1413596
Description
Flashcards by shepworth.sh, updated more than 1 year ago
|
|
Created by shepworth.sh
about 10 years ago
|
|
| Question | Answer |
| With a user account, you can? | • Allow or deny users permission • Grant users access to processes and services • Manage users’ access to resources |
| The attributes of a user object fall into several broad categories? | • Account • Organization • Member of • Password Settings • Profile • Extensions |
| Profile path. This path is either a local, or more usually, a ? | Universal Naming Convention (UNC) path |
| If a user profile has a UNC path, then the user will have access to their? | desktop settings regardless of the domain computer they sign in at. Known as a roaming profile. |
| In a Windows Server 2012 enterprise network,there are two types of groups? | security & distribution |
| Distribution groups, which are not security-enabled, are used mainly by? What cannot they be given? | • Email applications •They cannot be given permission to resources |
| Security groups are security-enabled, and are used to? | • assign permissions to various resources |
| Security groups can therefore use these groups in permission entries in? | access control lists (ACLs) to control security for resource access. |
| A security group can be converted to a? | distribution group at any time |
| There are four group scopes? | • Local • Domain local • Global • Universal |
| What is a Local group scope? | use this type of group for standalone servers or workstations, on domain member servers that are not DC's, or on domain member workstations. |
| What is a Domain local group? | use this type of group primarily to manage access to resources or to assign management responsibilities (rights) |
| What is a Global group? | use this type of group primarily to consolidate users who have similar characteristics |
| What is a Universal group? | use this type of group most often in multidomain networks because it combines characteristics of both domain-local groups & global groups |
| A best practice for group nesting is known as IGDLA, which is an acronym for? | • Identities • Global groups • Domain-local groups • Access |
| In a multi-domain forest, the best practice for group nesting is known as IGUDLA? They are? | • Identities • Global groups • Universal groups • Domain-local groups • Access |
| What are the Default Groups? | • Enterprise Admins • Schema Admins • Administrators • Domain Admins • Server Operators • Account Operators • Backup Operators • Print Operators • Cert Publishers |
| What are Protected Groups? Do they inherit? | Defined by the operating system & cannot be unprotected. no longer inherit permissions (ACLs) from their OU, but receive copy of an ACL from the protected group. |
| What is Special Identities? | groups for which membership is controlled by the OS. |
| What Is the Computers Container? | When you create a domain, the Computers container is created by default (common name (the cn attribute)=Computers) You cannot create an OU within a container. |
| Most organizations create at least two OUs for computer objects—one for? | servers, and another to host computer accounts for client computers |
| Every member computer in an AD DS domain maintains a computer account with? What does it store? | a user name (SAMAccountName) and password computer stores its password in the form of a local security authority (LSA) secret, & changes its password with the domain approx every 30 days |
| Resetting the Secure Channel ? what do you not do? |
Image:
12345 (image/png)
|
| How you design your OU hierarchy could be based on? | • Geographic location • Departmental characteristics • Resource type • Management structure |
| All AD DS objects, such as users, computers, & groups, can be secured by ? | using a list of permissions. |
| permissions on an object are called? | access control entries (ACEs), and they are assigned to users, groups, or computers, A.K.A as security principals |
| The permissions that you assign to an OU are inherited by? | all objects in the OU |
| Child objects inherit the permissions of ? | the parent container or OU |
| Deny permissions, which deny access, override equivalent ? | Allow permissions |
| Allow permission will override an ? | inherited Deny permission |
Want to create your own Flashcards for free with GoConqr? Learn more.