Shared Flashcard Set

Details

Windows Server 2008 & 2008 R2
Install Manage and Master OS
39
Computer Networking
Professional
01/17/2012

Additional Computer Networking Flashcards

 


 

Cards

Term
Schema
Definition
_____ is an Active Directory component that defines all the objects and attributes that the directory service uses to store data, and it includes a list of properties that can be used to describe the objects. You can think of it as a set of blueprints for each of the objects. a ______ definition for a user object can be used to create a user object.
Term
Objects
Definition
______ are Real-world items in Active Directory such as: computers, users, printers and groups. These _______ can be managed with AD DS (Active Directory Domain Services) All _______ have properties that can be configured.
Term
Global Catalog
Definition
______ ______ is a listing of all objects in the entire forest. It is searchable and used by different applications to search AD Domain Services for specific objects. It is hosted on the domain controllers that are designated as the ______ ______ server. There is only one per forest.
Note: to prevent it from becoming too large the properties are limited to a subset.
Example: users may have 100 properties but only 10 are included.
Term
LDAP (Lightweight Directory Access Protocol)
Definition
Active Directory uses the _ _ _ _ to uniquely identify each object within the directory.(DN: Distinguished name.
Note: CN: Common name
Note: DS is Domain service AKA Domain Controller
Term
Operations master roles
Definition
The five _____ _____ roles are assigned automatically when the first domain controller in a given domain is created Forest-wide ______ ______ roles must appear only once in every forest. Domain-wide ______ ______ roles must appear once in every domain in the forest.
Every forest must have the following roles:
Schema master
Domain naming master
Every domain in the forest must have the following roles:
Relative ID (RID) master
Primary domain controller (PDC) emulator master.
Infrastructure master

These roles must be unique in each domain. This means that each domain in the forest can have only one RID master, PDC emulator master, and infrastructure master.
Term
Schema master
Definition
The ______ ______ domain controller controls all updates and modifications to the schema. To update the schema of a forest, you must have access to the ______ ______. There can be only one in the entire forest.
Term
Domain naming master
Definition
One of five
Forest-wide operations master roles.
The domain controller holding the ______ ______ ______role controls the addition or removal of domains in the forest. There can be only one in the entire forest.
Term
RID master - Relative ID (RID) master
Definition
One of five
Forest-wide operations master roles.
The _____ master allocates sequences of relative IDs to each of the various domain controllers in its domain. At any time, there can be only one domain controller acting as the _____ master in each domain in the forest.

Whenever a domain controller creates a user, group, or computer object, it assigns the object a unique security ID (SID). The SID consists of a domain SID, which is the same for all SIDs created in the domain, and a (_ _ _), which is unique for each SID created in the domain.

To move an object between domains (using Movetree.exe), you must initiate the move on the domain controller acting as the (_ _ _)master of the domain that currently contains the object.
Term
PDC emulator operations master
Definition
One of five
Forest-wide operations master roles.
The PDC _____ ______ master processes password changes from client computers and replicates these updates to all domain controllers throughout the domain. At any time, there can be only one domain controller acting as the ___ ______ master in each domain in the forest.
The domain controller configured with the PDC ______ ______ master role supports two authentication protocols:
The Kerberos V5 protocol
The NTLM protocol
Note: PDC Primary Domain Controler
Term
Infrastructure master
Definition
One of five
Forest-wide operations master roles.
At any time, there can be only one domain controller acting as the ______ ______ in each domain. The ______ ______ is responsible for updating references from objects in its domain to objects in other domains. The ______ ______ compares its data with that of a global catalog. Global catalogs receive regular updates for objects in all domains through replication, so the global catalog data will always be up to date. If the ______ ______ finds data that is out of date, it requests the updated data from a global catalog. The infrastructure master then replicates that updated data to the other domain controllers in the domain.
The ______ ______ is also responsible for updating the group-to-user references whenever the members of groups are renamed or changed.
Term
OU (Organizational unit)
Definition
______ ______ are used to organize objects within Active Directory. you can think of an _ _ simply as a container for the objects within AD.
You can delegate permissions to an _ _ and you can link Group Policy to an _ _.
Term
Distribution group and
Security group
Definition
Active Directory has two basic group types. They are:
______ group and
______ group
Term
Distribution group
Definition
One of two AD basic group types:
A ______ ______ is used to group a number of objects together that will be addressed collectively. A mail server can present the ______ _____ to users as a email destination.
Term
Security group
Definition
One of two AD basic group types:
A ______ ______ is used to assign permissions or rights to an object or a set of objects. This allows AD to become not only your single authentication mechanism for your network but also your authorization mechanism.
Term
Domain local group
Definition
One of three AD basic group scopes:
A ______ _____ _____ is intended to be used only within the domain that it was created in. It can contain user/computer accounts, global groups and universal groups from any domain in the forest and domain local groups from the same domain.
Term
Global group
Definition
One of three AD basic group scopes:
This is the default scope when you create a group in AD. A _____ _____ can be used by computers within the domain that it is a member of and by members of other domains in the AD forest. It can contain user/computer accounts from the domain that the _____ _____ is created in.
Term
Universal group
Definition
One of three AD basic group scopes:
A ______ _____ is stored on domain controllers that are configured as global catalogs. This implies that the ______ _____ is replicated to domains across the entire forest. That allows a ______ _____ not only to be used by all computers in the forest but also to contain members from any domain within the forest. Single-domain networks do not really need ______ _____s because there isn't much use for them. ______ _____s can contain user/computer accounts, global groups, and other ______ _____s from any domain in the forest.
Term
External trust (Non-transitive)
Definition
One of four domain trusts.
______ _____ are domain-to-domain trust. If you want a domain in a forest to trust a domain outside the forest(external domain)then you build an ______ _____.
Term
Shortcut trust (Transitive)
Definition
One of four domain trusts.
______ _____ speed up authentication. It is a transitive trust between a domain in the same domain tree or forest that shortens the trust path in a large and complex domain tree or forest.
Term
Forest trust (Transitive)
Definition
One of four domain trusts. ______ _____ is a transitive trust between a forest root domain and a second forest root domain. Once done every domain in the first forest trust every domain in the second forest.
Term
Realm trust (Non-transitive)
Definition
_____ _____ allow trust relationships with Unix systems that use Kerberos for authentication. (What Microsoft calls domains Unix call realms.)
Term
Transitive trust (Understanding Trust Transitivity)
Definition
______ _____ determines whether a trust can be extended outside the two domains between which the trust was formed. You can use a ______ _____ to extend trust relationships with other domains. You can use a non-transitive trust to deny trust relationships with other domains. http://technet.microsoft.com/en-us/library/cc754612.aspx
Term

Forest

Definition

In accordance with DNS naming standards, Active Directory domains are created in an inverted tree structure.

When it is necessary for domains in the same organization to have different namespaces, create a separate tree for each namespace. Two or more trees with different names makes a forest.

 

[image]

Term
NAME RESOLUTION METHODS
Domain Name System(DNS)
Definition

NAME RESOLUTION METHOD

_____ _____ _____ (_ _ _ )

  • Preferred Method for name resolution
  • Supports IPv4 and IPv6
Term
NAME RESOLUTION METHODS NetBIOS
Definition
Features:
·Enabled by default
·Supports most older versions of Windows
·Support LMHOSTS local resolution
·Can use a WINS server
Drawbacks:
·Only supports IPv4
·Uses broadcasts
·15 Character Maximum
·Local Subnet only without WINS
Term
NAME RESOLUTION METHOD: LINK LAYER MULTICAST NAME RESOLUTION (LLMNR)
Operating System Support
·Windows Vista and Windows 7
·Windows Server 2008 and R2
Definition
NAME RESOLUTION METHOD:
____ _____ _____ _____ _____ (_ _ _ _ _)

Drawbacks:
·Works within local subnet only
·Differences in behavior based on operating system
·No support for Windows XP, Windows Server 2003 and earlier
·Disabled via Group Policy
·IPv6 must be enabled
Features:
·Multicast
·IPv4 and IPv6 Name resolution
·Low overhead
·Smaller attack surface
·Should be used before NetBIOS when both LLMNR and NetBIOS are available.
Term
FULLY QUALIFIED DOMAIN NAME (FQDN)
Definition
____ ____ ____ ____ (_ _ _ _)
References a host:
·Hostname
·Doname name
·Top Level Domain
·Can Contain Subdomains
[image]
Term
Steps 1 - 5 DNS Request Process
Definition
Step 1: Enter www.microsoft.com in your browser and hit enter.
Step 2: A DNS query is sent to the local resolver on the PC. The local resolver check the local DNS cache.
Step 3: If there is no match in step 2 a query is sent to the primary DNS server if one is configured and it is available.
Step 4: The DNS server checks to see if it can authoritatively answer the query. This means “does the DNS server have a zone configured and a resource record that answers the query?”
Step 5: If no match was found in step 4 the DNS server checks its local DNS cache.
Term
Recursion
Definition
__________:
•Client sends a ________ request to a DNS server
•DNS server completes query on behalf of the DNS client and sends result back to client.
Term
Iteration
Definition
__________:
Used by DNS server when contacting other DNS servers
•Receives referral from one server and directly queries the server listed in the referral.
•One DNS server does most of the work
Term
Root Hints
[image]
Definition
____ _____
•Used during recursion
•Gives DNS a starting point
•Can be modified for private namespaces
•Stored in Windows \System32 \DNS\Cache.dns
•Loaded when DNS service starts
Term
Steps 6 - 9 DNS Request Process
Definition
Step 6: Based on the configuration of the DNS server a query is sent to a root server.
Step 7: The root server responds with a referral to a top level DNS server.
Step 8: The original DNS server that the query was first sent to takes the referral and sends a request to the top level DNS server. In this example .com.
Step 9: The .com. DNS server sends a referral to the microsoft.com DNS server.
Term
Steps 10 - 12 DNS Request Process
Definition
Step 10: Again the original DNS server takes the referral and sends a query to the microsoft.com DNS server.
Step 11: Since the DNS server is authoritative for microsoft.com it is able to respond with the Host resource record that contains the IP address for www.microsoft.com.
Step 12: The original DNS server responds to the client query with the IP address to www.microsoft.com
Term
Forward and Reverse Lookup Zones
Definition
_____ & ______ Look up Zones
Forward Lookup
·Translates a name to an IP address
·Most commonly used zone type

Reverse Lookup
·Translates an IP address to a name
·Zone name ends with in-addr.arpa
Term
DNS Forwarders
Definition
DNS _________ forwards DNS query to another DNS server instead of using Root Hints.
Request Process is:
•DNS Server receives query
•DNS Server checks locally hosted zones
•DNS Server checks local server cache
•DNS Server forwards query to first DNS server listed on the _______ tab
Term
Conditional Forwarders
Definition
______ Forwarders:
•Forwards queries for a specific domain name to specific DNS servers
•Often used to improve performance for DNS resolution of partner domain names and resources
Term
3 DNS Zone Types
Primary
Secondary
Stub
Definition
There are 3 DNS Zone Types
Term
Resource Records
Definition
______ ______ are:
Database entries used to answer queries
•SOA – Start of Authority
•NS – Name Server
•A or AAAA (HOST)
•PTR (Pointer)
•CNAME (Alias) – Canonical Names
•SRV (Service Locator)
•MX (Mail Exchanger)
Term
NAT
Definition
Network Address Translation
Supporting users have an ad free experience!