Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
study chapter 5-7
| Question | Answer |
|---|---|
| What special identity group contains all authenticated users and domain guests? | Everyone |
| What command-line utility is used to import or export Active Directory information from a comma-separated value (.csv) file? | CSVDE |
| What is the process of confirming a user’s identity by using a known value, such as a password, pin number on a smart card, or user’s fingerprint or handprint in the case of biometric authentication? | authentication |
| What is the process of confirming that an authenticated user has the correct permissions to access one or more network resources? | authorization |
| All default groups are __________ groups. | security |
| Each object’s SID consists of two components: the domain portion and the __________. | relative identifier |
| __________ name refers to each user’s login name. | SAM account |
| What special identity group is used by the system to allow permission to protected system files for services to function properly? | Service |
| What signifies an object’s relative location within an Active Directory OU structure? | distinguished name |
| What describes the process of configuring one or more groups as members of another group? | group nesting |
| What can be defined as a password that follows guidelines that make it difficult for a potential hacker to determine the user’s password? | strong password |
| Which of the following is not a type of user account that can be configured in Windows Server 2008? | network accounts |
| You cannot manually modify the group membership of or view the membership lists of __________ groups. | special identity |
| When using CSVDE, what is the first line of the text file that uses proper attribute names? | header record |
| The two built-in user accounts that are created on a Windows Server 2008 computer are the Administrator account and the __________ account. | Guest |
| What provides a robust scripting method that supports a multitude of administrative tasks including creating Active Directory objects, mapping drives, connecting to printers, modifying environment variables, and modifying registry keys? | Windows Script Host |
| What typically consists of at least four characters or digits that are entered while presenting a physical access token, such as an ATM card or smart card? | PIN |
| __________ groups are nonsecurity-related groups created for the distribution of information to one or more persons. | Distribution |
| What can be used to add, delete, or modify objects in Active Directory, in addition to modifying the schema if necessary? | LDIFDE |
| Which of the following is not a characteristic of a strong password? | is not your birth date |
| __________ groups are a collection of user accounts that are local to one specific workstation or member server. | Local |
| Password-__________ is an attempt to discover a user’s password. | cracking |
| A password should be __________ characters in length to be considered a strong password. | 8 |
| __________ groups are used to consolidate groups and accounts that either span multiple domains or the entire forest. | Universal |
| Which of the following is a benefit of implementing a public key infrastructure (PKI)? | All of the above, Users no longer need to remember passwords. All information is stored on the smart card, making it difficult for anyone except the intended user to use or access it. Smart cards can be used in remote locations, to provide authentication |
| What is a system of digital certificates, certification authorities (CAs), and other registration authorities (RAs) that verify and authenticate the validity of each party involved in an electronic transaction through the use of public key cryptography? | PKI |
| What special identity group is used as a reduced-privilege account to allow applications to run on a server without requiring administrative access? | Network Service |
| What component issues and manages certificates for individuals, computers, and organizations? | Certification Authority |
| Administrators find that Group Policy implementation helps them to achieve __________. | centralized management |
| A __________ is an alphanumeric sequence of characters that you enter with a username to access a server, workstation, or shared resource. | password |
| What method of authentication requires a smart card and a PIN to provide more secure access to company resources? | two-factor authentication |
| What types of certificates are generated by the enterprise CA and used to generate a smart card logon certificate for users in the organization? | enrollment agent |
| What is a credit card–sized or token-style device, such as a USB device, that is used with a PIN to enable logon to the enterprise? | smart card |
| Which OU is created by default when Active Directory is installed? | Domain Controllers |
| What folder located under the Computer Configuration node in the Group Policy Management Editor contains security settings and scripts that apply to all users who log on to Active Directory from that specific computer? | Windows Settings |
| What tool allows you to utilize a simple interface to delegate permissions for domains, OUs, or containers? | Delegation of Control Wizard |
| What dedicated workstation allows an administrator or another authorized user to preconfigure certificates and smart cards on behalf of a user or workstation? | smart card enrollment station |
| What process applies Group Policy settings to various containers within Active Directory? | linking |
| What command-line tool can be used with a standard user account to reduce the risks associated with the Administrator account? | runas |
| To implement PKI, what must be installed on your Windows 2008 Server? | Active Directory Certificate Services |
| What advanced technique allows you to apply GPO settings to only one or more users or groups within a container by selectively granting the “Apply Group Policy” permission to one or more users or security groups? | security group filtering |
| Where is the certificate database located on a Certification Authority? | C:\Windows \system32\CertLog |
| Passwords for Windows Server 2008, Windows Vista, Windows Server 2003, and Microsoft Windows XP clients can be __________ characters in length. | 127 |
| The __________ Policy is linked to the domain, and its settings affect all users and computers in the domain. | Default Domain |
| Password-cracking can be accomplished by intelligent guessing on the part of the hacker or through the use of an automated __________ attack. | dictionary |
| What can be measured by tangible benefits, such as implementation costs and ongoing support? | return on investment |
| What Computer Configuration node setting includes three subcategories: Audit Policy, User Rights Assignment, and Security Options? | Local Policies |
| Which of the following is an administrative benefit of using Group Policy? | All of the above |
| What is a method of controlling settings across your network? | Group Policy |
| What policies work with folder redirection to provide the ability to cache files locally? | offline file storage |
| What policies can be used to ensure that users always have the latest versions of applications? | software installation |
| Group policy is divided into two subcategories, or nodes, that are named Computer Configuration and __________. | User Configuration |
| What separate Group Policy category allows files to be available to users, even when the users are disconnected from the network? | Offline Files |
| What directory object includes subcontainers that hold GPO policy information? | Group Policy container |
| What contains all of the Group Policy settings that you wish to implement to user and computer objects within a site, domain, or OU? | Group Policy Objects |
| What is the path to the default GPT structure for a domain? | %systemroot%\sysvol \sysvol\ domain.com\Policies |
| What Microsoft Management Console (MMC) snap-in is used to create and modify Group Policies and their settings? | Group Policy Management Console |
| What means that each policy must be read and applied completely before the next policy can be invoked? | synchronous processing |
| Configuring what setting on an individual GPO link forces a particular GPO’s settings to flow down through the Active Directory without being blocked by any child OUs? | Enforce |
| What allows the Group Policy processing order to circle back and reapply the computer policies after all user policies and logon scripts run? | Loopback Processing |
| Which of the following is not a type of GPO? | advanced GPO |
| Local GPO settings are stored in what folder on a computer? | %systemroot% /System32/ GroupPolicy |
| What provides administrators with the ability to redirect the contents of certain folders to a network location or to another location on the user’s local computer? | Folder Redirection |
| A(n) _________ can only contain members from within the same domain. | global group |
| You can use the ________ utility to import data from Comma-Separated Values (CSV) files. | CSVDE |
| Each user and group object has a(n) ________, which must be unique across an entire Active Directorydomain | SAM account name |
| The Anonymous Logon group is an example of a(n) ________ | special identity group |
| You can use the ________ command-line utility to create and modify Active Directory objects. | LDIFDE |
| When users log on to Active Directory, they receive a(n) _________ consisting of all of their security group memberships. | access token |
| A local user is stored in the _______ database of the computer on which it was created | Security Account Manager (SAM) |
| Each CSV file needs to begin with a(n) ________ when used with the CSVDE command-line tool. | header record |
| A(n) ________ can only be used to send and receive email, not to secure network resources. | distribution group |
| ________ is the practice of adding one group as a member of another group. | Group nesting |
| This service is required to use the runas feature | Secondary Logon |
| This command-line tool can be used to move an object from one OU to another | dsmove |
| This tool is used to move objects from one domain to another | Active Directory Migration Tool |
| Hackers will use this attack to identify a user's password by trying numerous words and wordcombinations until they find a match | dictionary attack |
| When you create this item do not use words from the dictionary | strong password |
| This can be used to run a single command using administrative privileges while logging ontoa workstation or server using a Domain User account. | runas |
| This can be used for authentication in lieu of a password when used with an ATM or a smartcard | personal identification number (PIN) |
| Use this tool to grant authority to a user or group of users over a portion of the ActiveDirectory tree | Delegation of Control Wizard |
| This method of moving objects from one OU to another was introduced in Windows Server 2003 | drag-and-drop |
| A dictionary attack is one type of this attack. | password-cracking |
| A Public Key __________ is a system of digital certificates, cert authorities (CAs), and other registration authorities (RAs) that verify and authenticate the validity of each party involved in an electronic transaction thru the use of public key crypt | Infrastructure |
| You must set up at least one computer as a smart card __________ station, which is a dedicated workstation that allows an administrator or another authorized user to preconfigure certificates and smart cards on behalf of a user or workstation. | enrollment |
| After determining the cost of implementing smart cards, you need to define a(n) __________ process. | support |
| By allowing administrative authority over an OU structure as opposed to an entire domain or site, you minimize the number of administrators with __________ privileges | global |
| What type of CA can issue certificates only to users and computers in its own forest? | enterprise CA |
| What allows you to connect to a CA via a Web browser to perform such common tasks as requesting certificates, retrieving the CA’s Certificate Revocation List (CRL), or performing smart card certificate enrollment? | Certification Web Enrollment |
| You can configure one or more GPOs within a domain and then use a process called __________ that applies these settings to various containers within Active Directory. | linking |
| An advanced technique, called security group __________, allows you to apply GPO settings to only one or more users or groups within a container by selectively granting the “Apply Group Policy” permission to one or more users or security groups. | filtering |
| Group Policy __________ contain all of the Group Policy settings that you wish to implement to user and computer objects within a site, domain, or OU. | Objects |
| There are three types of GPOs: local GPOs, domain GPOs, and __________ GPOs. | starter |
| The Group Policy __________ folder structure is located in the shared SYSVOL folder on a domain controller. | templates |
| The Group Policy __________ Console is the Microsoft Management Console (MMC) snap-in that is used to create and modify Group Policies and their settings. | Management |
| Group Policy __________ provide a way to organize settings according to where they are applied. | nodes |
| __________ Templates are files with the .admx extension. | Administrative |
| Configuring the Block Policy __________ setting on a container object, such as a site, domain, or OU, will block all policies from parent containers from flowing to this container. | Inheritance |
| The __________ Settings folder located under the Computer Configuration node in the Group Policy Management Editor contains security settings and scripts that apply to all users who log on to Active Directory from that specific computer. | Windows |
| What allows you to apply GPO settings to only one or more users or groups within a container by selectively granting the “Apply Group Policy” permission to one or more users or security groups? | security group filtering |
| What directory object includes subcontainers that hold GPO policy information? | Group Policy container |
| What policy is linked to the domain, and its settings affect all users and computers in the domain? | Default Domain Policy |
| What folder located under the Computer Configuration node contains settings that apply to all users who log on from that specific computer? | Software Settings |
| What allows multiple scripts to be processed at the same time without waiting for the outcome of a previously launched script to occur? | asynchronous processing |
| What is a Group Policy option that provides an alternative method of obtaining the ordered list of GPOs to be processed for the user? | Loopback Processing |
| What types of policies are processed last? | OU Policies |
| Where are Group Policy templates stored? | SYSVOL directory |
| Domain Accounts are automatically created when Microsoft Windows Server 2008 is installed. | False |
| Microsoft recommends using a non-administrative user account for normal work and using the Run As command when administrative tasks need to be performed. | True |
| Global groups are used to assign permissions to resources that reside only in the same domain as the domain local group. | False |
| You can manually modify the group membership of special identity groups, but you cannot view their membership lists. | False |
| The CSVDE command-line utility allows an administrator to import or export Active Directory objects. | True |
| A strong password can be similar to a previously used password. | False |
| A password is a credit card–sized or token-style device, such as a USB device, that is used with a PIN to enable logon to the enterprise. | False |
| When configuring Certificate Services, you must install your CAs as enterprise CAs. | True |
| Enrollment agent certificates are generated by the enterprise CA and used to generate a smart card logon certificate for users in the organization. | True |
| OUs represent the functional or geographical model of your company so that resources can be placed according to the users who need them. | True |
| Windows Deployment Services assists in rebuilding or deploying workstations quickly and efficiently in an enterprise environment. | True |
| Local GPOs support folder redirection and Group Policy software installation. | False |
| The Default Domain Policy is linked to the Domain Controllers OU, and its settings affect all domain controllers in the domain. | False |
| Administrative Templates are files with the .admx extension. | True |
| Configuring the Loopback Processing setting on a container object, such as a site, domain, or OU, will block all policies from parent containers from flowing to this container. | False |
Created by:
eggowafflez