Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
48 Cards in this Set
- Front
- Back
|
The primary security boundary for Active Directory is the _, which contains
_ _. |
forest
domain trees |
|
|
There can be _ _ _domain trees in a forest, though the first
domain is designated as the forest _ _. |
one or more
root domain |
|
|
Each forest has an _ _ group as well as a _ _group.
|
Enterprise Admins
Schema Admins |
|
|
Members of Enterprise Admins and Schema Admins have
authority over _ _ _ _ in the forest. |
all the domain trees
|
|
|
Each domain has a _ _ group, and administrators in a _ _ automatically have administrative permissions
to all child domains through automatic transitive trust relationships. |
Domain Admins
parent domain |
|
|
Active Directory is a _ _ database that replaced the _ structure
of Windows NT domains. |
hierarchical structured
flat |
|
|
_ _ _ are used to allow Active Directory queries to _ domains.
|
Global catalog servers
cross |
|
|
There are _ operations masters roles. The Schema Master and Domain Naming
Master roles are _-_, while the PDC Emulator, Infrastructure Master, and RID Master roles are _ _. |
five
forest-wide domain-wide |
|
|
Sites are used to control the _ _ by defining whether resources in
Active Directory are connected by _ _ or _ _ links. |
replication topology
high-speed low-speed |
|
|
The _ defines the _ of objects that are allowed in Active Directory, as
well as the _ the objects can have. |
schema
types attributes |
|
|
Each domain has a Domain Admins
group, and administrators in a parent domain automatically have administrative permissions to all child domains through automatic _ _ _. |
transitive trust relationships
|
|
|
Active directory structure is known as a _ structure, since there can be multiple
levels. This differs from the _ structure of Windows NT domains |
hierarchical
flat |
|
|
With the amount of replication that takes place between domain controllers and the amount of querying of data that is done in Active Directory, it is important for computers
and services to have a way of identifying Active Directory resources that are located on the same _ versus resources that are on a different LAN separated by a wide area network _. This is enabled by the use of _. |
LAN
WAN Sites |
|
|
Sites contain Active Directory resources that are all connected
by _ _ _ _. |
reliable high-speed bandwidth
|
|
|
Site
membership is used in the logon process as a computer attempts to locate a domain_ _ in its own site first; |
controller
|
|
|
The schema is a definition
of the _ _ _that are allowed within a directory and the _ that are associated with those objects. |
types of objects
attributes |
|
|
There are two types of definitions within the schema:_ and _, also
known as schema objects and metadata. |
attributes and classes
|
|
|
Attributes are defined _ _, and then can
be applied to multiple classes as needed. |
only once
|
|
|
The object classes, or _, are used to
define _ |
metadata,
objects |
|
|
A class is simply a generic _ for objects. It is a collection of _, such asattributes
Logon Name and Home Directory for user accounts or Description and Network Address for computer accounts. |
framework
|
|
|
Active Directory uses a special container known as an _ _ to organize
objects within a domain for the purpose of administration. |
organizational unit
|
|
|
An OU is the _ _to which you can assign administrative rights.
|
smallest element
|
|
|
This
means that OUs can be used to _ _ and control within a domain; in essence, OUs function as _ without the creation of additional domains. |
delegate authority
subdomains |
|
|
The _ _ stores partial replicas of the directories
of other domains. |
global catalog
|
|
|
The catalog is stored on _ _ that have been designated
as global catalog servers. |
domain controllers
|
|
|
a global catalog is required for _ _
|
logging on to
the network. |
|
|
The global catalog provides _ group membership information
for the user account that is attempting to log on to the network. If the global catalog is _ _ during the logon attempt and the user account is_ to the local domain, the user will only be allowed to log on to the _ _. |
universal
not available external local machine |
|
|
The _ _is required only when a user
account or object needs to be authenticated by another _. |
global catalog
domain |
|
|
The global catalog maintains a subset of the _ _ available within
every domain in the forest. This allows queries to be handled by the nearest _ _, saving time and _. |
directory information
global catalog bandwidth |
|
|
The global catalog is a _ _- database, unlike the normal Active Directory database.
|
read-only
|
|
|
Active Directory automatically creates a global catalog on the first _ _
within a forest. |
domain controller
|
|
|
As the number of global catalog servers _, the response time to user inquiries_. However, the replication requirements within the environment _ as
the number of global catalog servers _. |
increases
decreases increase increases |
|
|
Much of the replication within an Active Directory environment is _ _,
which means that the domain controllers are all peers. |
multimaster replication
|
|
|
There are five
different operations master roles in Active Directory: _, _ , _, _, AND _. |
Schema Master, Domain Naming
Master, Relative ID Master, PDC Emulator, and Infrastructure Master |
|
|
The Schema Master
and Domain Naming Master roles function at the _ level and exist _ _in a forest. |
forest
only once |
|
|
The Relative ID Master, PDC Emulator, and Infrastructure Master roles function
at the _ level and exist in each _ _ _ _. |
domain
domain in the forest |
|
|
The _ _ role controls all the updates and modifications to the schema
itself. The schema controls the _ of each _ in the directory and the object’s associated _. |
Schema Master
definition object attributes |
|
|
The _ _ _ role controls the addition or removal of domains from
the forest. |
Domain Naming Master
|
|
|
The _ _ _role controls the sequence number for the domain
controllers within the domain. |
Relative ID (RID) Master
|
|
|
The SID must be unique within
the domain and is generated by combining a_ _and a _. |
domain SID
RID |
|
|
When the domain controller uses all the RIDs that the RID
Master has assigned, the domain controller receives _ _ _ _ from the RID Master |
another sequence of RIDs
|
|
|
If the RID Master is unavailable and a domain controller
exhausts its pool, it will be _ _ _ _ _. |
unable to create additional objects.
|
|
|
The _ _ _is used whenever a domain contains non–Active Directory
computers. |
PDC Emulator role
|
|
|
The PDC Emulator Role acts as a _ _ _for legacy client operating systems, as
well as for Windows NT BDCs |
Windows NT PDC
|
|
|
The _ _ role is responsible for maintaining all inter-domain object references.
|
Infrastructure Master
|
|
|
the Infrastructure Master informs certain objects
(such as _) that other objects (such as _ in another domain) have been _, _, , or otherwise modified. |
groups
users moved, changed |
|
|
The _ _role is necessary only when there are multiple domains in the forest. If there is only a single domain, then all domain controllers
already know of the update, and this role is _ |
Infrastructure Master
unnecessary. |
|
|
By default, Active Directory assigns all five of these operations master roles to the _ _ _installed in a forest.
|
first domain controller
|
