Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
33 Cards in this Set
- Front
- Back
|
What is the Microsoft Management Console (MMC)? |
A tool that allows you to have customizable windows for easy management. |
|
|
What are the four AD admin tools? |
1.) Active Directory Users and Computers |
|
|
What is the function of Active Directory Users and computers? |
Manages users, groups, computers, printers and shared folders. |
|
|
What is the function of Active Directory Sites and Services? |
Manage replication, network topology, and related services. |
|
|
What is the function of Active Directory Domain and Trusts? |
Configure and maintain trust relationships and the domain and forest functional levels. |
|
|
What is the function of Active Directory Schema? |
View and change definition of AD attributes and object classes. Essentially the blueprint for AD. |
|
|
What are the four console modes that you can save the MMC to? |
1.) Author |
|
|
When should you save the MMC in Author mode? |
When you want to continue customizing the console. |
|
|
When should you save the MMC in User Mode - Full Access? |
When you want users to be able to navigate between and use all snap-ins, but not be able to add, remove or change the properties of snap-ins or the console.
|
|
|
When should you save the MMC in User Mode - Limited Access, multiple window? |
When you want users to only navigate the snap-ins that you made visible in the console tree, and preconfigure multiple windows that focus on specific snap-ins. Users will not be able to open new windows. |
|
|
When should you save the MMC in User Mode - Limited Access, single window? |
When you want users to only navigate the snap-ins that you have made visible in the console true within a single window. |
|
|
In an attempt to delete an OU, you receive an insufficient privileges error even though you are logged in as an admin on the domain. What is happening and what do you need to do to delete the OU?
|
The OU has the checkbox checked that protects it from accidental deletion. To fix it, you must first click View in AD UC, then select Advanced Features. Afterwards right click the OU and select properties. In the properties window under the object tab, you need to uncheck the option that prevents accidental deletion. |
|
|
What are the two types of group objects you can create? |
1.) Security group |
|
|
What is the purpose of the security group? |
The security group can be given permission to resources, and also acts as a distribution group for email. |
|
|
What is the purpose of the distribution group? |
Can only be used as a distribution group for email. |
|
|
What are the three options for the scope of a group object? |
1.) Global Group |
|
|
What is the purpose of the Global Group? |
Used to identify users based on their job function, location, etc. |
|
|
What is the purpose of the Domain Local Group? |
Collection of users who share the same resource access needs, such as a group of people working on the same project. |
|
|
What is the purpose of the Universal Group? |
Collects users and groups from multiple domains. |
|
|
You want to utilize the Dsquery command to find a user in Active Directory. The only info you have is the user's name: James Fine. What would the command line look like if you were trying to find James? |
dsquery user -name jam* |
|
|
What would the command line look like if it you didn't want the result as a DN? |
dsquery -o user -name jam* |
|
|
What is a Distinguished Name (DN)? |
In a sense, a DN is the name of an object that looks like a path that starts at the object and works its way up to the top-level domain. |
|
|
What is a Common Name (CN)? |
The "full name" you specify when creating a user account. |
|
|
If the user object "James Fine" is located in the contoso.com domain, underneath the People OU, what would his DN look like? |
"CN=James Fine,OU=People,DC=contoso,DC=com" |
|
|
What is the Relative Distinguished Name (RDN)? |
Everything in a DN that is before the first OU. If there isn't anything before the first OU, then it is the OU itself. |
|
|
What are Access Control Entries (ACEs)? |
Permissions on an object assigned to users, groups or computers. |
|
|
When trying to view the permissions assigned to an OU, you open the properties and find the Security tab is not visible. What should you do? |
Go to view and select Advanced Features. Afterwards you can go to the OU's properties again and see the Security tab. |
|
|
What are Control Access Rights? |
Actions such as changing and resetting passwords. |
|
|
Explain the contents of an ACL. |
An ACL contains a Discretionary Access Control List (DACL) and a System Access Control List (SACL). The SACL includes auditing settings. The DACL contains ACEs. |
|
|
True or False: All child objects, by default, do not inherit inheritable permissions from the parent container or OU. |
False |
|
|
What are two ways to make a child object an exception to inheritable permissions set forth by a parent object? |
1.) Deselect the "Include Inheritable Permissions From This Object's Parent" option from the Advanced Security Settings dialog box (which is not considered good practice). |
|
|
What is the command Dsacls.exe used for? |
Viewing and changing permissions on an object specified by the object's DN. |
|
|
True or False: If a user is in a group that has an ACE set to allow users to reset passwords, while also being in a group that has an ACE set to deny users from resetting passwords, the user will not be able to reset passwords. |
True |
