Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
24 Cards in this Set
- Front
- Back
What advantage does Lightweight Directory Services provide over standard AD integration?
|
applications can use DS for authentication without the overhead of domains and forests
|
|
What are the 3 levels of Certificate Services?
|
Enterprise, Subordinate Enterprise, and Standalone
|
|
How does Subordinate Enterprise Certificate Services differ from Enterprise Certificate Services?
|
Subordinate Enterprise uses a 3rd-party CA to sign certificates
|
|
What advantage does Enterprise Certificate Services provide over Subordinate Enterprise Certificate Services?
|
Enterprise Certificate Services can use GP to propagate certificates and certificate revocation lists
|
|
Why does standalone certificate services require more administration than enterprise certificate services?
|
there is no verification of credentials from AD DS in standalone CS
|
|
What does Microsoft Identity Integration System (MIIS) do?
|
allows Windows to share security accounts with other OS's
|
|
What happens when DNS is installed on a RODC?
|
it becomes read-only DNS
|
|
How is read-only DNS updated?
|
through referrals- updates are sent in single-object replication
|
|
Where are RODC's useful?
|
where physical security is not guaranteed
|
|
What is the RODC Filtered Attribute Set?
|
part of the schema not replicated to RODC's
|
|
What is the name for the portion of the schema not replicated to RODC's?
|
RODC Filtered Attribute Set
|
|
What precaution should be taken when using the RODC Filtered Attribute Set?
|
make sure the forest is at the Server 2008 functional level, as 2003 DC's can be forced to replicate this data
|
|
What are two advantages of a RODC over no domain controller?
|
less replication traffic and quicker logins
|
|
What is the advantage of a RODC over a standard domain controller?
|
more secure
|
|
How does BitLocker differ from EFS?
|
BitLocker encrypts entire drives, rather than individual files and folders
|
|
What two accounts do RODC's store by default?
|
the local computer account and krbtgt
|
|
How can RODC's be configured to cache passwords?
|
through Password Replication Policy
|
|
Where is Password Replication Policy set up when a RODC is created?
|
on a writeable DC replication partner
|
|
What is SYSKEY?
|
a utility that encrypts information in a SAM database
|
|
What utility encrypts information in a SAM database?
|
SYSKEY
|
|
What level encryption does SYSKEY use?
|
128-bit
|
|
What are the 2 partners in a federation relationship?
|
the resource partner (hosts the resource to be shared) and the account partner (holds an account to access shared resources)
|
|
Where are the passwords stored on an RODC listed?
|
on the Policy Usage tab of the Advanced Password Replication Policy dialog box
|
|
What command will produce a Resultant Set of Policy report for GPO's?
|
gpresult.exe
|