Chapter 3 Flashcards Preview

Systems Infrastructure > Chapter 3 > Flashcards

Flashcards in Chapter 3 Deck (60):
1

What does UAC stand for?

User Account Control

2

How do you disable UAC for a specific user account?

You cannot.

3

What is the differance between a Workgroup and a Domain.

Workgroups are decentralized, Domains are centralized.

4

What is the Computer Management Console?

One of the primary tools used to manage windows 7 that includes the most commonly used MMC snap-ins.

5

What are the built in accounts in windows that services start under?

Local System, NT authority/LocalService, NT authority/Network service

6

What level of access does the Local System account have (related to services)?

Highly privledged account that can access most resources on local computer.

7

What level of access does NT Authority/Local Service have?

The same as a user account, when accessing network services it has no credentials and a null session

8

What level of access does NT authority/NetworkService have?

The same level of access as the Users Group on the local computer, and it accesses network resources under the context of a Local Computer Account

9

What does the Server Service do?

Supports file, print, and named-pipe sharing over the network.

10

What does the Workstation service do?

Creates and maintains client network connections to remote servers using the SMB protocol (allows you to share folders via samba)

11

What is Authentication?

The process of indentifying an individual (E.G. via a password)

12

What is Authorization?

The process of giving individuals access to system objets based on their indentity

13

What is Auditing

The process of keeping track of a users activity while accessing the network resources.

14

What does a user account allow the system to do?

It allows the system to determine what a user can access and how they can access it (Authorization) and to audit a user by recording what was done on each individual user account.

15

What are the three ways to authenticate a user?

Based off What they know (password) What they own/possess (ID card) What they are (biometrics.

16

What are the two types of user accounts.

Local and Domain.

17

What is an object?

An object is a distinct named set of attributes or characteristics that represent a network resource.

18

What is the security table created on the local user account called?

SAM

19

SAM

Security Accounts Manager

20

What is a GUID?

It is called a globally unique identifier sometimes referred to as security identifier. It is to uniquely identify an object.

21

Where can you create and edit a user account?

User accounts in the control panel AND The Local Users and Groups MMC snap-in

22

What are windows computer accounts for?

It provides a mean for authenticating and auditing the computers access to a windows network and its access to domain resources.

23

What is a user profile?

A collection of folders and data that store the users current desktop environment and application settings.

24

What is a group?

A group is a collection or list of user accounts or computer accounts.

25

what are the Roles of a Domain admin?

Can perform administrative tasks on any computer within the domain. By default, the Admin account is a member.

26

What is a user profile?

A collection of folders and data that store the users current desktop environment and application settings, and records all network connections.

27

What can Account operators do?

They can create, delete, and modify user accounts and groups.

28

What can Backup operators do?

They can backup and restore all files using Windows Backup

29

What does Credential Manger do?

It allows you to store credentials I.E. Usernames and passwords that you use to logon to websites or other computers on a network. This allows windows to automatically log you into websites/computers. Credentials are saved in special folders called vaults.

30

What does the Authenticated users group include?

It includes all users with a valid user account on the computer or in Active Directory.

31

What is the built in group Everyone

All users who access the computer even if the user does not have a valid account.

32

What does a Directory Service do?

It stores, organizes, and provides access to information in a directory. It's used for locating, managing, administering, and organizing common items and network resources such as volumes, folders, files, printers, users, groups, devices, telephone numbers, and other objects. AD is an example of a Directory Service.

33

What is the definition of Group Policy?

It is one of the most powerful features of Active Directory that controls the working environment for user accounts and computer accounts. It provides the centralized management and configuration of operating systems and applications.

34

Active Directory provides what network services?

LDAP Kerberos-based and SSO authentication DNS-based naming and other network information Central location for network administration and delegation of authority.

35

What is LDAP?

Lightweight Directory Access Protocol

36

SSO

Single sign-on authentication

37

What does the GPO system settings control?

Application settings, desktop appearance, and behavior of system services.

38

What does the GPO security settings control?

Local computer, domain, and network security settings

39

What does The GPO software installation settings control?

Management of software installation, updates and removal.

40

What is LDAP?

It's an application profile used for querying and modifying data using directory services over TCP/IP. It users TCP port 389

41

What does the GPO scripts settings control?

Scripts for when a computer starts or shuts down and when a user logs on and off.

42

What is SSO?

It allows you to login once, but access multiple related but independant software systems without having to login again. With AD, you are assigneda token which can be used to login to other systems automatically.

43

What does the GPO folder redirection settings control?

Storage for users folders on the network.

44

What does GPO stand for?

Group policy Objects are collections of user and computer settings.

45

What is Kerberos?

It's a computer network authentication protocol which allows hosts to prove their indentity over a non-secure network in a secure manner. It can also provide mutual authentication so that both the user and server verify each other's indentity.

46

What does Active Directory do?

It allows you to organize all your network resources E.G. users, groups, printers, computers, and other objects so you can assign passwords, permissions, rights, and so on to the intendity that needs it. You can also assign who can manage a group of objects.

47

What is a domain?

A logical unit of computers and network resources that defines a security boundry, that uses a single AD database to share its common security and user account information.

48

What is the Account lockout duration?

It ranges from 1 to 99,999

49

What is a tree?

Domains linked in a transistive trust Heirarchy

50

what is the Account lockout threshold?

How many failed log-ons it will take until the account becomes locked. Ranges from 1 to 999

51

What is a forest?

A collection of Domain Trees

52

What is a Domain Controller?

A promoted windows server that stores a replica of the account and security information of a domain and defines the domain boundries.

53

What is the Reset account lock out counter after?

How long does it take after a failed logon attempt before the counter tracking failed logons is reset to zero. Range is 1 to 99,999

54

What MMC snap-ins are added to a domain controller?

AD Users and Computers AD Domains and Trusts AD Sites and Services AD Administrative center GPMC

55

UPN

User Principal Name

56

AD DS

Active directory Domain Services

57

What is the definition of Minimum password length?

Determines the minimum number of characters that a users password must contain you can set a value between 1 to 14.

58

GPMC

Group Policy Management Console

59

What is a server that is not running as a domain controller?

A member Server

60

What happens when a user logs on?

AD clients locate an AD server (Using DNS SRV resource records) known as a domain controller in the same site as the computer.