Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
IST 165 Midterm
| Question | Answer |
|---|---|
| Which of the following are ways to change default GPO inheritance? (Choose all that apply.) | GPO Enforcement - there is a third Blocking Inheritance |
| Account policies are set in the Local Security Policy MMC on computers that aren't domain members. | True |
| Settings under the User Configuration node affect what Registry key? | HKEY_LOCAL_USER |
| What PowerShell cmdlet will link a GPO to a site, a domain, or an OU? | New-GPLink |
| Select the operations master role that is responsible for providing backward compatibility with Windows NT servers that are configured as Windows NT backup domain controllers or member servers. | PDC Emulator Master |
| How often are computer and user policies applied after a user has logged into a computer? | 90 minutes |
| Mutual authentication means that the identity of both parties is verified. | True |
| Select the built-in group that facilitates anonymous access to web resources by Internet Information Services | IIS_IUSRS |
| ADMX and ADML files are placed under what directory within Windows? | %systemroot%\PolicyDefinitions |
| Select the command that is used to import settings from a backed-up GPO to an existing GPO. | Import-GPO |
| What Active Directory object enables an administrator to configure password settings for users or groups that are different from those defined in a GPO linked to the domain? | Password settings object |
| Which of the following is not a security principal that can be assigned permissions? | Groups |
| Which of the following are text files with a .inf extension that contain information for defining policy settings in the Computer Configuration\Policies\Windows Settings\Security Settings node of a local or domain GPO? | Security Templates |
| Which type of ticket below is requested by an account when it wants to access a network resource, such as a shared folder? | Service Ticket |
| You can configure a firewall with the Group Policy tool or on a client computer. | True |
| Which tab in the Group Policy Results window shows all events in Event Viewer that are generated by group policies, and can be used to view the relevant information on a remote computer? | Policy events |
| Schema attributes define what type of information is stored in each object, such as first name, last name, and password for a user account object. | True |
| Built-in user accounts include only the Administrator account created during Windows installation. | False |
| In order to force a computer to immediately download and apply all group policies, what command should be run? | gpupdate /force |
| By default, Windows password policy requires a minimum password of what length? | 6 characters |
| How can the output of a command be redirected to a file instead of being displayed on the computer's screen? | Type the > character followed by the file name |
| What special identity group is typically used when a user accesses an FTP server that doesn't require user account logon? | Anonymous logon |
| The PowerShell cmdlet New-ADUser gets information about user accounts. | False |
| Group policy caching improves system startup speed because the cache is used during asynchronous background processing, which occurs when the system boots. | False |
| What are the two main functions of user accounts in Active Directory? (Choose all that apply.) | Provide detailed information about a user A method for user authentication to the network |
| What setting specifies how long a service ticket can be used before a new ticket must be requested to access the resource for which the ticket was granted? | Maximum lifetime for service ticket |
| Select the special character below that cannot be used within an account username. | ? |
| Select the Account Lockout Policy item that determines how many failed logins can occur on an account before the account is locked. | Account lockout threshold |
| Kerberos policies, found in a GPO, control settings related to user authentication and logon. | False |
| The directory partition holds configuration information that can affect the entire forest, such as details on how domain controllers should replicate with one another. | False |
| Using default settings, if a computer's clock differs more than 5 minutes than a Kerberos message's timestamp, what happens? | The Kerberos message is considered invalid. |
| What component of Kerberos is responsible for storing keys for encrypting and decrypting data in the authentication process? | Key Distribution Center |
| The Security Configuration and Analysis Snap-in cannot be used to apply a security template to a computer. | False |
| The standard DACL for a package object assigns read permissions to what group by default? | Authenticated Users |
| What type of application is made available via Group Policy for a user to install by using Programs and Features in Control Panel? | Published |
| A transform file utilizes what file name extension? | .mst |
| When you first create a group, what is the default setting that is applied? | Security group with global scope |
| If you want to create a security template using a baseline of settings from an existing desktop computer or server, you can begin by opening secpol.msc. | True |
| By default, what is the maximum period during which a TGT can be renewed? | 7 days |
| What type of Active Directory replication takes place between domain controllers in the same site? | Intrasite |
| Which PowerShell cmdlet below can be used to set permissions for a security principal to a GPO or to all GPOs? | Set-GPPermission |
| A service account is a user account that Windows services use to log on to a computer or domain with a specific set of rights and permissions. | True |
| What is the primary container object for organizing and managing resources in a domain? | OUs |
| User account properties are not static and can require modification. | True |
| An administrative template file using what file extension provides a language-specific user interface in the Group Policy Management Editor? | .adml |
| What type of application can be installed automatically when the user logs on to a computer in the domain? | Assigned |
| Select the operations master role that is responsible for ensuring that changes made to object names in one domain are updated in references to the object in other domains. | Infrastructure master |
| For automatic SPN support, what must the domain functional level be? | Windows Server 2008 R2 or higher |
| Approximately 42 days after a service was configured to use a normal user account, the service has stopped working and refuses to run. Assuming default domain policy settings, what could be the issue? | The user account password expired. |
| How can an administrator remove all audit policy subcategories so that auditing is controlled only by Group Policy? | auditpol /clear |
Created by:
cswilloughby15