Term
| (T/F) Domains are a logical grouping of resources. |
|
Definition
|
|
Term
| What do you use to configure the RID Master, Infrastructure Master and PDC Emulater? |
|
Definition
| Active Directory Users and Computers |
|
|
Term
| What do you use to configure the Domain Naming Master? |
|
Definition
| Active Directory Sites and Services |
|
|
Term
| What do you use to configure the Schema? |
|
Definition
|
|
Term
| What helps decentralize administrative control? |
|
Definition
|
|
Term
| How does moving an OU affect permissions? |
|
Definition
- Permission assigned directly to OU will remain
- Permissions inherited are removed are replaced with permissions inherited from new parent OU or domain
|
|
|
Term
| What must happen for two forests to establish a two-way trust? |
|
Definition
| Must be created manually from both sides |
|
|
Term
| What are things to consider when planning user accounts? |
|
Definition
- Account naming
- Choosing passwords
- Account names must be between 1-20 characters
- Account names are not case sensitive
|
|
|
Term
| What allows users to have the same working environment on any computer? |
|
Definition
|
|
Term
| What are Security groups stored as? |
|
Definition
|
|
Term
| Allowed permissions are ________. |
|
Definition
|
|
Term
| What displays real-time performance data? |
|
Definition
|
|
Term
| What records data from performance counters over a period of time? |
|
Definition
| Performance Logs and Alerts |
|
|
Term
| What are the three parts of Performance Logs and Alerts? |
|
Definition
- Counter logs
- Trace logs
- Alerts
|
|
|
Term
| What captures statistics for specific counters? |
|
Definition
|
|
Term
| What records information when events occur? |
|
Definition
|
|
Term
| What performs an action when a counter reaches a specified value? |
|
Definition
|
|
Term
| What is used to rebuild a DC that has been damaged, using Active Directory information from other DCs? |
|
Definition
|
|
Term
| What is used to recover Active Directory objects that have been accidentally deleted? |
|
Definition
|
|
Term
| What allows you to automatically assign IP addresses, subnet masks, and other configuration information to client computer on a local network? |
|
Definition
|
|
Term
| (T/F) Only DCs and Domain Member servers participating in Active Directory can be authorized. |
|
Definition
|
|
Term
| What is a pool of IP addresses within a logical subnet that the DHCP server can assign to clients? |
|
Definition
|
|
Term
| What are the characteristics of a reservation? |
|
Definition
- Permanent address lease
- Hardware device on subnet can always use same IP address
|
|
|
Term
| What utility checks port availabiliy? |
|
Definition
|
|
Term
| What utility queries DNS for proper functioning? |
|
Definition
|
|
Term
| What is a command-line tool used determine the state of a server? |
|
Definition
|
|
Term
| What utility is designed to troubleshoot NETBIOS name resolution problems? |
|
Definition
|
|
Term
| What utility displays protocol statistics and current TCP/IP connections? |
|
Definition
|
|
Term
| What allows people to connect by specifying a name instead of having to remember an IP address? |
|
Definition
|
|
Term
| What should you use Security baselines for? |
|
Definition
- Each computer role (Desktop systems, Printer servers)
- Major server roles (DCs)
|
|
|
Term
| What is a software-based traffic analysis tool to capture, filter, and display frames directly from the network? |
|
Definition
|
|
Term
| What are the two components of Network Monitor? |
|
Definition
- Network Monitor
- Network Monitor Driver
|
|
|
Term
| (T/F) Too many scripts can cause issues. |
|
Definition
|
|
Term
| Name the five FSMO Roles. |
|
Definition
- Domain Naming Master
- Relative Identifier (RID) Master
- Infrastructure Master
- Primary Domain Controller (PDC) Emulator
- Schema Master
|
|
|
Term
| Name the Forest-Wide Master Roles. |
|
Definition
- Schema Master
- Domain Naming Master
|
|
|
Term
| Name the Domain-Wide Master Roles. |
|
Definition
- Relative Identifier (RID) Master
- Primary Domain Controller (PDC) Emulator
- Infrastructure Master
|
|
|
Term
| Explain the difference between transferring a Master Role and seizing a Master Role. |
|
Definition
Transfer - moving with cooperation of its current owner (move role from one server to another).
Seize - moving without the cooperation of its current owner (server holding role fails and you have no intent to restore it)
|
|
|
Term
| What are three reasons to create multiple domains? |
|
Definition
- Meet security requirements
- Meet administrative requirements
- Optimize replication traffic
|
|
|
Term
| Name the five predefined containers in Active Directory. |
|
Definition
- Builtin
- Computers
- Domain Controllers
- Foreign Security Principles
- Users
|
|
|
Term
| What are the different ways to move objects between OUs? |
|
Definition
- Drag and drop
- Move menu option
- Dsmove
- Movetree
|
|
|
Term
| What is a logical relationship established between domains to allow pass-through authentication? |
|
Definition
|
|
Term
| What trust type is between two forests, requires Windows Server 2003 Forest functional level, and is transitive? |
|
Definition
|
|
Term
| What are the actions that trigger replication between domain controllers? |
|
Definition
- Creating an object
- Modifying an object
- Moving an object
- Deleting an object
|
|
|
Term
| What are the recommended methods of forcing replication? |
|
Definition
- Active Directory Sites and Services
- Repadmin
- Replmon
- Scripts
- Script
|
|
|
Term
| When would you perform a Primary Restore? |
|
Definition
| When you need to rebuild your domain. |
|
|
Term
| What are the three types of restores? |
|
Definition
- Primary
- Authoritative
- Nonauthoritative
|
|
|
Term
| What type of restore involves the system state being replicated with another DC and is brought up-to-date by replicating after data is restored? |
|
Definition
|
|
Term
| What type of restore requires that the computer be started in DSRM, then run Ntdsutil.exe and marking specific objects prior to reboot? |
|
Definition
|
|
Term
| What tools are used to monitor replication? |
|
Definition
- Windows Support Tools
- Dcdiag
- Repadmin
- Replmon
|
|
|
Term
| What is Replmon used for? |
|
Definition
- Check replication topology
- Force synchronization
- Generate status report to log file
- View Bridgehead servers
|
|
|
Term
| Where are domain user accounts stored? |
|
Definition
| In Active Directory on the DC |
|
|
Term
| How do you make a profile mandatory? |
|
Definition
| Change the name of the profile's registry file from Ntuser.dat to Ntuser.man |
|
|
Term
| What are the three profile types? |
|
Definition
|
|
Term
| What are the two group types? |
|
Definition
|
|
Term
| What are the three group scopes? |
|
Definition
- Domain Local
- Global
- Universal
|
|
|
Term
| (T/F) A user account is a security principal. |
|
Definition
|
|
Term
| What determines where in the network the group can be used to assign group permissions? |
|
Definition
|
|
Term
| What character is used to designate a "hidden" share? |
|
Definition
|
|
Term
| What are the three share permissions? |
|
Definition
|
|
Term
| Which takes precedence, Allow or Deny? |
|
Definition
|
|
Term
| Which takes precedence, file or folder? |
|
Definition
|
|
Term
| What allows permissions assigned at one folder to flow down to subsequent files and folders? |
|
Definition
|
|
Term
| What are the default permissions for a newly created share? |
|
Definition
- Administrators - Full Control
- Everyone - Read
|
|
|
Term
| Name the six logs that could be present on a Domain Controller. |
|
Definition
- Application Log
- System Log
- Security Log
- Directory Service Log
- File Replication Service Log
- DNS Log
|
|
|
Term
| What is the name of the native Windows Server 2003 backup utility? |
|
Definition
|
|
Term
| What are the two ways to open Ntbackup? |
|
Definition
- Start Menu, Accessories, System Tools
- Run, ntbackup.exe
|
|
|
Term
| What are the five backup types? |
|
Definition
- Normal (Full)
- Copy
- Differential
- Incremental
- Daily
|
|
|
Term
| What data is backed up with a Normal Backup and what is the archive bit status? |
|
Definition
- All selected data
- Clears archive bit
|
|
|
Term
| What data is backed up with a Incremental Backup and what is the archive bit status? |
|
Definition
- All files that have been modified or created since the last full or incremental.
- Clears archive bit
|
|
|
Term
| What data is backed up with a Differential Backup and what is the archive bit status? |
|
Definition
- All files that have been modified or created since the last full or incremental.
- Does not clear archive bit
|
|
|
Term
| How are leases renewed periodically? |
|
Definition
- At 50% of lease time
- Restarting
- Ipconfing /renew
|
|
|
Term
| What is a set of one or more IP addresses, included within the range of a defined scope that you do not want to lease to clients? |
|
Definition
|
|
Term
| What port does DHCP use for the Server Side? |
|
Definition
|
|
Term
| What port does DHCP use for the Client Side? |
|
Definition
|
|
Term
| What command would you use in order to get basic host computer configuration information? |
|
Definition
|
|
Term
| What are the five Security Paradigms? |
|
Definition
- Authentication
- Authorization
- Confidentiality
- Integrity
- Nonrepudiation
|
|
|
Term
| What security paradigm is used to determine exactly who sent and received the message, and what protocols are used? |
|
Definition
- Nonrepudiation
- Kerberos and IPSec
|
|
|
Term
| What security paradigm is used to keep data secret and what protocols are used? |
|
Definition
- Confidentiality
- Encryption components of Kerberos, NTLM and IPSec
|
|
|
Term
| What security paradigm is used to ensure data received is the same as data sent, and what protocols are used? |
|
Definition
- Integrity
- Kerberos, NTLM, and IPSec
|
|
|
Term
| What security paradigm is used to determine what you can do on network after authentication and what protocols are used? |
|
Definition
- Authorization
- Kerberos and NTLM
|
|
|
Term
| If traffic leaving or arriving at the device on which the policy is active matches one of the filters, the traffic is either _______, ________ or ________. |
|
Definition
| blocked, allowed, or negotiated |
|
|
Term
| What security protocol would you use for Authentication (prove you are who you say you are)? |
|
Definition
|
|
Term
| Name the three major network security protocols used in a Windows Server 2003 network. |
|
Definition
|
|
Term
| Where can Global group members come from and what can they access? |
|
Definition
- Only from local domain
- access resources in any domain
|
|
|
Term
| Where can Domain Local group members come from and what can they access? |
|
Definition
- From any domain
- Access resources only in local domain
|
|
|
Term
| Where can Universal group members come from and what can they access? |
|
Definition
- From any domain
- Access resources in any domain
|
|
|
Term
| What is the purpose of a Global group? |
|
Definition
| To organize users who share similar network access requirements. |
|
|
Term
| What is the purpose of a Domain Local group? |
|
Definition
| Used to assign permissions to resources. |
|
|
Term
| What is the purpose of a Universal group? |
|
Definition
| Used to assign permissions to related resources in multiple domains. |
|
|
Term
| When planning your OUs, what are the aspects you should keep in mind? |
|
Definition
- OUs are purely logical entities
- OUs are for delegation of administration
- OUs are for Group Policy
- OUs are for controlling object visibility
- OUs are easy to reorganize
- Each OU should have a specific need and purpose to exist
- No limit on how deep a OU tree is
- OUs are mainly administrative units
|
|
|
Term
| What does implementation of an OU structure require first? |
|
Definition
| That the administrator has the correct permission to create new OUs. |
|
|
Term
| Members of what groups have the authority to create new OUs in a domain? |
|
Definition
- Domain Admins
- Enterprise Admins
|
|
|
Term
| (T/F) Users can be delegated the appropriate permissions to create OUs. |
|
Definition
|
|
Term
| Where do you create the OU structure? |
|
Definition
| Active Directory Users and Computers console |
|
|
Term
| What are the two categories of Group Policy settings? |
|
Definition
|
|
Term
| What is a collection of user and computer configuration settings that can be linked to computers, sites, domains and OUs to specify the behavior of a users' desktop? |
|
Definition
|
|
Term
| What type of processing allows each process to finish before another one begins and must finish before desktop is displayed? |
|
Definition
|
|
Term
| What type of processing allows multiple processes to run at the same time, has faster access to the desktop, and may have access to unauthorized settings? |
|
Definition
|
|
Term
| What command is used to refresh both computer and user Group Policies? |
|
Definition
|
|
Term
| What are the two types of scripts? |
|
Definition
- Logon/Logoff
- Startup/Shutdown
|
|
|
Term
| What allows a security administrator to manually configure security levels assigned to a local or nonlocal GPO? |
|
Definition
|
|
Term
| What is a contiguous portion of a namespace for which the server is authoritative? |
|
Definition
|
|
Term
| What does it mean when no employee and no user of information systems has more privileges or access to information and resources than they need to do their job? |
|
Definition
| Principle of Least Privilege |
|
|
Term
| What are the three trust characteristics? |
|
Definition
| Trusts can be created manually (explicitly) or automatically (implicitly)
can be either transitive (not bound) or non transitive (bound)
can be one-way or two-way |
|
|
Term
| What is a collection of packet filters that enforce security policies on IP traffic? |
|
Definition
|
|
