1212 Ch6.5-7.1: User Account Control (UAC) Overview

Questions and Answers

What is the purpose of enabling the Audit: Force audit policy subcategory settings?

• To allow all users to perform administrative tasks
• To disable audit policies completely
• To enhance user interface settings
• To prevent conflicts between similar auditing settings (correct)

What is the main function of User Account Control (UAC)?

• To disable all user accounts except administrators
• To allow all applications to run without any prompts
• To generate alerts requiring administrative privileges for certain tasks (correct)
• To manage user passwords

Which statement is true regarding standard user accounts?

• They possess minimum rights and privileges for basic tasks (correct)
• They have full administrative capabilities
• They can perform all basic tasks without restrictions
• They can modify security policies for the entire computer

Which UAC concept requires explicit approval to elevate privileges?

Admin Approval Mode (D)

Why is it recommended for administrators to log in using a standard user account?

To improve system security (D)

What is a characteristic of the built-in administrator account during a new installation?

It is disabled by default (C)

What happens to the built-in administrator account if there is at least one other administrator account?

It becomes inactive and cannot be used (C)

What happens to actions requiring privilege elevation when logged in as a standard user?

They are automatically denied. (B)

What is the effect of turning off User Account Control (UAC)?

It allows all user actions without prompts. (C)

Which Group Policy setting corresponds to 'Always Notify' UAC level?

Prompt for consent on the Secure Desktop. (D)

Which UAC setting allows notification only for non-Windows binaries?

Prompt for consent without dimming Desktop. (D)

What must be done after using Group Policies to turn off UAC?

Reboot the system. (B)

When managing UAC on a local device, what interface is commonly used?

Control Panel. (A)

For an organization's network with many Windows systems, which method is suggested for managing UAC settings?

Group Policy settings. (C)

What is the UAC behavior for standard users when prompted for elevation?

Prompt for credentials. (B)

What happens to administrators in Admin Approval Mode when UAC is disabled?

They elevate without prompting. (C)

What happens when a standard user attempts to perform a task that requires administrative privileges?

The system requests privilege elevation and prompts for administrator credentials. (A)

How many access tokens are generated when an administrator logs onto the system?

Two access tokens, one for standard user and one for administrator. (B)

What is the most secure UAC setting recommended?

Always notify. (B)

Which UAC setting prompts users to respond when programs attempt to make changes but does not dim the desktop?

Notify me only when apps try to make changes (do not dim the desktop). (A)

What does the access token control?

The type of actions that the user can perform on the system. (A)

What occurs if the user does not respond to a UAC prompt within 150 seconds?

UAC automatically denies the request. (D)

Which user account type must confirm tasks that require privilege elevation?

Administrators must confirm the use of their administrative token. (C)

What happens when 'Never notify' is selected as the UAC setting?

All actions are executed without UAC prompts. (B)

What does a standard user access token indicate?

The user account is limited to standard permissions. (B)

Flashcards are hidden until you start studying

Study Notes

User Account Control (UAC)

• UAC is a security feature that prompts users for administrator privileges when necessary.
• Standard users have limited access, while administrators can perform any action.
• Administrators should log in as standard users for security purposes.
• UAC elevates privileges for applications that require administrator access.
• UAC prompts users for confirmation in Admin Approval Mode.
• UAC can be disabled, but this is not recommended.

UAC Concepts

• UAC levels are configured in Control Panel.
• The "Always notify" setting is the most secure.
• "Notify me only when apps try to make changes to my computer" prompts only for changes to system or Windows settings.
• "Never notify" disables UAC prompts completely.
• UAC prompt settings can be configured in Group Policies.

UAC Levels

• Always notify: Secure desktop displays for 150 seconds, user must approve actions.
• Notify me only when apps try to make changes to my computer: Prompts only for system modification attempts.
• Notify me only when apps try to make changes to my computer (do not dim the desktop): Same as previous, but without secure desktop.
• Never notify: No UAC prompts, all actions executed without approval.

Additional Settings

• User Account Control: Only elevate executables that are signed and validated: Requires PKI signature verification for applications requesting elevation.
• User Account Control: Only elevate UIAccess applications that are installed in secure locations: Applications with UIAccess integrity must be installed in secure locations, such as Program Files and Windows\system32.
• User Account Control: Run all administrators in Admin Approval Mode: Enables Admin Approval Mode for all administrator accounts, requiring confirmation for elevated actions.
• User Account Control: Switch to the secure desktop when prompting for elevation: Determines whether the UAC prompt displays on the user's standard or secure desktop.