Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key


Play button


Play button




Click to flip

47 Cards in this Set

  • Front
  • Back
What free tool does Microsoft provide to check event logs for multiple servers in a domain?
What tunneling protocols does Windows 95 support?
PPTP (with the Windows Dial-Up Networking 1.3 Performance and Security Upgrade for Windows 95)
What tunneling protocols does Windows 98 support?
What tunneling protocols does NT 3.51 support?
What tunneling protocols does NT 4.0 support?
What tunneling protocols does Windows 2000 support?
What is the highest-level authentication protocol supported by Windows 2000?
What is the highest authentication protocol supported by NT 4.0?
MS-CHAPv2 (with SP4 or higher)
What is the highest-level authentication protocol supported by Windows 98?
MS-CHAPv2 (with SP1 or higher)
What is the highest-level authentication protocol supported by Windows 95?
MS-CHAPv2 (with Windows Dial-Up Networking 1.3 Performance and Security Upgrade for Windows 95)
What character-length passwords does MS-CHAPv1 support?
up to 14 characters
In a native-mode network, what controls remote-access permissions?
Group Policy
In a native-mode network, what are the remote-access permissions on each user account set to?
Control Access Through Remote Access Policy
In a mixed-mode network, what is the remote-access permission on each user account set to?
Allow Access
When logging on to a Terminal Server running in Remote Administration mode, what is indicated by the message "you do not have access to logon to this session"?
the account being used does not have administrative privileges
What is the purpose of the Connection Manager Administration Kit?
to create dial-up connections to distribute to users
What additional installation requirement does an enterprise CA have that other CA's do not?
Active Directory must be present
What URL is used to request a certificate via Web Enrollment?
What are the seven pre-configured reasons for certificate revocation?
Unspecified; Key Compromise; CA Compromise; Change of Affiliation; Superseded; Cease of Operation; Certificate Hold
What is the best way to back up and restore a CA?
back up the entire System Store of the CA server
What are KMS-issued keys used for?
email security
When a KMS-issued key is recovered, how is the user notified?
by email
What is a System Access Control List?
a list which specifies which events are to be audited per user or group
What folder are IIS logs stored in by default?
When dealing with Active Directory database updates, what is the name for the replication type used for security-sensitive changes, such as account lockout?
Urgent Replication
What is NTLM used for?
authenticating clients unable to use Kerberos (NT4 and below)
What DLL controls the NTLM authentication protocol?
What DLL controls SSL?
What does the LSA server service do?
enforces defined security policies within Active Directory
Why is the SAM not present on domain controllers?
the SAM control local security accounts, which are not allowed on domain controllers
What DLL controls the Directory Service module?
What three things does the Directory Service module control?
replication between Windows 2000 domain controllers; LDAP access to Active Directory; management of naming contexts stored in Active Directory
What DLL controls the Multiple Authentication Provider?
What does the Multiple Authentication Provider do?
supports all security packages available on the system
What ability is provided by secure channel (SChannel) services?
the ability to authenticate via public key -based protocols, such as SSL and TLS
What requirement exists for File System settings to be defined in a security template?
file system must be NTFS
What file can be modified to alter registry values when combined with a security template?
When is a Kerberos referral ticket issued?
when a user attempts to connect to a server in a different domain
What kind of extensions does Kerberos use to support smart cards?
PKINIT extensions
What three OS clients can use Kerberos authentication in a Windows 2000 domain?
2000; XP; and UNIX
Why are DHCP servers normally made members of the DNSUpdate Proxy global group?
in order to allow DNS record updating for legacy clients
How is the RunAs option enabled on a shortcut menu?
hold Shift while right-clicking the shortcut
How is a service ticket obtained?
the ticket-granting ticket is presented to the KDC, which grants the service ticket
Who grants a ticket-granting ticket?
the Key Distribution Center (KDC)
Why is deploying security templates harder in a workgroup than in a domain?
Group Policy can't be used to distribute them
How are security-sensitive changes within Active Directory replicated?
they are immediately replicated to all domain controllers within the site
What does the Netlogon service do?
maintains a computer's secure channel to a domain controller