Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
19 Cards in this Set
- Front
- Back
A _____________ group can only contain members from within the same domain. |
global
Global groups can contain user and computer accounts, and/or other global groups only from within the same domain as the global group. pg 105 |
|
You can use the _________ utility to import data from Comma-separated value (CSV) files.
|
csvde
The csvde utility allows an admin to import/export AD objects. It uses a .csv file based on the header record,* which describes each part of the data. * the first line of the text file that uses proper attribute names. |
|
Only two group types can be configured in AD. The following are definitions of each type. Using the definition, give the name of each type:
a.) Used to distribute information to a group of users b.) Grants resource access permissions to a group of users |
a.) Distribution group, used only for email purposes.
b.) Security group pg 104 |
|
Three account types are possible in Windows Server 2008. What are they?
|
Local, Domain, and Built-in.
Pg 102 |
|
Which of the following are group scopes?
a.) domain local groups b.) global groups c.) distribution groups d.) universal groups e.) security groups |
a, b, and d
pg 105 |
|
Definition of Active Directory group scope:
Any group, whether a security or distribution group, is characterized by a ____(a)______that identifies the extent to which the group is applied in the domain tree or ____(b)_______. |
a.) scope
b.) forest |
|
What are Access Control Lists and what role do they play in AD?
|
Access control in AD is used to manage user access to shared resources. At the object level, levels of access, or permissions (such as full control, write, read, or no access), are applied to objects (such as files, printers, folders, and services) and defines how different users can use AD objects.
Access control permissions are assigned to objects in AD and stored in their security descriptors. Inside security descriptors are two ACLs: Discretionary ACLs, which identify who can use an object, and System ACLs, which identify and log successful or failed attempts to access objects by users. |
|
What is the DN (distinguished name) for the jsmith account which resides in the Accounts OU, which is inside the lucernepublishing.com AD domain?
|
cn=jsmith,ou=accounts,dc=lucernepublishing,dc=com
pg 118 |
|
The DSADD command can be used to create, ____a____, view, and ____b_____ active directory _____c_____.
|
a delete
b modify c objects Pg 118 |
|
The administrator account is a ____a_____ domain account that serves as the primary supervisory account in Windows Server. It can be renamed, but it can't be _____b______.
|
a - built-in
b - deleted |
|
Windows server 2008 groups include two types: a and b, and three scopes: domain local, c, and d.
|
a - security
b - distribution c - global d - universal |
|
Global groups are used to organize _____a_____ users according to their resource access needs. They are placed in the ____b____ list of domain local ____c____, which are then assigned the desired ______d______ to resources.
|
a - domain
b - membership c - groups d - permissions |
|
______a______ groups are used to provide access to resources anywhere in the forest. Their membership lists can contain global groups and users from any ____b____.
|
a - Universal
b - domain |
|
Each user and group object has a(n) __________, which must be unique across an entire AD domain.
SAM means "security _______ ________" |
SAM account name
the part of a user's user principal name to the left of the @. security account manager |
|
When a user logs on to AD, he receives a(n) _____________ consisting of all his security group memberships.
|
access token
|
|
What defines the types of objects that can belong to a particular group and the types of resources that group can be used to secure?
a - group scope b - group security c - special identity group d - security group |
a
|
|
Which group type allows you to assign permissions to resources as well as receive messages via AD-enabled email applications such as MS Exchange?
a - distribution group b - exchange group c - permissions group d - security group |
d
|
|
Which group scope can contain users and groups from any domain within an AD forest, but can be used only to secure resources located within the same domain as the group itself?
a - domain group b - global group c - domain local group d - universal group |
c
|
|
Which account type is configured on an AD DC and can be used to grant access to resources on any domain-joined computer?
a - domain local account b - global account c - domain account d - local account |
c
|