Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
CIT226 Ch 17 - 19
CIT226 Win Server Mgmt Chapters 17 - 19
| Term | Definition |
|---|---|
| Account lockout | A series of policy settings that locks a user out of an account after a predetermined number of incorrect attempts at entering a password has occurred. This increases security by foiling random dictionary-based or bruteforce password hack attempts. |
| Account policies | A series of settings in Group Policy that determine the characteristics of an acceptable password as well as account lockout settings and Kerberos settings. |
| Auditing | A security process that tracks the usage of selected network resources, typically storing the results in a log file. |
| auditpol.exe | A command-line tool that enables you to configure audit policy settings and directory service auditing subcategories. |
| Fine-grained password policies | A feature of Windows Server 2012 R2 that enables you to configure password policies which apply only to specific users or groups within a domain. |
| Password complexity | A rule that can be applied using Group Policy to prevent users from employing simple, easy-to-guess passwords. default password complexity requires at least three of the following : lowercase letters, uppercase letters, numerals, and special characters. |
| Password policy | Policy settings in a domain-based GPO that specify the requirements for passwords in the domain. |
| Password Settings object (PSO) | An object class defined in the AD DS schema that holds attributes for the fine-grained password and account lockout policy settings. |
| Security Configuration Wizard | A Windows Server 2012 R2 tool that enables you to create or modify security policies applied to servers in your AD DS domain or OU. |
| User rights | A default set of capabilities assigned to built-in groups in AD DS that define what members of these groups can and cannot do on the network. |
| User Account Control (UAC) | UAC is a security feature designed to protect your computer from unauthorized changes by alerting you of pending administrative actions. UAC displays a prompt that requests approval when you want to perform an administrative task. |
| AppLocker | A Windows Server 2012 R2 tool that enables you to control which files and applications users can run, including executable files, scripts, Windows Installer files, DLLs, packaged apps, and packaged app installers. |
| Auditing | A security process that tracks the usage of selected network resources, typically storing the results in a log file. |
| Application control policies | An update to the older Software Restriction Policies, providing new enhancements that enable you to specify exactly what users are permitted to run on their desktops according to unique file identities. |
| Certificate rule | A software restriction policy rule that identifies software to be allowed or prohibited according to an application’s signing certificate. |
| Executable rule | A default AppLocker rule that enables you to control classic executable programs (as opposed to the newer Windows 8 packaged apps) that are typically located in the Program Files default folder. |
| Hash rule | A software restriction policy rule that identifies software to be allowed or prohibited according to a hash, which is a fixed-length series of bytes that uniquely identifies the application |
| Network zone rule | A software restriction policy rule that identifies software to be allowed or prohibited according to a network zone as described by Microsoft Internet Explorer. |
| Packaged app rule | A default AppLocker rule that enables you to control the use of packaged apps (which are apps that include all the required files within an app package) on computers running Windows 8 or Windows Server 2012 R2. |
| Path rule | A software restriction policy rule that identifies software to be allowed or prohibited according to the local or UNC path to the application’s executable files. Enables you to grant or deny access to software located in a specific folder for each user. |
| Script rule | A default AppLocker rule that enables you to control who is able to run scripts such as *.js, *.ps1, *.vbs, *.cmd, and *.bat files. |
| Software restriction policies | A series of settings included in Group Policy that you can use to limit the types of software that can be run on any computer running Windows XP or later. You can limit users to running only those applications they need to do their jobs. |
| Windows Installer rule | A default AppLocker rule that enables you to control the installation of applications packaged into Windows Installer .msi files, as well as their transforms (*.mst) and patch (*.msp) files. |
| Windows Firewall | The personal firewall software incorporated in Windows Vista/7/8/8.1/Server 2008/R2/2012/R2 that filters incoming TCP/IP traffic. Windows Firewall was first introduced in Windows XP SP2. |
| Windows Firewall with Advanced Security | A Microsoft Management Console (MMC) snap-in that provides enhanced firewall mgt capabilities, including the ability to create firewall rules that are specifically configured to protect a specific type or source/destination path of network traffic. |
| Stateful firewall | A firewall that monitors the state of active connections and uses the information gained to determine which network packets are allowed through the firewall. Outside packet or protocol must be granted access by an access control list (ACL). |
| IP Security (IPsec) | A suite of protocols that provide a mechanism for data integrity, authentication, and privacy for the Internet Protocol. IPsec can provide message authentication and/or encryption. |
| Firewall | A system designed to prevent unauthorized access to or from a private network. This can be either a dedicated hardware device or a software program installed on a server or client computer. |
| Firewall profile | A means of grouping firewall rules so they apply to the affected computers dependent on where the computer is connected. |
| Firewall rule | A set of conditions used by Windows Firewall to determine whether a particular type of communication is permitted. You can configure inbound rules, outbound rules, and connection security rules |
| Filter action | A configured set of actions within a firewall rule that determines whether the firewall will permit or block traffic attempting to cross it. You can also select an option to negotiate security based on several IPsec criteria. |
| Connection security rule | A type of firewall rule that requires two computers to authenticate with each other to establish a connection and secure their communications. Windows Firewall uses IPsec to enforce these rules and secure the communication channel. |
| Authenticated bypass | A procedure in which you can enable all communications from approved computers to bypass the firewall when communicating with the server using IPsec-secured messages. |
| Authentication | A process whereby an individual or a computer on a network proves he is who he says he is. |
Created by:
Leisac
Popular Computers sets