (Winifred or Damien contacting the payroll services company and obtaining the local administrator password and associated private key) is the recovery option that will allow Winifred to recover the encrypted files.