Erstellt von maxwell3254
vor fast 10 Jahre
|
||
Frage | Antworten |
the process of keeping each domain controller in synch with changes that have been made elsewhere on the network | REPLICATION |
interoperability with prior versions of Microsoft Windows is available in Windows Server 2008 | FUNCTIONAL LEVELS |
The largest container object within Active Directory | FOREST |
References an object in the Active Directory structure using its entire hierarchial path, starting with the object itself including all parents objects up to the root of the domain | DISTINGUISHED NAME |
has been Active Directory's default name resolution method | DOMAIN NAME SYSTEM |
Are the locator records within DNS that allow clients to locate an Active Directory domain controller or global catalog | SRV RECORDS |
the functional level allows no backward compatibility. Only Windows server 2008 domain controllers are supported | WINDOWS SERVER 2008 |
this level allows backward compatibility with Microsoft Windows 2000 | WINDOWS 2000 NATIVE |
this functional level allows Windows Server 2003 and Windows Server 2008 domain controllers only | WINDOWS SERVER 2003 |
transitive in nature and they can be configured as either a one-way or two-way relationship | CROSS FOREST TRUSTS |
adds a domain controller to an existing environment and adds a new domain tree to an existing forest | DCPROMO |
the process of replicating DNS information from one DNS server to another | ZONE TRANSFER |
the process of removing records that were not refreshed or updated within specified time intervals, which will occur naturally with machines that are removed from the network | SCAVENGING |
necessary for computer hostname-to-IP address mappings, which are used for for name resolution by a variety of services | FOWARD LOOKUP ZONES |
DNS resolves the IP address to a host name | REVERSE LOOKUP ZONE |
a special installation option that creates a minimal environment for running only specific services and roles | SERVER CORE |
can be used to shorten the "Tree-walking" process for users who require frequent access to resources elsewhere in the forest | SHORTCUT TRUST TYPE |
allows you to create two-way transitive trusts between separate forests | CROSS-FOREST TRUSTS |
used to configure a one-way nontransitive trust with a Windows 2000 domain or a single domain in a external organization | EXTERNAL TRUSTS |
allow you to configure trust relationships between Window Server 2008 Active Directory and a UNIX MIT Kerberos realm | REALM TRUSTS |
Active Directory uses this to control replication traffic | SITES |
Domain controllers that reside within the same site | INTRASITE REPLICATION |
Domain controllers located in different sites | INTERSITE REPLICATION |
Active Directory installation wizard which you can see in the Active Directory Sites and Services tool | DEFAULT-FIRST-SITE-NAME |
INTERSITE REPLICATION PRIMARY GOAL | to minimize bandwidth usage |
BOTH INTRASITE AND INTERSITE REPLICATION USE THIS | Remote Procedure Calls over Internet Protocol (RPC over IP) |
acts as a central repository by holding a complete copy of all objects from the host server's local domain along with a partial copy of all objects from other domains within the same forest | GLOBAL CATALOG |
WHEN A USER INITIATES A SEARCH FOR AN OBJECT IN ACTIVE DIRECTORY THE REQUEST IS AUTOMATICALLY SENT TO THIS PORT | TCP port 3268 |
TRUE/FALSE each site should contain a global catalog server to facilitate user logons | TRUE |
responsible for assigning relative identifiers to domain controllers in the domain | RELATIVE IDENTIFIER MASTER (RID) |
responsible for reference updates from its domain objects to other domains | INFRASTRUCTURE MASTER |
provides backward compatibility with Microsoft Windows NT 4.0 domains. Password changes, account lockouts, and time synchronization for the domain will also be managed by this | PRIMARY DOMAIN CONTROLLER (PDC) EMULATOR |
RID, infrastructure master, and PDC emulator | DOMAIN SPECIFIC |
Domain naming master and schema master | FOREST SPECIFIC |
responsible for managing changes to the Active Directory | SCHEMA MASTER |
has the authority to manage the creation and deletion of domains, domain trees, and application data partitions in the forest | DOMAIN NAMING MASTER |
process is used when you move a FSMO role gracefully from one domain controller to another | ROLE TRANSFER |
procedure is used only when you have experienced a failure of a domain controller that holds a FSMO role. Seizing a role can be defined as forced, ungraceful transfer | ROLE SEIZURE |
view the RID Master, PDC Emulator, or Infrastructure Master | Console : ACTIVE DIRECTORY USERS AND COMPUTERS |
to view the Schema Master | Console : ACTIVE DIRECTORY SCHEMA |
to view Domain Naming Master (DNS) | Console : ACTIVE DIRECTORY DOMAINS AND TRUSTS |
is the process of confirming a user's identity using a known value such as a password, smart card, or biometric means | AUTHENTICATION |
the process of confirming that an authenticated user has the correct permissions to access one or more network resources | AUTHORIZATION |
accounts used to access the local computer only and are stored in local Security Account Manager (SAM) database where they reside | LOCAL ACCOUNTS |
these accounts are used to access Active Directory or network based resources, such as shared folders or printers | DOMAIN ACCOUNTS |
these accounts are automatically created when Microsoft Windows Server 2008 is installed | BUILT-IN USER ACCOUNTS |
describes the process of configuring one or more groups as members of another group | GROUP NESTING |
security-related groups created for purposes of granting resource access permissions to multiple users | SECURITY GROUPS |
nonsecurity-related groups created for the distribution of information to one or more persons | DISTRIBUTION GROUPS |
controls which objects the group can contain, limiting the objects to the same domain or permitting objects from remote domains as well, and controls the location in the domain or forest the group can be used | GROUP SCOPES |
can be used to grant or deny permissions to any resource located in any domain in the forest | GLOBAL GROUPS |
used to assign permissions to resources that reside only in the same direction as the domain local group | DOMAIN LOCAL GROUPS |
ALL DEFAULT GROUPS ARE.... | security groups |
you cannot manually modify the group membership, nor can you view their membership lists | SPECIAL IDENTITY GROUPS |
is a special identity group that contains all authenticated users and domain guests | EVERYONE GROUP |
used to import or export Active Directory information from a comma-separated value (.csv) file. | COMMA-SEPARATED VALUE DIRECTORY EXCHANGE (CSVDE) |
can be used to add, delete, or modify objects in Active Directory, in addition to modifying the schema | LDAP DATA INTERCHANGE FORMAT DIRECTORY EXCHANGE (LDIFDE) |
can be used to create, delete, view, and modify Active Directory objects including users, groups, and OUs | DSADD |
an alphanumeric sequence of characters that you enter with a username to access a server, workstation, or shard resource | PASSWORD |
an attempt to discover a user's password | PASSWORD-CRACKING |
password cracking can be accomplished by intelligent guessing on the part of the hacker or through the use of automated tools to try every possible combination of characters until correct sequence is discovered | DICTIONARY ATTACK |
Strong passwords are required when Active Directory is installed | WINDOWS SERVER 2008 |
you utilize a simple interface to delegate permissions for domains, OUs, or containers | DELEGATION OF CONTROL WIZARD |
Möchten Sie mit GoConqr kostenlos Ihre eigenen Karteikarten erstellen? Mehr erfahren.