Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key

image

Play button

image

Play button

image

Progress

1/49

Click to flip

49 Cards in this Set

  • Front
  • Back
What are the three basic-level security templates?
basicwk.inf; basicsv.inf; basicdc.inf
What template allows legacy applications to run under less-restrictive security?
compatws.inf
What is the compatible-level security template used for?
running legacy applications without giving users Power User rights
What two templates provide a medium level of security?
securews.inf; securedc.inf
What are the two highest-security templates available?
hisecws.inf; hisecdc.inf
What security requirement do the two highly-secure templates enforce?
use of IPSec in network communications
What template contains out-of-the-box settings for a 2000 domain controller?
DCSecurity.inf
What template contains out-of-the-box settings for workstations and member servers?
setup security.inf
What template removes the terminal server SID from registry and file system objects?
notssid.inf
What two MMC snap-ins can be used to apply security templates?
Group Policy Editor; Security Configuration and Analysis (for a specific computer)
What assumption do the security templates make?
that 2000 has been installed cleanly (not upgraded) and has the default 2000 security settings
Why is the fact that security templates apply settings incrementally important?
the templates do not contain default security settings, only changes from them
What two areas do the basic templates NOT specify settings for?
user rights and group membership
What environment are the high-security templates intended for? Why?
native 2000 environments only- legacy OS's do not support IPSec
In what order are group policies applied?
Local; Site; Domain; OU
What does Restricted Groups do?
allows listing of what users and groups may be members of specified groups
How are Restricted Groups applied?
at each Group Policy refresh, listed users are removed from the groups
What does the System Services node do?
allows configuration of security and starup options for services
What MMC snap-in is used to apply a security template via Group Policy?
Active Directory Users and Computers
What command will force Group Policy propagation throughout the domain?
gpupdate (or secedit /refreshpolicy machine_policy)
What command is used to deploy security templates from the command line?
secedit /configure
What does the secedit switch /db do?
specifies the database containing the security template that should be used
What does the secedit switch /cfg do?
specifies the security template to import into a database and apply (used with /db)
What does the secedit /overwrite switch do?
specifies whether the selected template overwrites the template in the database, or is appended to it
What does the secedit /areas switch do?
specifies which areas of a security template should be applied
What are the six valid areas for secedit?
securitypolicy; group_mgmt; user_rights; regkeys; filestore; services
What are the four primary switches for secedit?
/analyze; /configure; /export; /validate
What clients can natively receive Group Policy settings across the network?
Windows 2000 clients and above
What can be done to allow legacy clients some Active Directory functionality?
install Directory Services Client
What OS does not have Active Directory provided?
Windows ME
What account can be used to export a data recovery agent certificate?
the built-in Administrator account
What command will open the Local Security Policy console?
secpol.msc
What command will start the Microsoft Baseline Security Analyzer?
msbacli.exe
What file would be used to deploy a service pack to computers via Group Policy?
update.msi
What is qchain.exe used for?
installing multiple hotfixes seqentially without rebooting in-between
What two methods can be used to deploy hotfixes at the same time as the operating system?
cmdline.txt, and by placing hotfixes in the Run Once section of the Setup Manager Wizard
If a hotfix being deployed at the same time as the OS requires a reboot, which method must be used?
cmdline.txt
If a hotfix being deployed at the same time as the OS requires a reboot, which method must be used?
cmdline.txt
What is slipstreaming?
installing service packs at the same time the OS is installed
What command would slipstream SP3 files, located in a folder called SP3, into the OS directory, called W2K?
sp3\i386\update\update.exe -s:c:\w2k
What command would slipstream SP3 files, located in a folder called SP3, into the OS directory, called W2K?
sp3\i386\update\update.exe -s:c:\w2k
What command would slipstream SP3 files, located in a folder called SP3, into the OS directory, called W2K?
sp3\i386\update\update.exe -s:c:\w2k
What are the four requirements for a RIS server?
DHCP Server service; Active Directory; DNS Server service; 2Gb free space
What are the three valid authentication methods for IPSec?
Kerberos (default); certificate; pre-shared key
How do you enforce a given IPSec policy?
right-click the policy and choose "Assign"
How many IPSec policies may be in force at once?
only one
What two encryption algorithms does IPSec use?
DES and 3DES
What two algorithms does IPSec use to verify integrity?
MD5 and SHA1
What is an IPSec Security Association (SA) also known as?
a hard SA