Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

Mastering Windows Security and Hardening > Server Infrastructure Management > Flashcards

Server Infrastructure Management Flashcards

(11 cards)

Start Studying
1
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the purpose of using a tiered access model for privileged access?

A

To isolate and build layers of containment between the Windows systems through the directory structure; prevent escalation across tiers by provisioning access to privileged identities only to the tier they need access to

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How is a tiered access model implemented?

A

Through AD OU’s; A hierarchal design that is divided into three or more parent containers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the most important tier in a tiered access model?

A

Tier 0; contains the systems, accounts, and security groups of the highest security concern, such as domain controllers (DCs), Azure AD Connect servers, and identity management systems;

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

How should access to tier 0 in a tiered access model be secured?

A

Deploy a PAM solution to include password rotation, an approval request flow
process, auditing logs, session recording or Azure PIM if in the cloud

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What would be considered tier 1 in a tiered access model?

A

Contains systems such as business servers, file servers, web application servers, and database servers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How should access to tier 1 in a tiered access model be secured?

A

Use PAM or PIM; Using a top down approach, admins with access to tier 0 will be able to access tier 1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

How should the OUs be structured in a tiered access model?

A

When architecting the organizational structure of the tiered model, create a child OU nested under the tier 1 parent and label them by business unit (BU), application name, or function to create
a descriptive structure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What does tier 2 in a tiered access model contain?

A

Common devices; end-user machines

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are additional best practices to secure access to windows resources?

A
  • For RDP and interactive logons, allowed sources should be restricted to a privileged
    access workstation (PAW), trusted device, or isolated management environment,
    preferably requiring a form of passwordless or biometric authentication, or multi-factor authentication (MFA).
  • Network restrictions should be considered for tier 0 access scenarios by restricting
    RDP connections and other management ports to sources from known virtual
    networks (VNets), subnets, and workstations.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are best practices to secure access?

A
  • Enforce/require MFA for all cloud resrouces and implement MFA tool for on prem
  • Deploy a PAM or PIM for Just-In-Time access
  • Efficient account provisioning/deprovisioning - automation
  • Monitor/Audit privileged accounts
  • Separate administrative accounts with regular users’ accounts and limit number of admins
  • Limit access to email and internet browsing when applicable from privileged
    systems.
  • Enforce strict fine-grained password policies on administrative accounts.
  • Limit the amount of emergency “backdoor” accounts
  • Ensure any changes to the environment go through an approval process by a change
    advisory board.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Mastering Windows Security and Hardening (8 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions