Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
129 Cards in this Set
- Front
- Back
Fine-Grained Password Policies can be applied to one or more users or groups of users, allowing you to specify a more or less stringent password policy for a subset account than the password policy defined for the entire domain. |
T
|
|
Events that trigger a log entry in the Application Events category include system startups and shutdowns; system time changes; system event resources exhaustion, such as when an event log is filled and can no longer append entries; security log cleaning; or any event that affects system security or the security log. |
F
|
|
The Limited Groups policy setting allows an administrator to specify group membership lists. |
F |
|
Use disk quotas to limit the amount of space available on the server for user data.
|
T
|
|
User Configuration policies are applied by default when a computer starts up.
|
F
|
|
The implementation phase of the software life cycle includes the elements that are required to keep the software running smoothly.
|
F
|
|
When repackaging an application is not an option and a Windows Installer file is not available, you can use a .zap file to publish an application.
|
T
|
|
The Assign option allows users to install the applications that they consider useful to them.
|
F
|
|
When configuring Software Restriction Policies, the Disallowed option allows all applications to run except those that are specifically excluded.
|
F
|
|
The Disallowed Default Security Level should be used cautiously because all applications will be restricted unless explicitly allowed.
|
T
|
|
Multiple versions of the same GPO cannot be backed up to the same file system directory.
|
F
|
|
When the Settings tab is activated, an HTML report is generated that allows administrators to view GPO settings that do not have the original default values.
|
T
|
|
At least two domain controllers running Windows Server 2003 or Windows Server 2008 must be present to use WMI filters.
|
F
|
|
RSoP is available as an MMC snap-in.
|
T
|
|
The Policy Events tab collects all policy-related events and stores them in one convenient location.
|
T
|
|
What Computer Configuration node setting includes three subcategories: Audit Policy, User Rights Assignment, and Security Options?
|
Local Policies
|
|
What policies can be applied to one or more users or groups of users, allowing you to specify a more or less stringent password policy for this subset than the password policy defined for the entire domain?
|
Fine-Grained Password Policies
|
|
What is the default mechanism for authenticating domain users in Windows Server 2008, Windows Server 2003, and Microsoft Windows 2000?
|
Kerberos
|
|
What term refers to tracking events that take place on the local computer?
|
auditing
|
|
What section of GPO Local Policies allows administrators to log successful and failed security events such as logon events, account access, and object access?
|
Audit Policy
|
|
What policy setting is set to audit successes in the Default Domain Controllers GPO?
|
account management events
|
|
What policy setting allows an administrator to specify group membership lists?
|
Restricted Groups
|
|
Settings available in the __________ area of Group Policy allow greater administrative control in establishing rules and governing the issuance, maintenance, and guidelines within a public key infrastructure (PKI).
|
Public Key Policies
|
|
What provides administrators with the ability to redirect the contents of certain folders to a network location or to another location on the user’s local computer?
|
Folder Redirection
|
|
What term means that the Group Policy setting continues to apply until it is reversed by using a policy that overwrites the setting?
|
tattooing
|
|
What separate Group Policy category allows files to be available to users, even when the users are disconnected from the network?
|
Offline Files
|
|
By implementing the __________ feature when Folder Redirection is also configured, administrators can control the amount of information that is stored on the server.
|
Disk Quotas
|
|
If you set the refresh interval to zero, the system attempts to update the policy at what interval?
|
every 7 seconds
|
|
What command-line tool can be used to manually refresh group policy?
|
gpupdate.exe
|
|
How often are Computer Configuration group policies refreshed by default?
|
every 90 minutes
|
|
What policy can specify software that you wish to run on computers?
|
Software Restriction Policies
|
|
Which of these is not an option when configuring Fine-Grained Password Policies?
|
PasswordCommonNameUsage
|
|
What setting logs events related to successful user logons to a domain?
|
Account Logon Events
|
|
What category is used to configure the startup and security settings for services running on a computer?
|
System Services
|
|
Where can you configure the Group Policy refresh interval?
|
Computer Configuration\Administrative Templates\System\Group Policy
|
|
What process takes place from the time an application is evaluated for deployment in an organization until the time when it is deemed old or not suitable for use?
|
software life cycle
|
|
Which of the following is not a phase of the software life cycle?
|
evaluation
|
|
Microsoft Windows Server 2008 uses the Windows Installer with Group Policy to install and manage software that is packaged into what type of file?
|
.msi
|
|
Modifications to .msi files require transform files, which have the __________ extension.
|
.mst
|
|
__________ files are used to apply service packs and hotfixes to installed software.
|
Patch
|
|
Before deploying software using Group Policy, what must you create?
|
distribution share
|
|
What option allows users to install the applications that they consider useful to them?
|
Publish
|
|
What option is helpful when you are deploying required applications to pertinent users and computers?
|
Assign
|
|
What allows published applications to be organized within specific groupings for easy navigation?
|
software categories
|
|
What policies are designed to identify software and control its execution?
|
Software Restriction
|
|
When configuring Software Restriction policies, which option prevents any application from running that requires administrative rights, but allows programs to run that only require resources that are accessible by normal users?
|
Basic User
|
|
By default, the Software Restriction Policies area has what value in the Default Security Level setting?
|
Unrestricted
|
|
Which of the following is a software restriction rule that can be used to govern which programs can or cannot run on your network?
|
all of the above
|
|
What is a series of bytes with a fixed length that uniquely identifies a program or file?
|
hash
|
|
What identifies software by specifying the directory path where the application is stored in the file system?
|
path rule
|
|
What type of rule can be applied to allow only Windows Installer packages to be installed if they come from a trusted area of the network?
|
network zone rules
|
|
When implementing multiple Software Restriction Policy rules, which rule is always applied last?
|
path rule
|
|
What Software Restriction Policy properties allow you to determine whether the policies apply to all files or whether library files, such as Dynamic Link Library (DLL), are excluded?
|
enforcement
|
|
What Software Restriction Policy properties allow an administrator to control how certificate rules are handled?
|
trusted publishers
|
|
What type of file can be written to allow non–Windows Installer–compliant applications to be deployed?
|
.zap
|
|
What MMC snap-in provides a single access point to all aspects of Group Policy that were previously spread across other tools such as Active Directory Users and Computers, Active Directory Sites and Services, Resultant Set of Policy (RSoP), and the Group Policy Management Editor?
|
Group Policy Management
|
|
Which of the following can be done from the Group Policy Management snap-in?
|
import and copy GPO settings to and from the file system; search for GPOs based on name, permissions, WMI filter, GUID, or policy extensions set in the GPOs; search for individual settings within a GPO by keyword, and search for only those settings that have been configured; all of the above
|
|
Group Policy Management started being natively installed with what version of Windows Server?
|
2008
|
|
What tab displays groups and users with permission to link, perform modeling analyses, or read Group Policy Results information?
|
Delegation
|
|
When a GPO is selected in Group Policy Management, which tab allows administrators to view the locations to which the policy is linked?
|
Scope
|
|
__________ GPOs can act as templates when creating new GPOs for your organization.
|
Starter
|
|
What setting will prevent policy settings from applying to all child objects at the current level and all subordinate levels?
|
Block Policy Inheritance
|
|
What refines the application of a GPO to include or exclude certain users, groups, or computers based on the ACL that is applied to the GPO?
|
Security Group Filtering
|
|
What component of the Microsoft Windows operating system allows administrators to create queries based on hardware, software, operating systems, and services?
|
Windows Management Instrumentation
|
|
How many WMI filters can be configured per GPO?
|
one
|
|
What is the sum of the policies applied to a user or computer after all filters, security group permissions, and inheritance settings, such as Block Policy Inheritance and Enforce, have finished processing?
|
Resultant Set of Policy
|
|
Which mode in the Resultant Set of Policy Wizard is useful for documenting and understanding how combined policies are affecting users and computers?
|
Logging
|
|
What database of information includes hardware, Group Policy Software Installation settings, Internet Explorer Maintenance settings, scripts, Folder Redirection settings, and Security settings?
|
CIMOM
|
|
Group Policy __________ is used to simulate the effect of a policy on the user environment.
|
Modeling
|
|
Rather than simulating policy effects like the Group Policy Modeling Wizard, what obtains RSoP information from the client computer to show the actual effects that policies have on the client computer and user environment?
|
Group Policy Results
|
|
What command-line tool allows you to create and display an RSoP query from the command line?
|
GPResult
|
|
What would the syntax of the GPResult command be if you want to obtain RSoP information on computer and user policies that will affect a user named jsmith?
|
gpresult /user jsmith /v
|
|
Which mode in the Resultant Set of Policy Wizard allows administrators to simulate the effect of policy settings prior to implementing them on a computer or user?
|
Planning
|
|
WMI filters cannot be evaluated on which operating system?
|
Windows 2000
|
|
WMI Filtering uses filters written in what language, which is similar to structured query language (SQL)?
|
WMI Query Language
|
|
Centralized management of security settings for users and computers can be accomplished by using __________ Policy.
|
Group
|
|
__________ Password Policies allow one or more users or groups of users to specify a more or less stringent password policy for a subset account than the password policy defined for the entire domain.
|
Fine-Grained
|
|
__________ is the default mechanism for authenticating domain users in Windows Server 2008, Windows Server 2003, and Microsoft Windows 2000.
|
Kerberos
|
|
When an audited event occurs, Windows Server 2008 writes an event to the __________ log on the domain controller or computer where the event took place.
|
security
|
|
Policy __________ audit log entries are triggered by events such as user rights assignment changes, establishment or removal of trust relationships, IPSec policy agent changes, and grants or removals of system access privileges.
|
change
|
|
The service startup options are Automatic, __________, and Disabled.
|
Manual
|
|
The Wireless Network Policy __________ is provided to enable administrators to specify appropriate settings for the corporate environment.
|
Wizard
|
|
Folder __________ provides administrators with the ability to redirect the contents of certain folders to a network location or to another location on the user’s local computer.
|
Redirection
|
|
Offline Files is configured on the __________ tab of a folder.
|
Sharing
|
|
The __________ command-line tool was introduced in Windows Server 2003, and it is used in Windows Server 2003 and Windows Server 2008 to replace the secedit /refreshpolicy command used in Windows 2000.
|
gpupdate.exe
|
|
The software life cycle is a derivative of the System __________ Life Cycle.
|
Development
|
|
The __________ phase is the final phase before the software life cycle begins again with a new software deployment plan.
|
removal
|
|
A(n) __________ file is a relational database file that is copied to the target computer system with the program files it deploys.
|
.msi
|
|
Before deploying software using Group Policy, you must create a(n) __________ share.
|
distribution
|
|
If you use the __________ option, you must also decide whether you will assign the application to a computer or a user account.
|
Assign
|
|
Use the __________ option to provide all installation messages and screens for users during the installation of all packages in the GPO.
|
Maximum
|
|
When customizing software installation packages, use the __________ tab to specify the transform (.mst) files or patch (.msp) files that are to be applied to the package.
|
Modifications
|
|
The Software __________ Policies node is found in the Windows Settings\Security Settings\ node of the User Configuration or the Computer Configuration node of a Group Policy.
|
Restriction
|
|
A hash is computed by a hash __________, which in effect creates a fingerprint of the file.
|
algorithm
|
|
A(n) __________ rule identifies software by specifying the directory path where the application is stored in the file system.
|
path
|
|
Group Policy Management is located in the __________ Tools folder of the Start menu.
|
Administrative
|
|
The __________ Group Policy Objects tab allows an administrator to change the order of policies, create new policies, edit existing policies, create policy links, and view and change the enabled status.
|
Linked
|
|
By default, Group Policy settings will apply to all __________ objects within the domain, site, or OU to which they are linked.
|
child
|
|
WMI allows administrators to create __________ based on hardware, software, operating systems, and services.
|
queries
|
|
__________ Set of Policy is the sum of the policies applied to a user or computer after all filters, security group permissions, and inheritance settings, such as Block Policy Inheritance and Enforce, have finished processing.
|
Resultant
|
|
Group Policy __________, referred to as Planning mode using the Resultant Set of Policy snap-in, is used to simulate the effect of a policy on the user environment.
|
Modeling
|
|
__________ is a command-line tool that allows you to create and display an RSoP query from the command line.
|
GPResult
|
|
The Resultant Set of Policy __________ is provided in Windows Server 2008 to assist administrators in determining the effects of policies on users and computers.
|
Wizard
|
|
Security Group __________ refines the application of a GPO to include or exclude certain users, groups, or computers based on the ACL that is applied to the GPO.
|
Filtering
|
|
A new Group Policy management feature in Windows Server 2008 is the ability to create __________ GPOs that can act as templates when creating new GPOs for your organization.
|
Starter
|
|
Kerberos is a ticket-based system that allows domain access by using what?
|
Key Distribution Center
|
|
What setting logs events related to successful user logons to a domain?
|
Account Logon Events
|
|
What event category logs user access to files, folders, registry keys, and printers?
|
Audit Object Access
|
|
What policy setting allows an administrator to specify group membership lists?
|
Restricted Groups
|
|
What setting allows computers to automatically submit a request for a certificate from an Enterprise Certification Authority (CA) and install that certificate?
|
Automatic Certificate Request
|
|
What separate Group Policy category allows files to be available to users, even when the users are disconnected from the network?
|
Offline Files
|
|
The Disk Quota feature is only available on volumes formatted with what?
|
NTFS File System
|
|
Computer Configuration group policies are refreshed how often by default?
|
every 90 minutes
|
|
What is the client-side component of Windows Installer?
|
Windows Installer Service
|
|
When repackaging an application is not an option and a Windows Installer file is not available, what type of file can be used to publish an application?
|
.zap file
|
|
What allows published applications to be organized within specific groupings for easy navigation?
|
software categories
|
|
What is designed to identify software and control its execution?
|
Software Restriction Policies
|
|
When configuring Software Restriction Policies, what option prevents any application from running that requires administrative rights, but allows programs to run that only require resources that are accessible by normal users?
|
Basic User
|
|
What is generated by a formula that makes it nearly impossible for another program to have the same hash?
|
hash value
|
|
What can be used to allow software from a trusted source to run or prevent software that does not come from a trusted source from running?
|
certificate rule
|
|
What rules apply only to Windows Installer packages that attempt to install from a specified zone such as a local computer, local intranet, trusted sites, restricted sites, or the Internet?
|
network zone rules
|
|
What MMC snap-in is a tool for managing Group Policy in Windows Server 2008, Windows Server 2003, and Windows 2000 Active Directory domains?
|
Group Policy Management
|
|
What tab displays the order of precedence for the policies set on a given container?
|
Group Policy Inheritance
|
|
What type of GPO can act as templates when creating new GPOs for your organization?
|
Starter GPO
|
|
What setting can prevent policy settings from applying to all child objects at the current level and all subordinate levels?
|
Block Policy Inheritance
|
|
What can be used to control which users or computers will be affected by a GPO based on defined criteria?
|
WMI filters
|
|
What is the sum of the policies applied to a user or computer after all filters, security group permissions, and inheritance settings, such as Block Policy Inheritance and Enforce, have finished processing?
|
Resultant Set of Policy
|
|
What RSoP mode allows administrators to simulate the effect of policy settings prior to implementing them on a computer or user?
|
Planning mode
|
|
What feature in Group Policy Management is equivalent to the Logging mode within the Resultant Set of Policy MMC snap-in?
|
Group Policy Results |