Windows Basics II

Question 1

How do you determine how many users are on a system?

Answer 1

net users

Question 2

How do you determine how many users have administrative privileges?

Answer 2

net localgroup Administrators

Question 3

What command can be used to display and set the user policy settings on a local computer?

Answer 3

net accounts

Question 4

True or False: The default Administrator account cannot be deleted or locked out, but it can be renamed or disabled?

Answer 4

True

Question 5

What local group gives its members on a local server “Full Control” permissions on that computer?

Answer 5

Administrators

Question 6

What other local account has the same functional rights and permissions as the Administrator account?

Answer 6

System

Question 7

How do you find out the minimum password length for users on a system?

Answer 7

net accounts

Question 8

How do you find out which local users are disabled?

Answer 8

wmic useraccount get Name,Disabled

Question 9

What Windows command allows you to run a command as another user?

Answer 9

runas

Question 10

What option of cmd.exe carries out the command and then terminates?

Answer 10

/c

Question 11

What’s the syntax for rdesktop?

Answer 11

rdesktop -u USERNAME -p PASSWORD IP

Question 12

What’s the syntax for runas?

Answer 12

runas /user:HOSTNAME\Administrator cmd.exe

Question 13

What value is used to uniquely identify a security principal that can be authenticated by the system?

Answer 13

SID (Security Identifier)

Question 14

What is the name of a protected object that contains information about the identity and user rights associated with a user account?

Answer 14

access token

Question 15

What local system is responsible for creating an access token for a user after successful authentication?

Answer 15

Local Security Authority (LSA)

Question 16

What is the base command used to manage local users and groups?

Answer 16

net

Question 17

What’s an example of a well-known SID that belongs to the Everyone group?

Answer 17

S-1-1-0

Question 18

What command can be used to display and set the user policy settings on a local computer?

Answer 18

net accounts

Question 19

True or false: The default Administrator account cannot be deleted or locked out, but it can be renamed or disabled?

Answer 19

True

Question 20

What local group gives its members on a local server “Full Control” permissions on that computer?

Answer 20

Administrators

Question 21

What other local account has the same functional rights and permissions as the Administrator account?

Answer 21

System

Question 22

What Windows command allows you to run a command as another user?

Answer 22

runas

Question 23

What option of cmd.exe carries out the command and then terminates?

Answer 23

/c

Question 24

What file permission permits reading and writing of the file and also allows for deletion of the file?

Answer 24

modify

Question 25

What folder permission permits reading, writing, changing, and deleting of files in a folder as well as its subfolders?

Answer 25

full control

Question 26

What is the icacls abbreviation that means that files created inside this folder will inherit this ACE?

Answer 26

OI (Object Inherit)

Question 27

True or False: You only need read permissions on a script to execute it.

Answer 27

True

Question 28

How do you give another user full control using Windows command line?

Answer 28

icacls PATH/FILE /grant USER:(F)

Question 29

What process is responsible for handling windows logon?

Answer 29

winlogon.exe

Question 30

What process runs the user's Windows GUI shell?

Answer 30

explorer.exe

Question 31

What process always has a PID of 4?

Answer 31

System

Question 32

What is the common extension for libraries in Windows?

Answer 32

dll

Question 33

In what full path can we find 32-bit libraries on a 64-bit system?

Answer 33

C:\Windows\SysWOW64

Question 34

Which hive is used to access information about the current user?

Answer 34

HKCU

Question 35

Under what key would you find information about the security account manager (SAM)?

Answer 35

HKLM

Question 36

What is the name of the extra backup file belonging to HKEY_LOCAL_MACHINE\System?

Answer 36

System.alt