Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
30 Cards in this Set
- Front
- Back
- 3rd side (hint)
|
Account Lockout Policies
|
A subcategory in the Account Policies category that specifies the number of unsuccessful logon attempts that, if made within a contiguous timeframe, might constitute a potential security threat from an intrruder. An Account Lockout Policy can be set to lock the account in question after a specified number ofinvalid attempts. Additionally, the policy specifies how long the account will remain locked.
|
|
|
|
account logon events
|
Setting that logs events related to successful user logons to a domain.
|
|
|
|
account management events
|
Setting that triggers an event that is written based on changes to account properties and group properties. Log entries written due to this policy setting reflect events related to user or group account creation, deletion, renaming, enabling, or disabling.
|
|
|
|
Audit Policy
|
Th section of GPO Local Policies that enables administrators to log successful and failed security events, such as logon events, account access, and object access.
|
|
|
|
auditing
|
Tracking events that take place on the local computer.
|
|
|
|
disk quotas
|
A setting that limits the amount of space available on the server for user data.
|
|
|
|
Enforce Password History
|
Group Policy setting that indicates the number of passwords that Active Directory should retain in memory before allowing someone to reuse a previously used password.
|
|
|
|
gpupdate.exe
|
A command-line tool used to force a manual Group Policy refresh. Thistool was introduced in Windows Server 2003, and it is used in Windows Server 2003, and it is used in Windows Server 2003 and Windows Server 2008 to replace the secedit/refreshpolicy command that was used in Windows 2000.
|
|
|
|
Kerberos Policies
|
For domain accounts only, this policy enables administrators to configure settings that govern how Active Directory authentication functions.
|
|
|
|
Local Policies
|
Policies that enable administrators to set user privileges on the local computer that govern what users can do on the computer and determine if these actions are tracked within an event log.
|
|
|
|
logon events
|
The setting logs events related to successful user logons on a computer.
|
|
|
|
logon events
|
The setting logs events related to successful user logons on a computer.
|
|
|
|
msDS-PasswordSettings
|
A new object type in Windows Server 2008 that enables the use of Fine-Grained Password Policies. Also know as a Password Setting Object (PSO).
|
|
|
|
Offline Files
|
A separate Group Policy category that can allow files to be available to users, even when users are disconnected from the network.
|
|
|
|
msDS-PasswordSettings
|
A new object type in Windows Server 2008 that enables the use of Fine-Grained Password Policies. Also know as a Password Setting Object (PSO).
|
|
|
|
Password Policies
|
A subcategovy in the Account Policies category that enforces password length, password history and so on. Password Policies can be applied to domain and local user accoutns.
|
|
|
|
Offline Files
|
A separate Group Policy category that can allow files to be available to users, even when users are disconnected from the network.
|
|
|
|
policy change events
|
By default, this policy is set to audit successes in the Default Domain Controllers GPO. Policy change audit log entries are triggered by events such as user rights assignment changes, establishement or removal of trust relationships, IPSec policy agent changes, and grants or removals of system access privileges.
|
|
|
|
Password Policies
|
A subcategory in the Account Policies category that enforces password length, password history, and so on. Password Policies can be applied to domain and local user accounts.
|
|
|
|
policy change events
|
By default, this policy is set to audit successes in the Default Domain Controllers GPO. Policy change audit log entries are triggered by events such as user rights assignment changes, establishment or removal of trust relationsips, IPSec policy agent changes, and grants or removals of system access privileges.
|
|
|
|
refresh interval
|
The available period that each background refresh process that can set to ranges from 0 to 64,800 minutes (45 days).
|
|
|
|
Restricted Groups
|
Policy settings that enables an administrator to specify group membership lists.
|
|
|
|
Security Options
|
A subcategory of the Local Policies setting area of a Group Policy Object that includes security settings related to interactive log on, digital signing of data, restrictions for access to floppy and CD-ROM drives, unsigned driver installation behavior, and logon dialog box behavior.
|
|
|
|
system events
|
Events that rigger a log entry in this category include system startups and shutdowns; system time changes; system event resources exhaustion, such as when an event log is filled an can no longer append entries; security log cleaning; or any event that affects system security or the security log. In the Default Domain Controllers GPO, this setting is set tolog success by default.
|
|
|
|
System Services
|
The category that is used to configure the startup and security settings for services running on a computer.
|
|
|
|
tattooing
|
An Administrative Template setting that continues to apply until it is revised using a policy that overwrites the setting.
|
|
|
|
User Rights Assignment
|
A subcategory of the Local Policies setting area of a Group Policy Object that includes settings for items that pertain to rights needed by users to perform system-related tasks.
|
|
|
|
FGPP
|
Fine-Grained Password Policies
|
A policy that can be applied to one or more users or groups of users, allowing the administrator to specify a more or less stringent password policy for the subset than the password policy defined for the entire domain.
|
|
|
KDC
|
Key Distribution Center
|
Used to issue Kerberos tickets to users for domain accesss.
|
|
|
PSO
|
Password Settings Object
|
A new object type in Windows Server 2008 that enables the use of Fine-Grained Password Policies. Also know as msDS-PasswordSettings.
|
