Study your flashcards anywhere!
Download the official Cram app for free >
- Shuffle
Toggle OnToggle Off
- Alphabetize
Toggle OnToggle Off
- Front First
Toggle OnToggle Off
- Both Sides
Toggle OnToggle Off
- Read
Toggle OnToggle Off
How to study your flashcards.
Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key
Up/Down arrow keys: Flip the card between the front and back.down keyup key
H key: Show hint (3rd side).h key
A key: Read text to speech.a key
47 Cards in this Set
- Front
- Back
What free tool does Microsoft provide to check event logs for multiple servers in a domain?
|
EventCombMT
|
|
What tunneling protocols does Windows 95 support?
|
PPTP (with the Windows Dial-Up Networking 1.3 Performance and Security Upgrade for Windows 95)
|
|
What tunneling protocols does Windows 98 support?
|
PPTP
|
|
What tunneling protocols does NT 3.51 support?
|
none
|
|
What tunneling protocols does NT 4.0 support?
|
PPTP
|
|
What tunneling protocols does Windows 2000 support?
|
PPTP and L2TP
|
|
What is the highest-level authentication protocol supported by Windows 2000?
|
EAP
|
|
What is the highest authentication protocol supported by NT 4.0?
|
MS-CHAPv2 (with SP4 or higher)
|
|
What is the highest-level authentication protocol supported by Windows 98?
|
MS-CHAPv2 (with SP1 or higher)
|
|
What is the highest-level authentication protocol supported by Windows 95?
|
MS-CHAPv2 (with Windows Dial-Up Networking 1.3 Performance and Security Upgrade for Windows 95)
|
|
What character-length passwords does MS-CHAPv1 support?
|
up to 14 characters
|
|
In a native-mode network, what controls remote-access permissions?
|
Group Policy
|
|
In a native-mode network, what are the remote-access permissions on each user account set to?
|
Control Access Through Remote Access Policy
|
|
In a mixed-mode network, what is the remote-access permission on each user account set to?
|
Allow Access
|
|
When logging on to a Terminal Server running in Remote Administration mode, what is indicated by the message "you do not have access to logon to this session"?
|
the account being used does not have administrative privileges
|
|
What is the purpose of the Connection Manager Administration Kit?
|
to create dial-up connections to distribute to users
|
|
What additional installation requirement does an enterprise CA have that other CA's do not?
|
Active Directory must be present
|
|
What URL is used to request a certificate via Web Enrollment?
|
http://server_name/certsrv
|
|
What are the seven pre-configured reasons for certificate revocation?
|
Unspecified; Key Compromise; CA Compromise; Change of Affiliation; Superseded; Cease of Operation; Certificate Hold
|
|
What is the best way to back up and restore a CA?
|
back up the entire System Store of the CA server
|
|
What are KMS-issued keys used for?
|
email security
|
|
When a KMS-issued key is recovered, how is the user notified?
|
by email
|
|
What is a System Access Control List?
|
a list which specifies which events are to be audited per user or group
|
|
What folder are IIS logs stored in by default?
|
%systemroot%\System32\Logfilesm
|
|
When dealing with Active Directory database updates, what is the name for the replication type used for security-sensitive changes, such as account lockout?
|
Urgent Replication
|
|
What is NTLM used for?
|
authenticating clients unable to use Kerberos (NT4 and below)
|
|
What DLL controls the NTLM authentication protocol?
|
Msv1_0.dll
|
|
What DLL controls SSL?
|
Schannel.dll
|
|
What does the LSA server service do?
|
enforces defined security policies within Active Directory
|
|
Why is the SAM not present on domain controllers?
|
the SAM control local security accounts, which are not allowed on domain controllers
|
|
What DLL controls the Directory Service module?
|
ntdsa.dll
|
|
What three things does the Directory Service module control?
|
replication between Windows 2000 domain controllers; LDAP access to Active Directory; management of naming contexts stored in Active Directory
|
|
What DLL controls the Multiple Authentication Provider?
|
Secur32.dll
|
|
What does the Multiple Authentication Provider do?
|
supports all security packages available on the system
|
|
What ability is provided by secure channel (SChannel) services?
|
the ability to authenticate via public key -based protocols, such as SSL and TLS
|
|
What requirement exists for File System settings to be defined in a security template?
|
file system must be NTFS
|
|
What file can be modified to alter registry values when combined with a security template?
|
sceregvl.inf
|
|
When is a Kerberos referral ticket issued?
|
when a user attempts to connect to a server in a different domain
|
|
What kind of extensions does Kerberos use to support smart cards?
|
PKINIT extensions
|
|
What three OS clients can use Kerberos authentication in a Windows 2000 domain?
|
2000; XP; and UNIX
|
|
Why are DHCP servers normally made members of the DNSUpdate Proxy global group?
|
in order to allow DNS record updating for legacy clients
|
|
How is the RunAs option enabled on a shortcut menu?
|
hold Shift while right-clicking the shortcut
|
|
How is a service ticket obtained?
|
the ticket-granting ticket is presented to the KDC, which grants the service ticket
|
|
Who grants a ticket-granting ticket?
|
the Key Distribution Center (KDC)
|
|
Why is deploying security templates harder in a workgroup than in a domain?
|
Group Policy can't be used to distribute them
|
|
How are security-sensitive changes within Active Directory replicated?
|
they are immediately replicated to all domain controllers within the site
|
|
What does the Netlogon service do?
|
maintains a computer's secure channel to a domain controller
|