Term
| Should each user that regularly accesses the network be assigned their own personal account? Why/why not? |
|
Definition
-YES
-A user account provides a user with the abiltiy to either log into a domain or to log on to a local computer. |
|
|
Term
| What is a local user account? |
|
Definition
| Allows users to logon and gain access to resources only on the computer where the local user account is created. |
|
|
Term
| What is a domain user account? |
|
Definition
| Allows a user to log into his home domain and also to be a valid user anywhere in the tree or forest because of implicit transitive trusts. |
|
|
Term
| Where is the domain user account created? |
|
Definition
| OU in the ADD on a domain controller. |
|
|
Term
| What are the two built-in-accounts? |
|
Definition
| Administrator/Guest account |
|
|
Term
| Describe the Administrator account. |
|
Definition
| Given full access to all objects in domain., including all computers,domain controllers,users,groups,policies, etc. |
|
|
Term
| Describe the Guest account. |
|
Definition
| Used to give occasional users the abiltiy to logon and is disabled by default. |
|
|
Term
| Which client OSs use Kerberos? |
|
Definition
-Win 200
-XP
-Vista
-Server 2003 and 2008 |
|
|
Term
| Which client OSs can use NTLMv2? |
|
Definition
|
|
Term
| Window 95/98 uses______authentication protocol by default. |
|
Definition
|
|
Term
| Which servers in a domain hold the KDC role? |
|
Definition
| Every domain controller in an AD environment holds the role of KDC. |
|
|
Term
| Which is more secure Kerberos or NTLM? |
|
Definition
|
|
Term
| How can you make Windows 95/98 authentication more secure? |
|
Definition
| AD client extension software |
|
|
Term
|
Definition
| Shorthand version of the username, since it may not include the full DNS domain name of the user's home domain(all child domains) |
|
|
Term
| How is a UPN resolved to its full home domain name? |
|
Definition
|
|
Term
| Must user names be unique? |
|
Definition
|
|
Term
| Are usernames case sensitive? |
|
Definition
|
|
Term
| Are passwords case-sensitive? |
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
| Any computer in the domain |
|
|
Term
|
Definition
| An account automatically expires after a specific date. |
|
|
Term
| What console is used to create and manage user accounts in a domain? |
|
Definition
| AD users and Computer Snap-in |
|
|
Term
| What is the name of the console file for this console? |
|
Definition
|
|
Term
| You can create users using the _________command. |
|
Definition
|
|
Term
| On what domain controller are domain user accounts created? |
|
Definition
| First available domain controller. |
|
|
Term
| What happens after the account is created? |
|
Definition
| Replicated to all other domain controllers in the same domain. |
|
|
Term
| Can you log on locally(to a local/SAM database)from the console of a domain controller? |
|
Definition
|
|
Term
| In what built-in container can you create new domain user accounts? Is this container an OU? |
|
Definition
|
|
Term
| If you created users in this container, how can it effect administration? |
|
Definition
| You will want to create OUs to be able to delegate administration and apply group policies. |
|
|
Term
| Can user accounts be moved to different containers after they have been created? |
|
Definition
|
|
Term
| User must change password at next logon:This gives control of passwords to: |
|
Definition
|
|
Term
| User cannot change password:This gives control of passwords to |
|
Definition
|
|
Term
|
Definition
| This setting overrides the maximum password age setting. |
|
|
Term
|
Definition
| Will prevent use of this user account. |
|
|
Term
| When would an administrator have to reset a users password? |
|
Definition
|
|
Term
| Does an administrator need to know the old password to reset it to a new password? |
|
Definition
|
|
Term
|
Definition
| It is a collectionof folders and data that stores your current desktop environment. |
|
|
Term
| by default, where is the user profile saved? |
|
Definition
|
|
Term
| What is the difference between a local user profile and a roaming profile? |
|
Definition
-Local user profile is created on the local hard drive.
-Roaming is local profile that has been copied to a network server. |
|
|
Term
| What is a mandatory roaming user profile? |
|
Definition
|
|
Term
| How do you make a roaming profile mandatory? |
|
Definition
| Renaming the NTUSER.DAT file to NTUSER.MAN |
|
|
Term
| Describe the %USERNAME% system variable. |
|
Definition
| System variable will automatically create a folder named after the user in the shared Profiles folder on that server. |
|
|
Term
| What is a user account template? |
|
Definition
| Preconfigured with common settings associated with a particular type of user. |
|
|
Term
| How is the account template used? |
|
Definition
| Configure the user account template using AD users and computers, then copy the template when creating new user accounts that need the same pre-configured attributes. |
|
|
Term
| How can multiple accounts be edited simultaneously? |
|
Definition
| Highlight the users by holding down the or key then right-click the highlight and select properties. |
|
|
Term
| In an AD environment, account policies are configured in a _______that must be applied at the _______level(if it is not in SErver 2008 domain functional level) |
|
Definition
-group policies (GPOs)
-Domain |
|
|
Term
|
Definition
| The number of days that a password can be used before the user is required to change it. A value of 0 indicates that the password will not expire. |
|
|
Term
|
Definition
| The number of days that a user must keep a password before it can be changed. A value of 0 indicates that a password can be change immediately. |
|
|
Term
| Enforce password history: |
|
Definition
| The number of passwords that must be used by a user before an old password can be reused. |
|
|
Term
|
Definition
| The minimum number of characters required in a password. |
|
|
Term
| What checkbox in a user accounts properties overrides the maximum password age setting for the user only? |
|
Definition
|
|
Term
| Account lockout threshold: |
|
Definition
| The number of incorrect logon attempts. |
|
|
Term
| Reset account lockout counter after: |
|
Definition
| The number of minutes to wait before resetting the account lockout counter back to 0. |
|
|
Term
| Account lockout duration: |
|
Definition
| The number of minutes that the account is locked out. |
|
|
Term
| Can anm administrator manually lock out an account from within AD users and computers? |
|
Definition
|
|
Term
| What is the only way that a user account becomes locked out? |
|
Definition
|
|
Term
| How can an administrator unlock a locked out user account? |
|
Definition
| Log into the domain as an administrator, open AD users and computers. |
|
|
