Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
40 Cards in this Set
- Front
- Back
What does the URLScan tool do?
|
scans incoming HTTP requests to ensure they comply with rules
|
|
What are the six Operations Master roles?
|
Global Catalog Server; PDC Emulator; Schema Master; Domain-Naming Master; Relative Identifier (RID) Master; Infrastructure Master
|
|
What Operations Master role always stays with the first DC in an organization?
|
Global Catalog Server
|
|
What console is used to configure site-level GPO's?
|
Active Directory Sites and Services
|
|
Can groups be converted to and from distribution groups?
|
only in a native-mode domain
|
|
What are the three group scopes?
|
universal, global, and domain local
|
|
What group scope changes are allowed in mixed-mode domains?
|
none
|
|
What group scope changes are allowed in native-mode domains?
|
global to universal and domain local to universal
|
|
What limitation does secedit.exe have that Security Configuration and Analysis does not?
|
results of a security analysis can't be viewed with secedit.exe
|
|
Where can gpresult and gpotool.exe be found?
|
in the Windows 2000 Server Resource Kit
|
|
What is the gpresult.exe tool used for?
|
displaying the net Group Policy settings applied to a computer
|
|
What is the gpotool.exe tool used for?
|
checking the validity of GPO's across multiple domains
|
|
At what levels can password policies be set?
|
at the domain level only
|
|
What two conditions will prevent a global group from being converted to a universal group?
|
group is a member of another global group, or domain is in mixed mode
|
|
What two conditions will prevent a domain local group from being converted to a universal group?
|
group contains another domain local group as a member, or domain is in mixed mode
|
|
What part(s) of the CIA triad are provided by IPSec's Authentication Header (AH)?
|
authentication and integrity
|
|
What part(s) of the CIA triad are provided by IPSec's Encapsulating Security Payload (ESP)?
|
confidentiality, integrity, and authentication
|
|
What protocol handles IPSec connection negotiations?
|
Internet Security Association and Key Management Protocol (ISAKMP)
|
|
What template is installed by default on all domain controllers?
|
basicdc.inf
|
|
What security changes does the securedc.inf template make from the basicdc.inf template?
|
stronger password, account lockout, and auditing settings; uses only NTLMv2 responses; uses SMB signing
|
|
What do legacy clients need to communicate with domain controllers using the securedc.inf or hisec.inf security templates?
Why? |
Directory Services Client (DSClient)- the securedc.inf and hisec.inf templates require NTLMv2
|
|
What sort of SQL 2000 attack is the most common?
|
buffer overrun attacks
|
|
How can user files and settings be migrated when upgrading to Windows 2000?
|
by using the User State Migration Tool
|
|
What must be installed for legacy clients to utilize NTLMv2?
|
the Directory Services client (DSClient)
|
|
At what level is the URLScan ISAPI filter deployed?
|
at the global level
|
|
What event ID occurs when Group Policy is successfully deployed?
|
1704
|
|
What are the four types of CA's included with the Microsoft Certificate Service?
|
Enterprise Root CA; Enterprise Subordinate CA; Standalone Root CA; Standalone Subordinate CA
|
|
Who signs an Enterprise Root CA's certificate?
|
the Enterprise Root CA
|
|
What is the Enterprise Root CA normally used for?
|
authenticating Enterprise Subordinate CA's
|
|
What two types of Enterprise Subordinate CA's are there?
|
intermediate and issuing
|
|
What is necessary for signing code for customers?
|
a trusted third-party Root CA, such as VeriSign
|
|
What two tools can users use to request a certificate?
|
the Certificate Request Wizard or the Certificate Services webpage
|
|
In terms of infrastructure, what is necessary to use Web Enrollment?
|
an Enterprise CA infrastructure
|
|
What kind of message is used to request a certificate?
|
a PCKS-10 message
|
|
What kind of message is used to contrain an issued certificate or certificate chain?
|
a PCKS-7 message
|
|
What port does PPTP use?
|
1723
|
|
What advantage does L2TP have over PPTP?
|
L2TP can tunnel over non-IP media
|
|
How often are CRL's published by default?
|
once a week
|
|
What three types of locations can CRL Distribution Points (CDP's) be configured as?
|
Active Directory, HTTP, and file-based
|
|
What URL points to the Windows Update Catalog?
|
http://windowsupdate.microsoft.com/catalog
|