CNIT 242 exam 1 questions and answers already passed

CNIT 242 exam 1 questions and answers already passed What is the purpose of roaming profiles allows for the user to always have a consistent environment as changes are always made Roaming profile advantages i. Always up to date ii. Available anywhere with access to network share Roaming profile disadvantages i. Increase logon/logoff time ii. Versioning issues if the users logs into multiple clients simultaneously iii. The copy of the profile remains on the client after logoff how do you set a password policy Group policy management > create a new GPO > Edit the GPO > computer configuration > windows settings > security settings > account policies > password policy What is an ideal password policy force periodic changes, disallow last # of passwords, mix case, non alpha characters How are roaming profiles set up Group policy management > Edit GPO > computer config > policies > administrative templates > system > user profiles > right click 'set roaming profile path for all users logging onto this computer' then Edit > enable in properties > enter the path What is the difference between a site and a domain a. Domain: collection of objects that share the same database b. Site: represent the physical structure or topology of your network. A collection of well connected sub nets What is the difference between a tree and a forest a. Forest: single instance of active directory i. Within a forest you can have multiple domains ii. Two or more trees that don't share a contiguous namespace b. Tree: collection of domains that share a contiguous namespace What is a local profile basic type of profile i. Purpose: accounts on stand alone computer what is a mandatory profile a read only profile assigned to an account i. Purpose: used for accounts associated with specific tasks what is a roaming profile users profile stored is stored on a network share i. Purpose: consistent environment as changes are always available what is the difference between roaming profile and folder redirection a. Roaming profile: the entire profile is stored on a network share b. Folder redirection: portions of the profile can be redirected to a network share what is a directory schema? what is x.500? a. holds the classes for the object you create b. X.500: a series of computer networking standards covering electronic directory services what is the purpose of folder redirection? a. Have all user files stored in one central area where they can be manipulated b. Helps with security, does not leave anything behind locally what does DNS name resolution do a. the task of converting domain names to their corresponding IP address What is the DNS process b. Process of DNS i. Logs onto internet service provider ii. Opens web browser, types URL iii. Computer asks for ISPs DNS server for specific IP address for URL iv. Once IP address found, DNS server responds with appropriate IP address and the users computer gives this address to users browser v. Browser opens a connection to server using IP address provided vi. Browser displays requested page on computer screen What is the purpose of DDNS i. Method of automatically updating a name server in the Domain Name System Directory naming conventions C - Country O - Organization OU - Organizational Unit CN - Common Name WINS- windows internet naming system Provides central mapping of host names to network addresses Process: Host registers itself with a WINS server Asks WINS server for the network address by using the station's NetBIOS name - Eliminates the need to broadcast NETBIOS - 15 user defined characters 4 types of NetBIOS name resolutions: B-node (0x0) Broadcast P-node (0x2) Peers (WINS) M-node (0x4) Mixed (Broadcast then WINS) H-node (0x8) Hybrid (WINS then Broadcast) What is the relationship between group policy and organizational units a. Group policy: set of rules which control the working environment of user accounts and computer accounts b. Organizational unit: smallest scope or unit to which you can assign group policy settings or delegate administrative authority What is the purpose of group policy a. provides centralized management and configuration of operating systems, applications and users settings in the active directory What order is Group policy applied a. Local policy b. Site policy c. Domain policy d. OU policy How are group policy conflicts resolved a. If parent GPO has a value for setting and a child does not i. Child inherits parents GPO in full b. If a parent GPO has a value for a setting and a child GPO has a non-conflicting value for the same setting i. Child inherits parents GPO in full and applies its own also c. Parent GPO has a value for a setting and child GPO has conflicting value for same setting i. Child inherits GPO but the conflicting setting on the child overwrites the inherited values What are rights? a. logon capabilities: can be denied to groups or users i. Done with GPM What are permissions b. the capability of accessing an object. These permissions can be granted or denied but there is more granularity i. Done over ACL What is the difference between authentication and authorization? List examples of each a. Authentication: process of verifying the identity of a user by obtaining some sort of credentials and using those credentials to verify the user i. Two factor: two items used to determine credentials ii. Multi factor: multiple factors used to determine credentials b. Authorization: Once authenticated, what permissions do you have What are the different active directory groups? What are their purpose? a. Security groups: have SIDs added to user tokens and can be sued in ACLs b. Distribution groups: are organizational only and not for access control i. Used in messaging What is the purpose of a domain contorller? a. server computer that responds to security authentication requests within a windows domain What is FSMO b. specialized domain controller set of tasks, used where standard data transfer and update methods are inadequate What is the purpose of active directory? a. Microsoft's network directory. Central repository of networked device information for querying, updating, and authenticating against the data What is the purpose of replication? b. process by which the changes that are made on one domain controller are synchronized with all other domain controllers in the domain or forest that store copies of the same information What is LDAP? c. open, vendor neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an internet protocol network Explain domain trust relationships a. a way to allow users from a trusted domain to access services in a trusting domain. b. If a user or application is authenticated by one domain, its authentication is accepted by all other domains that trust the authenticating domain. What is FQDN? Fully qualified domain name, is a domain name that specifies its exact location in the tree hierarchy of the domain name system What is pruning and grafting? Objects can be easily moved from one location to another i. Items in the directory can be moved to new locations in the directory What is Kerberos a. strong network authentication protocol for client/ server application How does Kerberos work? i. Admins create realms that will encompass all that is available to access ii. The client, lives within the realm, as well as the service or house you want to request and the key distribution center iii. 2 messages, one decrypt-able and one not iv. KDC stores all of the secret keys for user machines and services in its database What three servers are required for Kerberos one authentication server, one ticket granting server, at least one application server What is the difference between a GPO that is enabled and enforced? b. Enabled: group policy is linked to the OU - policy apples to objects within OU c. Enforced: policy cannot be overwritten by another policy What are leaf objects any object that cannot contain other objects in the directory what are acls assign permissions at the object level