• Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

Card Range To Study

through

image

Play button

image

Play button

image

Progress

1/129

Click to flip

Use LEFT and RIGHT arrow keys to navigate between flashcards;

Use UP and DOWN arrow keys to flip the card;

H to show hint;

A reads text to speech;

129 Cards in this Set

  • Front
  • Back

Fine-Grained Password Policies can be applied to one or more users or groups of users, allowing you to specify a more or less stringent password policy for a subset account than the password policy defined for the entire domain.

T

Events that trigger a log entry in the Application Events category include system startups and shutdowns; system time changes; system event resources exhaustion, such as when an event log is filled and can no longer append entries; security log cleaning; or any event that affects system security or the security log.

F

The Limited Groups policy setting allows an administrator to specify group membership lists.

F

Use disk quotas to limit the amount of space available on the server for user data.
T
User Configuration policies are applied by default when a computer starts up.
F
The implementation phase of the software life cycle includes the elements that are required to keep the software running smoothly.
F
When repackaging an application is not an option and a Windows Installer file is not available, you can use a .zap file to publish an application.
T
The Assign option allows users to install the applications that they consider useful to them.
F
When configuring Software Restriction Policies, the Disallowed option allows all applications to run except those that are specifically excluded.
F
The Disallowed Default Security Level should be used cautiously because all applications will be restricted unless explicitly allowed.
T
Multiple versions of the same GPO cannot be backed up to the same file system directory.
F
When the Settings tab is activated, an HTML report is generated that allows administrators to view GPO settings that do not have the original default values.
T
At least two domain controllers running Windows Server 2003 or Windows Server 2008 must be present to use WMI filters.
F
RSoP is available as an MMC snap-in.
T
The Policy Events tab collects all policy-related events and stores them in one convenient location.
T
What Computer Configuration node setting includes three subcategories: Audit Policy, User Rights Assignment, and Security Options?
Local Policies
What policies can be applied to one or more users or groups of users, allowing you to specify a more or less stringent password policy for this subset than the password policy defined for the entire domain?
Fine-Grained Password Policies
What is the default mechanism for authenticating domain users in Windows Server 2008, Windows Server 2003, and Microsoft Windows 2000?
Kerberos
What term refers to tracking events that take place on the local computer?
auditing
What section of GPO Local Policies allows administrators to log successful and failed security events such as logon events, account access, and object access?
Audit Policy
What policy setting is set to audit successes in the Default Domain Controllers GPO?
account management events
What policy setting allows an administrator to specify group membership lists?
Restricted Groups
Settings available in the __________ area of Group Policy allow greater administrative control in establishing rules and governing the issuance, maintenance, and guidelines within a public key infrastructure (PKI).
Public Key Policies
What provides administrators with the ability to redirect the contents of certain folders to a network location or to another location on the user’s local computer?
Folder Redirection
What term means that the Group Policy setting continues to apply until it is reversed by using a policy that overwrites the setting?
tattooing
What separate Group Policy category allows files to be available to users, even when the users are disconnected from the network?
Offline Files
By implementing the __________ feature when Folder Redirection is also configured, administrators can control the amount of information that is stored on the server.
Disk Quotas
If you set the refresh interval to zero, the system attempts to update the policy at what interval?
every 7 seconds
What command-line tool can be used to manually refresh group policy?
gpupdate.exe
How often are Computer Configuration group policies refreshed by default?
every 90 minutes
What policy can specify software that you wish to run on computers?
Software Restriction Policies
Which of these is not an option when configuring Fine-Grained Password Policies?
PasswordCommonNameUsage
What setting logs events related to successful user logons to a domain?
Account Logon Events
What category is used to configure the startup and security settings for services running on a computer?
System Services
Where can you configure the Group Policy refresh interval?
Computer Configuration\Administrative Templates\System\Group Policy
What process takes place from the time an application is evaluated for deployment in an organization until the time when it is deemed old or not suitable for use?
software life cycle
Which of the following is not a phase of the software life cycle?
evaluation
Microsoft Windows Server 2008 uses the Windows Installer with Group Policy to install and manage software that is packaged into what type of file?
.msi
Modifications to .msi files require transform files, which have the __________ extension.
.mst
__________ files are used to apply service packs and hotfixes to installed software.
Patch
Before deploying software using Group Policy, what must you create?
distribution share
What option allows users to install the applications that they consider useful to them?
Publish
What option is helpful when you are deploying required applications to pertinent users and computers?
Assign
What allows published applications to be organized within specific groupings for easy navigation?
software categories
What policies are designed to identify software and control its execution?
Software Restriction
When configuring Software Restriction policies, which option prevents any application from running that requires administrative rights, but allows programs to run that only require resources that are accessible by normal users?
Basic User
By default, the Software Restriction Policies area has what value in the Default Security Level setting?
Unrestricted
Which of the following is a software restriction rule that can be used to govern which programs can or cannot run on your network?
all of the above
What is a series of bytes with a fixed length that uniquely identifies a program or file?
hash
What identifies software by specifying the directory path where the application is stored in the file system?
path rule
What type of rule can be applied to allow only Windows Installer packages to be installed if they come from a trusted area of the network?
network zone rules
When implementing multiple Software Restriction Policy rules, which rule is always applied last?
path rule
What Software Restriction Policy properties allow you to determine whether the policies apply to all files or whether library files, such as Dynamic Link Library (DLL), are excluded?
enforcement
What Software Restriction Policy properties allow an administrator to control how certificate rules are handled?
trusted publishers
What type of file can be written to allow non–Windows Installer–compliant applications to be deployed?
.zap
What MMC snap-in provides a single access point to all aspects of Group Policy that were previously spread across other tools such as Active Directory Users and Computers, Active Directory Sites and Services, Resultant Set of Policy (RSoP), and the Group Policy Management Editor?
Group Policy Management
Which of the following can be done from the Group Policy Management snap-in?
import and copy GPO settings to and from the file system; search for GPOs based on name, permissions, WMI filter, GUID, or policy extensions set in the GPOs; search for individual settings within a GPO by keyword, and search for only those settings that have been configured; all of the above
Group Policy Management started being natively installed with what version of Windows Server?
2008
What tab displays groups and users with permission to link, perform modeling analyses, or read Group Policy Results information?
Delegation
When a GPO is selected in Group Policy Management, which tab allows administrators to view the locations to which the policy is linked?
Scope
__________ GPOs can act as templates when creating new GPOs for your organization.
Starter
What setting will prevent policy settings from applying to all child objects at the current level and all subordinate levels?
Block Policy Inheritance
What refines the application of a GPO to include or exclude certain users, groups, or computers based on the ACL that is applied to the GPO?
Security Group Filtering
What component of the Microsoft Windows operating system allows administrators to create queries based on hardware, software, operating systems, and services?
Windows Management Instrumentation
How many WMI filters can be configured per GPO?
one
What is the sum of the policies applied to a user or computer after all filters, security group permissions, and inheritance settings, such as Block Policy Inheritance and Enforce, have finished processing?
Resultant Set of Policy
Which mode in the Resultant Set of Policy Wizard is useful for documenting and understanding how combined policies are affecting users and computers?
Logging
What database of information includes hardware, Group Policy Software Installation settings, Internet Explorer Maintenance settings, scripts, Folder Redirection settings, and Security settings?
CIMOM
Group Policy __________ is used to simulate the effect of a policy on the user environment.
Modeling
Rather than simulating policy effects like the Group Policy Modeling Wizard, what obtains RSoP information from the client computer to show the actual effects that policies have on the client computer and user environment?
Group Policy Results
What command-line tool allows you to create and display an RSoP query from the command line?
GPResult
What would the syntax of the GPResult command be if you want to obtain RSoP information on computer and user policies that will affect a user named jsmith?
gpresult /user jsmith /v
Which mode in the Resultant Set of Policy Wizard allows administrators to simulate the effect of policy settings prior to implementing them on a computer or user?
Planning
WMI filters cannot be evaluated on which operating system?
Windows 2000
WMI Filtering uses filters written in what language, which is similar to structured query language (SQL)?
WMI Query Language
Centralized management of security settings for users and computers can be accomplished by using __________ Policy.
Group
__________ Password Policies allow one or more users or groups of users to specify a more or less stringent password policy for a subset account than the password policy defined for the entire domain.
Fine-Grained
__________ is the default mechanism for authenticating domain users in Windows Server 2008, Windows Server 2003, and Microsoft Windows 2000.
Kerberos
When an audited event occurs, Windows Server 2008 writes an event to the __________ log on the domain controller or computer where the event took place.
security
Policy __________ audit log entries are triggered by events such as user rights assignment changes, establishment or removal of trust relationships, IPSec policy agent changes, and grants or removals of system access privileges.
change
The service startup options are Automatic, __________, and Disabled.
Manual
The Wireless Network Policy __________ is provided to enable administrators to specify appropriate settings for the corporate environment.
Wizard
Folder __________ provides administrators with the ability to redirect the contents of certain folders to a network location or to another location on the user’s local computer.
Redirection
Offline Files is configured on the __________ tab of a folder.
Sharing
The __________ command-line tool was introduced in Windows Server 2003, and it is used in Windows Server 2003 and Windows Server 2008 to replace the secedit /refreshpolicy command used in Windows 2000.
gpupdate.exe
The software life cycle is a derivative of the System __________ Life Cycle.
Development
The __________ phase is the final phase before the software life cycle begins again with a new software deployment plan.
removal
A(n) __________ file is a relational database file that is copied to the target computer system with the program files it deploys.
.msi
Before deploying software using Group Policy, you must create a(n) __________ share.
distribution
If you use the __________ option, you must also decide whether you will assign the application to a computer or a user account.
Assign
Use the __________ option to provide all installation messages and screens for users during the installation of all packages in the GPO.
Maximum
When customizing software installation packages, use the __________ tab to specify the transform (.mst) files or patch (.msp) files that are to be applied to the package.
Modifications
The Software __________ Policies node is found in the Windows Settings\Security Settings\ node of the User Configuration or the Computer Configuration node of a Group Policy.
Restriction
A hash is computed by a hash __________, which in effect creates a fingerprint of the file.
algorithm
A(n) __________ rule identifies software by specifying the directory path where the application is stored in the file system.
path
Group Policy Management is located in the __________ Tools folder of the Start menu.
Administrative
The __________ Group Policy Objects tab allows an administrator to change the order of policies, create new policies, edit existing policies, create policy links, and view and change the enabled status.
Linked
By default, Group Policy settings will apply to all __________ objects within the domain, site, or OU to which they are linked.
child
WMI allows administrators to create __________ based on hardware, software, operating systems, and services.
queries
__________ Set of Policy is the sum of the policies applied to a user or computer after all filters, security group permissions, and inheritance settings, such as Block Policy Inheritance and Enforce, have finished processing.
Resultant
Group Policy __________, referred to as Planning mode using the Resultant Set of Policy snap-in, is used to simulate the effect of a policy on the user environment.
Modeling
__________ is a command-line tool that allows you to create and display an RSoP query from the command line.
GPResult
The Resultant Set of Policy __________ is provided in Windows Server 2008 to assist administrators in determining the effects of policies on users and computers.
Wizard
Security Group __________ refines the application of a GPO to include or exclude certain users, groups, or computers based on the ACL that is applied to the GPO.
Filtering
A new Group Policy management feature in Windows Server 2008 is the ability to create __________ GPOs that can act as templates when creating new GPOs for your organization.
Starter
Kerberos is a ticket-based system that allows domain access by using what?
Key Distribution Center
What setting logs events related to successful user logons to a domain?
Account Logon Events
What event category logs user access to files, folders, registry keys, and printers?
Audit Object Access
What policy setting allows an administrator to specify group membership lists?
Restricted Groups
What setting allows computers to automatically submit a request for a certificate from an Enterprise Certification Authority (CA) and install that certificate?
Automatic Certificate Request
What separate Group Policy category allows files to be available to users, even when the users are disconnected from the network?
Offline Files
The Disk Quota feature is only available on volumes formatted with what?
NTFS File System
Computer Configuration group policies are refreshed how often by default?
every 90 minutes
What is the client-side component of Windows Installer?
Windows Installer Service
When repackaging an application is not an option and a Windows Installer file is not available, what type of file can be used to publish an application?
.zap file
What allows published applications to be organized within specific groupings for easy navigation?
software categories
What is designed to identify software and control its execution?
Software Restriction Policies
When configuring Software Restriction Policies, what option prevents any application from running that requires administrative rights, but allows programs to run that only require resources that are accessible by normal users?
Basic User
What is generated by a formula that makes it nearly impossible for another program to have the same hash?
hash value
What can be used to allow software from a trusted source to run or prevent software that does not come from a trusted source from running?
certificate rule
What rules apply only to Windows Installer packages that attempt to install from a specified zone such as a local computer, local intranet, trusted sites, restricted sites, or the Internet?
network zone rules
What MMC snap-in is a tool for managing Group Policy in Windows Server 2008, Windows Server 2003, and Windows 2000 Active Directory domains?
Group Policy Management
What tab displays the order of precedence for the policies set on a given container?
Group Policy Inheritance
What type of GPO can act as templates when creating new GPOs for your organization?
Starter GPO
What setting can prevent policy settings from applying to all child objects at the current level and all subordinate levels?
Block Policy Inheritance
What can be used to control which users or computers will be affected by a GPO based on defined criteria?
WMI filters
What is the sum of the policies applied to a user or computer after all filters, security group permissions, and inheritance settings, such as Block Policy Inheritance and Enforce, have finished processing?
Resultant Set of Policy
What RSoP mode allows administrators to simulate the effect of policy settings prior to implementing them on a computer or user?
Planning mode
What feature in Group Policy Management is equivalent to the Logging mode within the Resultant Set of Policy MMC snap-in?

Group Policy Results