small businesses of up to 15 users where it can implement features such as file sharing, printer sharing, security and remote access. Answer: Windows Server 2012 Foundation Edition A __________ is a computer in a domain which has Windows Server edition of operating system deployed but it is not a Domain Controller. Normally in any organization we don’t use DCs to deploy all the roles and services e.g. DHCP, application server, file and print server, Citrix Application Virtualization, Citrix Desktop Virtualization, DNS, etc. Answer: member server Intended as a designation for a network in which computers are connected to the corporate domain to which they are joined Answer: Domain Network __________ is a service that resolves computer names to IP addresses. Using this, the computer name COMPUTER84, for example, can be resolved to an IP address that enables computers on a Microsoft network to find one another and transfer information. Answer: WINS Which one is not an official version of windows server 2012? Answer: Windows Server 2012 Home Edition This edition of windows server 2012 supports up to 2 virtual machines, it also supports an unlimited amount of users as long as the required user licenses have been purchased Answer: Windows Server 2012 Standard Edition Intended as a designation for a guest network in a public place, such as a coffee shop or airport, rather than for an internal network Answer: Public Network It describes a collection of users, systems, applications, networks, database servers, and any other resources that are administered with a common set of rules. Answer: Domain Controls the ability to see other computers and devices Answer: Network Discovery This edition of windows server 2012 is suited for small businesses, but with up to 25 users, it is also available on retail stores making it accessible to small businesses, Answer: Windows Server 2012 Essentials Edition Reports changes in network connectivity and configuration Answer: Network Location Awareness WINS works best in client/server environments in which WINS clients send single-label (host) name queries to WINS servers for name resolution and WINS servers resolve the query and respond. Answer: True Provides a central console for viewing and managing a computer’s networking and sharing configuration Answer: Network andSharing Center This edition of windows server 2012 the flagship product under the brand name of windows server 2012, Answer: Windows Server 2012 Datacenter Edition Intended as a designation for a network in which computers are configured as members of a homegroup or workgroup and are not connected directly to the public Internet Answer: Private Network __________ is a more advanced version of standard windows command line interface known as cmd or command prompt Answer: Windows Powershell Provides automated diagnostics to help diagnose and resolve networking problems Answer: Windows Network Diagnostics Provides a central console for browsing computers and devices on the network Answer: Network Explorer This scripting API enables you to obtain data from remote computers using scripts that perform WS- Management protocol operations. Answer: WinRM Scripting API This command–line tool for system management is implemented in a Visual Basic Scripting Edition file (Winrm.vbs) written using the WinRM scripting API. This tool enables an administrator to configure WinRM and to get data or manage resources. For more information, see the online help provided by the command line Winrm /?. Answer: Winrm.cmd A push partner is a WINS server from which changes are “pulled.” Answer: False Maps the internal (private) address and port number to different external (public) addresses and ports, depending on the external destination address. Answer: Symmetric Network Address Translators Extends the Dynamic Host Configuration Protocol (DHCP) client to support IPv6 and allows stateful address autoconfiguration with a DHCPv6 server.Prevents address scanning of IPv6 addresses based on the known company IDs of network- adapter manufacturers. By default, Windows Vista and later generate random interface IDs for nontemporary autoconfigured IPv6 addresses, including public and link-local addresses. Answer: Random Interface IDs Spurious Retransmission Timeout Detection Provides correction for sudden, temporary increases in retransmission timeouts and prevents unnecessary retransmission of segments. Answer: True Prevents TCP connections from terminating due to intermediate routers silently discarding large TCP segments, retransmissions,or error messages. Answer: Automatic Black Hole Router Detection Determines when neighboring nodes and routers are no longer reachable and reports the condition. Answer: Neighbor Unreachability Detection for IPv4 Extended Selective Acknowledgments provides faster throughput by altering the way that a sender can increase the sending rate if multiple segments in a window of data are lost and the sender receives an acknowledgment stating that only part of the data has been received. Answer: False Ensures that an unreachable gateway is checked periodically to determine whether it has become available. Answer: Automatic Dead Gateway Retry Routing Compartments Prevents unwanted forwarding of traffic between interfaces by associating an interface or a set of interfaces with a login session that has its own routing tables. Answer: True Neighbor Unreachability Detection for IPv4 Provides an extensible framework that helps users recover from and troubleshoot problems with network connections. Answer: False Extends the Dynamic Host Configuration Protocol (DHCP) client to support IPv6 and allows stateful address autoconfiguration with a DHCPv6 server. Answer: DHCPv6-Capable DHCP client A push partner for a particular WINS server is the server that pulls WINS database information from a receiving or push partner. Answer: False It is not possible to install WINS using windows powershell Answer: False The WMI service continues to run side-by-side with WinRM and provides requested data or control through the WMI plug-in. You can continue to obtain data from standard WMI classes, such as Win32_Process, as well as IPMI-supplied data. Answer: False Helps determine whether a performance bottleneck for a connection is the sending application, the receiving application, or the network. Answer: TCP Extended Statistics Random Interface IDs maps the internal (private) address and port number to different external (public) addresses and ports, depending on the external destination address. Answer: False Provides application programming interfaces (APIs) for extending the TCP/IP filtering architecture so that it can support additional features. Answer: Windows Filtering Platform Provides faster throughput by altering the way that a sender can increase the sending rate if multiple segments in a window of data are lost and the sender receives an acknowledgment stating that only part of the data has been received Answer: Modified Fast Recovery Algorithm If a WINS server in an environment is the sole WINS server for that network, no additional configuration is required other than ensuring that clients will be pointing to the WINS server in their IP configuration. However, if it has been decided that WINS is required, it is a best-practice recommendation to deploy a secondary WINS server to provide redundancy. Answer: True Hardware management through the Intelligent Platform Management Interface (IPMI) provider and driver enables you to control and diagnose remote server hardware through BMCs when the operating system is not running or deployed. Answer: True Network Discovery Reports changes in network connectivity and configuration Answer: False Network and Sharing Center Provides automated diagnostics to help diagnose and resolve networking problems Answer: False Network and Sharing Center Provides a central console for browsing computers and devices on the network Answer: False Network and Sharing Center provides a central console for viewing and managing a computer’s networking and sharing configuration Answer: True Network Location Awareness Reports changes in network connectivity and configuration Answer: True Network Explorer Provides a central console for browsing computers and devices on the network Answer: True Network Discovery Controls the ability to see other computers and devices Answer: True
Midterms:
In which of the given steps is the third step in
configuring a DNS forwarding? Answer: Click Forwarders tab and then click Edit In which of the given steps is the second step in configuring a DNS forwarding? Answer: In DNS manager, right-click and scroll down the menu. Click Properties __________ uses two independent DHCP servers that share responsibility for a scope. Typically, 70% of the addresses in the scope are assigned to the primary server and the remaining 30% are assigned to a backup server. Answer: Split scope DHCP __________ Will have the IP addresses of DNS servers where records can be acquired. Answer: Root hints only __________ provides redundancy and load balancing for DHCP services, enabling administrators to deploy a highly resilient DHCP service. Answer: DHCP failover __________ uses two independent DHCP servers that share responsibility for a scope. Typically, 70% of the addresses in the scope are assigned to the primary server and the remaining 30% are assigned to a backup server. If clients cannot reach the primary server then they can acquire an IP address lease from the secondary server. Answer: Split scope DHCP With policy based assignment, the DHCP the server evaluates DHCP requests against policies that you define. Policies are applicable for a specific scope with a defined processing order. Answer: True In which of the given steps is the first step in configuring a DNS forwarding? Answer: Open server manager dashboard and click on Tools. Scroll down the menu and click on DNS . In __________ dhcp failover is the default mode of deployment. In this mode, two DHCP servers simultaneously serve IP addresses and options to clients on a given subnet. Answer: load balance mode A __________ is a DNS function that takes a domain name and resolves it to an IP address. Answer: forward lookup zone __________ is the default mode of deployment. In this mode, two DHCP servers simultaneously serve IP addresses and options to clients on a given subnet. Answer: Load balance mode In __________ failover mode, two servers operate in a failover relationship where an active server is responsible for leasing IP addresses and configuration information to all clients in a scope or subnet. Answer: hot standby mode DHCP failover is a feature that provides the ability to have two DHCP servers serve IP addresses and option configuration to the same subnet or scope, providing for continuous availability of DHCP service to clients. Answer: True The following command installs dhcp server role Add-WindowsFeature -ManagementTools dhcp Answer: False __________ dhcp failover, two servers operate in a failover relationship where an active server is responsible for leasing IP addresses and configuration information to all clients in a scope or subnet. Answer: hot standby mode __________ is a DNS function that takes an IP address andresolves it to a domain name. Answer: reverse lookup zone This option places a DHCP server in a cluster with another DHCP server that assumes the load if the primary DHCP server fails. Answer: DHCP in a Windows failover cluster With DHCP failover, two DHCP servers share DHCP scope and lease information, enabling one server to provide DHCP leases to DHCP clients if the other server is unavailable. Answer: True With __________, the DHCP the server evaluates DHCP requests against policies that you define. Answer: policy-based assignment Windows Server 2012 provides task-oriented Windows PowerShell cmdlets for DHCP server management. The DHCP server configuration operations are implemented in Windows Server 2012 as Common Information Model (CIM) based cmdlets. Answer: True his algorithm has the strongest security but also the highest resource usage. It is compatible only with Windows Vista and later. Answer: Elliptic Curve Diffie-Hellman P-384 AES-GCM 192 algorithm can be used for quick mode only and is supported on Windows Vista SP1 and later. It is equivalent to AESGMAC 192 for integrity Answer: True Use IPsec Defaults option to configure the default IPsec settings that the local computer will use when attempting to establish secure connections with other IPsec-enabled computers. To configure these settings, click the Customize button to open the Custo Answer: True The Server-to-Server type of connection security rule can be used to protect communications between two computers, two groups of computers, two subnets, or some combination of these, such as between a computer and a subnet. For example, you can use serverto-server rules to protect communications between a database server and a front-end web server Answer: True AES-GCM 256 algorithm can be used for quick mode only and is supported on Windows Vista SP1 and later. It is equivalent to AESGMAC 256 for integrity. Answer: True This data integrity algorithm is not recommended and is provided for backward compatibility only. Answer: Message-Digest algorithm 5 (MD5) Which on is the third step In windows server 2012 routing/nat configuration? Answer: Select Role-based or feature-based installation and click Next AES-GCM 191 This algorithm can be used for quick mode only and is supported on Windows Vista SP1 and later. It is equivalent to AESGMAC 128 for integrity. Answer: False Which on is the second step In windows server 2012 routing/nat configuration? Answer: On the Before You Begin page, click Next. This data integrity algorithm is stronger than MD5 but uses more resources. Answer: Secure Hash Algorithm 1 (SHA-1) This authentication method can be used on networks that include systems running an earlier version of the Windows operating system and on standalone systems. Answer: Computer (NTLMv2) IPsec Encapsulation Model where the payload is encapsulated with an IPsec header Answer: Transport mode Use IPsec Exemptions option to configure how IPsec handles Internet Control Message Protocol (ICMP) traffic. By default, ICMP traffic is not exempted from using IPsec, but you can change this by selecting Yes from the list control. Answer: True Which on is the fourth step In windows server 2012 routing/nat configuration? Answer: On Server Selection select the server you want to install the feature on and click Next Which on is the first step In windows server 2012 routing/nat configuration? Answer: From Server Manager click Manage > Add Roles and Features. his algorithm is not recommended and is provided for backward compatibility only. Answer: Diffie-Hellman Group 1 (DH Group 1) IPsec encapsulation mode where the payload is encapsulated with an additional IP header Answer: Tunnel mode The default signing algorithm for this authentication method is RSA, but Elliptic Curve Digital Signature Algorithm (ECDSA)–P256 and ECDSA-P384 are also supported signing algorithms. Answer: Computer certificate This algorithm is stronger than DH Group 2. It has medium resource usage and is compatible only with Windows Vista and later. Answer: Elliptic Curve Diffie-Hellman P-256 This mechanism is defined in RFC2409 and combines the Internet Security Association and Key Management Protocol (ISAKMP) of RFC 2408 with the Oakley Key Determination Protocol (Oakley) of RFC 2412 Answer: Internet Key Exchange (IKE) This algorithm is faster and stronger than DES. It is supported on Windows Vista and later. Answer: Advanced Encryption Standard-Cipher Block Chaining 128-bit(AES-CBC 128) This phase of IPsec negotiation is performed first and isused to generate a shared master key that the computers can use tosecurely exchange keying information. Answer: Main mode Use this option to configure the users and computers that you want to be authorized to establish IPsec communications with the local computer. Answer: IPsec Tunnel Authorization This algorithm is not recommended and is provided for backward compatibility only. Answer: Diffie-Hellman Group 1 (DH Group 1) WRONG Data Encryption Standard (DES) WRONG MD 5 WRONG Internet Key Exchange (IKE) mechanism is defined in RFC2409 and combines the Internet Security Association and KeyManagement Protocol (ISAKMP) of RFC 2408 with the Oakley KeyDetermination Protocol (Oakley) of RFC 2412.IKE is supported oncomputers that are running Windows 2000 or later. Answer: True Authenticated IP (AuthIP) mechanism is defined in RFC2409 and combines the Internet Security Association and KeyManagement Protocol (ISAKMP) of RFC 2408 with the Oakley KeyDetermination Protocol (Oakley) of RFC 2412.IKE is supported oncomputers that are running Windows 2000 or later. Answer: False Elliptic Curve Diffie-Hellman P-256 algorithm is stronger than DH Group 2. It has medium resource usage and is compatible only with Windows Vista and later. Answer: True Computer (NTLMv2) authentication method can be used on networks that include systems running an earlier version of the Windows operating system and on standalone systems. Answer: True This phase of IPsec negotiation uses the master key from main mode to generate one or more session keys that can be used to ensure data integrity and encryption. Answer: Quick mode AES-GMAC 192 algorithm can be used for quick mode only and is supported on Windows Vista SP1 and later. It is equivalent to AES-GCM 192 for integrity. Answer: True Elliptic Curve Diffie-Hellman P-500 algorithm has the strongest security but also the highest resource usage. It iscompatible only with Windows Vista and later. Answer: False Encapsulating Security Protocol (ESP) mechanism provides data-origin authentication, data integrity, anti-replay protection, and the option of confidentiality for the IP payload only Answer: False Authenticated IP (AuthIP) mechanism is a Microsoftproprietary extension of IKE that provides improved negotiation ofauthentication methods and supports additional authenticationmethods not included in IKE. AuthIP is supported on computersrunning Windows Vista, Windows Server 2008, or later. Answer: True Pre-shared key authentication method is not recommended except for test environments. Answer: Encapsulating Security Protocol (ESP) mechanism provides data-origin authentication, data integrity, and anti-replay protection for the entire packet (both the IP header and the data payload carried in the packet), except for the fields in the IP header that are allowed to change in transit. Answer: False This algorithm can be used for quick mode only and is faster and stronger than DES. It is supported on Windows Vista and later. Answer: AES-GCM 256 This algorithm is notrecommended and is provided for backward compatibility only. Answer: Data Encryption Standard (DES) In transport mode, The payload is encapsulated with an IPsec header Answer: True If you want to use the command line to configure your DNS, use the __________ command. Answer: dnscmd Advanced Encryption Standard-Cipher Block Chaining 128-bit(AES-CBC 128) algorithm is faster and stronger than DES. It is supported on Windows Vista and later. Answer: True Use this option to configure how IPsec handles Internet Control Message Protocol (ICMP) traffic. By default, ICMPtraffic is not exempted from using IPsec, but you can change this by selecting Yes from the list control. Answer: IPsec Exemptions In computer certificate, default signing algorithm for this authentication method is AES, but Elliptic Curve Digital Signature Algorithm (ECDSA)–P256 and ECDSA-P384 are also supported signing algorithms. Answer: False AES-GMAC 128 algorithm can be used for quick mode only andis supported on Windows Vista SP1 and later. It is equivalent to AES-GCM 256 for integrity. Answer: False Use this option to configure the default IPsec settings that the local computer will use when attempting to establish secure connections with other IPsec-enabled computers Answer: IPsec Defaults
Finals:
______________ is used in TCP/IP networks for
naming computers and network services Answer: Hyper-V network virtualization ________ is a suite of Institute of Electrical and Electronics Engineers (IEEE)standards that enable Converged Fabrics in the data center, where storage, data networking, cluster IPC and management traffic all share the same Ethernet network infrastructure. Answer: Data Center Bridging (DCB) A proxy firewall is also referred to as a gateway firewall, or an application firewall. It stands between the internet and the devices in the private network Answer: True Which one is the first step when creating Firewall Inbound Rules? Answer: On the home screen, select the Inbound Rules The console will show all inbound rules in the middle section and available actions in the right pane. You can filter the list by using the available choices. _______________ Provides for administration and monitoring of servers running Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS). Answer: IP Address Management (IPAM) Which one is a benefit of using windows firewall? Answer: It is ready out-of-the-box. It comes preinstalled with personal Microsoft Windows operating systems as well as Server editions. It is also active by default, protecting your operating system from the very first startup ____________ is a virtual layer-2 network switch that provides programmatically managed and extensible capabilities to connect virtual machines to the physical network Answer: Hyper-V virtual switch Which one is the fourth step when creating Firewall Inbound Rules? Answer: The following step will allow you to specify the protocol and port for the traffic that this firewall rule will filter. Click Next after you select a protocol type and configure the settings. This method of firewall filtering inspects every packet and keeps the information for the current connection. This includes TCP protocol information, source and destination IP addresses, and port numbers. Answer: Stateful Inspection Proxy firewalls perform deep packet inspection rather than merely packet header inspection. Here, the firewall creates a separate connection for every incoming and outgoing packet Answer: True _____________ is a wide area network (WAN) bandwidth optimization technology that is included in some editions of the Windows Server2012 and Windows 8 operating systems. To optimize WAN bandwidth when users access content on remote servers Answer: BranchCache When it comes to deploying updates, SCCM is the best tool to do it. You must understand that deploying updates is a complex task. SCCM make it easy not only to deploy updates but to gather the depoyment reports as well. Answer: True This type of firewall runs on individual systems, physical or virtual. It is a piece of software installed on an operating system which stands between the host and other network devices. Answer: Host-based firewall _________________ Is an Internet Engineering Task Force (IETF) standarddesigned to reduce the administration burden and complexity ofconfiguring hosts on a TCP/IP-based network, such as a privateintranet Answer: Dynamic Host Configuration Protocol (DHCP) These are network devices built into the IT infrastructure and they stand between public and internal networks. Answer: Network-based firewall This method of firewall filtering analyzes the header of every packet and checks if it matches the configured rules. Answer: Packet Filtering Which one is the third step when creating Firewall Inbound Rules? Answer: Choose if the rule will apply to connections for All programs or a specific program on the local machine and click Next. You can click Customize… to select additional settings for the processes of the program you selected. In Manual software updates deployment, a set of software updates is selected the SCCM console and these updates are deployed to the target collection. Answer: True Which one is the second step when creating Firewall Inbound Rules? Answer: Click on New Rule… to start the New Inbound Rule Wizard.The wizard will let you choose the type of rule you want to create. You can choose one out of four types. Automatic software updates deployment is configured by using automatic deployment rules. This method is used for deploying monthly software updates and for managing definition updates. Answer: True Token Requests/sec Monitors the number of incoming federation metadata requests sent to the federation server Answer: False Artifact Resolution Requests/sec Monitors the number of requests to the artifact resolution endpoint per second that are sent to the federation server Answer: True Federation Metadata Requests Monitors the number of token requests sent to the federation server including SSOAuth token requests per second. Answer: False This view of resource monitor provides information on connections on the basis of local address, port, and remote address and port. Answer: TCP Connections This policy determines the maximum event forwarding rate in events per second. If this policy is not configured, events will be transmitted as soon as they are recorded. Answer: Configure Forwarder Resource Usage Proxy MEX Requests/sec Monitors the number of incoming MEX requests per second that are sent to the federation server proxy. Answer: True ____________ enables you to access recorded event information. Answer: Event Viewer Proxy MEX Requests Monitors the number of incoming WS-Metadata Exchange (MEX) requests that are sent to the federation server proxy. Answer: True ____________ is the successor to Network Monitor. You can use this to perform network traffic capture and analysis. Message Analyzer also functions as a replacement for LogParser Answer: Message Analyzer Proxy MEX Requests/sec Monitors the number of incoming WS-Metadata Exchange (MEX) requests that are sent to the federation server proxy. Answer: False Proxy Requests Monitors the number of incoming requests sent to the federation server proxy. Answer: True This view of resource monitor lists the ports and addresses that services and applications are listening on. Also provides information about the firewall status for these roles and services. Answer: Listening Ports Artifact Resolution Requests Monitors the number of requests to the artifact resolution endpoint per second that are sent to the federation server. Answer: False This view of resource monitor Lists network activity on a per-process basis,but also lists the destination address, sent bits per second,received bits per second, and total bits per second. Answer: Network Activity This policy enables you to set the location of the collector computer. Answer: Configure Target Subscription Manager Federation Metadata Requests Monitors the number of incoming federation metadata requests sent to the federation server. Answer: True This view of resource monitor lists processes by name and ID; and provides information on bits sent per second,bits received per second, and total bits per second. Answer: Processes With Network Activity Token Requests Monitors the number of token requests sent to the federation server including SSOAuth token requests. Answer: True _________ enables you to monitor how a computer running the Windows Server 2012 and Windows Server 2012 R2 operating system uses CPU, memory, disk, and network resources. Answer: Resource Monitor _________________ enable you to create customized views of events across any event log stored on a server, including events in the forwarded event log. Answer: Event log views The _________________________ feature distributes traffic across several servers by using the TCP/IP networking protocol. By combining two or more computers that are running applications in Windows Server 2012 into a single virtual cluster Answer: Network Load Balancing (NLB) In Automatic software updates deployment, a set of software updates is selected the SCCM console and these updates are deployed to the target collection. Answer: False A network firewall is also referred to as a gateway firewall, or an application firewall. It stands between the internet and the devices in the private network. Answer: False This command sets the RSS properties onthe network adapter that you specify. Answer: Set-NetAdapterRss RSS is the ability to group packets together to minimize the header processing that is necessary for the host to perform. A maximum of 64 KB of received payload can be coalesced into a single larger packet for processing. Answer: False The __________ implements protocols suchas TCP/IP and UDP/IP. These layers expose the transport layerinterface for layers above them. Answer: protocol stack distributes incoming network I/O packets among logical processors so that packets which belong to the same TCP connection are processed on the same logical processor, which preserves ordering Answer: RSS System Drivers are typically clients that use a transport data extension (TDX) or Winsock Kernel (WSK) interface to expose interfaces to user-mode applications. The WSK interface was introduced in Windows Server® 2008 and Windows Vista, and it is exposed by AFD.sys. The interface improves performance by eliminating the switching between user mode and kernel mode Answer: True Set-NetAdapterRss command sets the RSS properties onthe network adapter that you specify. Answer: True Get-NetAdapterRss command retrieves RSS properties of the network adapter that you specify. Answer: True Enable-NetworkAdapterRss command enables RSS on the network adapter that you specify. Answer: False This is the lowest layer in the networkstack, and contains the network driver that communicates directlywith the network adapter. Answer: Network interface _________________ exposes interfaces for the driver below it and for the layers above it,such as the Protocol Stack. Answer: Network Driver Interface Specification (NDIS) System Drivers is the lowest layer in the networkstack, and contains the network driver that communicates directlywith the network adapter. Answer: False This command enables RSS on the network adapter that you specify. Answer: Enable-NetAdapterRss Disable-NetworkAdapterRss command disables RSS on the network adapter that you specify. Answer: False _____________________________ typically contain applications that require very fast inter-process communication (IPC) and inter-computer communications, a high degree of predictability regarding latency and transaction response times, and the ability to handle very high message rates. Answer: Low-latency workloads technologies __________________ distributes incoming network I/O packets among logical processors so that packets which belong to the same TCP connection are processed on the same logical processor, which preserves ordering Answer: Receive Side Scaling (RSS) RSS is a network driver technology that enables the efficient distribution of network receive processing across multiple CPUs in multiprocessor systems. Answer: True Packet Stack is the lowest layer in the network stack, and contains the network driver that communicates directly with the network adapter. Answer: False Network adapters that support this can target their interrupts to specific logical processors. Answer: Message-Signaled Interrupts (MSI/MSI-X) Network-based firewall are network devices built into the IT infrastructure and they stand between public and internal networks. Anetwork-based firewall can be a hardware device or a virtual solution. Answer: True This command disables RSS on thenetwork adapter that you specify. Answer: Disable-NetAdapterRss The network stack implements protocols such as TCP/IP and UDP/IP. These layers expose the transport layerinterface for layers above them. Answer: False These are typically clients that use a transport data extension (TDX) or Winsock Kernel (WSK) interface to expose interfaces to user-mode applications. Answer: System Drivers Network-based firewall runs on individual systems, physical or virtual. It is a piece of software installed on an operating system which stands between the host and other network devices. Answer: False