Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

ELEX 139 > Assignment 6/7 – Active Directory > Flashcards

Assignment 6/7 – Active Directory Flashcards

1
Q
  1. What is Active Directory? What term is used to describe managed components within the Active Directory database?
A

Active Directory is the database of all managed components within the domain. Components are called objects and include computers, users, account policies, roles, services, etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
  1. What are the three roles that a computer can take on within a domain environment?
A

Client – users of the domain services
Member Server – provides services to the domain and clients
Domain Controller – maintains the Active Directory database

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
  1. What is the name of the file used to store the Active Directory database?
A

The Active Directory database is stored in a file called Ntds.dit.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
  1. Describe the differences between a domain, tree and a forest with respect to domain structure.
A

A domain is an administratively-defined collection of network resources that share a common directory database and security policies.

A tree is a group of domains based on the same namespace that share a common schema, share resources between domains, and have two-way trust relations

A forest is a collection of related domain trees. The forest establishes the relationship between trees that have different DNS name spaces.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
  1. How are domains identified?
A

Domains are identified by their domain name. For example, Camosun.BC.CA for Camosun College.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
  1. What is the difference between a default container and an organizational unit (OU)?
A

A container is a built-in structure for holding objects. Containers cannot be renamed, deleted, or have group policy applied to them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
  1. What is meant by a ‘trust relationship’ between domains?
A

Trust relationship allows users in one domain to use services within another domain. Child and Parent domains generally have a two way trust relationship by default.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q
  1. What is the process used by domain controllers to maintain consistency between the active directory information?
A

Domain Controllers use replication to maintain consistency.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q
  1. What is the process of promoting a member server to become a domain controller?
A

Install the Active Directory Domain Services role and use the Active Directory Domain Services Configuration Wizard to promote the server to become the Domain Controller.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q
  1. What is a common role to install at the same time as promoting a member server to a domain controller?
A

If a server is being promoted to a Domain Controller, then the DNS role is usually installed as well.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
  1. What are some important settings to verify before promoting a member server to become a domain controller?
A

Make sure the computer name is correct.
Make sure the time zone is set correctly.
Use a static IP address.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q
  1. What are four methods for installing the Active Directory Domain Services Role?
A

Add a domain controller to an existing domain – replica domain controller
Add a new domain to an existing forest as a Child domain.
Add a new domain to an existing forest as a new tree.
Add a new forest when there is no existing domain.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q
  1. What is Windows Azure?
A

Windows Azure is a Microsoft cloud service used to create and maintain the Active Directory Role and Services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
  1. What is a Global Catalog server?
A

A Global Catalog Server is a domain controller used for searches and logons. They contain information about other objects in other forests as well as its own domain.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q
  1. What is meant by a ‘site’? How are sites typically defined?
A

A site is a physical representation of a network and is usually defined by an IP address range.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q
  1. What are the default containers and OU created when Active Directory is installed?
A 
Default Containers:
Builtin
Computers
Users
ForeignSecurityPrincipals
ManagedServiceAccounts

Default OU:
Domain Controllers

17
Q
  1. How many OUs should be ‘nested’ as recommended by Microsoft?
A

The maximum suggested is five.

18
Q
  1. What is the primary reason for creating OUs besides organizing objects?
A

The primary reason besides keeping objects organized is to allow policy settings to be applied to the container and the subsequent objects inside them.

19
Q
  1. What is the primary purpose of a domain user account versus a local user account?
A

Domain user accounts provide users the ability to access domain resources and control what they have access to.

20
Q
  1. What is assigned to each user account?
A

Security Identification – SID

21
Q
  1. What are the five recommendations when working with user accounts?
A

Use Active Directory to create and manage your user accounts.
Make use of templates if user accounts have similar settings
Manage the passwords- either have the user change it or select a fixed password.
Create a user profile to track environment settings and resouces.
Deprovision a user – remove access rights when a user account is no longer used.

22
Q
  1. What is a computer account used for in Active Directory?
A

A computer account is used to manage a network computer – not just one specific user.
Policies can be applied to a computer and any user logging on to that computer will be subject to those policies.

23
Q
  1. Who has the ability to create a computer account?
A

Account Operators
Domain Administrators
Enterprise Administrators

24
Q
  1. What is a group?
A

A group is used to collect user account, computer accounts, and other group accounts and allow them to be managed.

25
Q

What are the two types of groups?

A

Security groups used to manage rights and permissions

Distribution groups used to maintain a list of users for operations like e-mailing.

26
Q
  1. What are some of the group scopes?
A

Group scope is used to define the extent within a domain that a group of users or computers will have access to domain resources.

Group scope can be local, domain local, global, or universal.

27
Q
  1. What are some best practices for user and group security?
A

Create groups based on user access needs.
Assign user accounts to the appropriate groups
Assign permissions to each group based on the resource needs of the users in the group and the security needs of your network.

28
Q
  1. What are two methods for adding or removing members of a group?
A

On the group object, edit the Members tab and add the group member.
On the user account, edit the Members Of tab and select the group to which you want to add the user.

29
Q

What is the AGDLP strategy for creating and managing groups?

A

Use the following sequence when creating and managing groups:

Accounts – create the user/computer accounts
Global groups – create the group and add the member accounts
Domain Local groups – create the group that contains the resources you need to grant the accounts access to.
Permissions – assign the permissions for the resource.

30
Q
  1. What is the basic principle behind delegating administrative authority?
A

Delegating administrative authority shares administrative tasks with other users, but allows for strict control over specific administrative abilities.

31
Q
  1. What are some of the advantages of using Azure AD?
A

Some advantage of Azure AD include:

  • User authentication goes through the local ISP and Internet to the Azure cloud instead of a local domain controller. This means no local server is necessary to deploy or manage saving time and money.
  • Active Directory replication is not necessary as all the information is stored centrally on the Azure cloud.
  • Users do not have to be on site to authenticate or use a VPN to connect to the site to be authenticated.
32
Q
  1. What are some of the drawbacks of using Azure AD?
A

Some drawbacks of Azure AD include:

  • Users could lose Internet connectivity and lose access to the domain.
  • Many AD aware server applications do not recognize Azure AD yet.
  • You are completely dependent on Microsoft to maintain and manage your AD domain connectivity. If there is an outage with the Azure service, then you will not be able to connect to your domain.

ELEX 139 (16 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions