Shared Flashcard Set

Details

Windows 2012 Server
GPO focus
15
Computer Science
2nd Grade
02/09/2015
Click here to study/print these flashcards.

Create your own flash cards! Sign up here.

Additional Computer Science Flashcards

 

 

Cards

Term
Compatible File Type:
 Definition

*.msi { Microsoft installer package}

*.msp { Microsoft Installer patch, modifies an already installed piece of software}

*.zap { Allows the use of non-Microsoft installer files Limitations can't remove self heal or assign.

- can only be published to users as intervention 

- May have to repackage -not easy.
Term
Assigning Software?
 Definition

* Software can be assigned

  • User 
    • program installed on demand or at logon
  • Computers
    • Installed at start-up
Term
Publishing
 Definition
  • Advertised in Program and Features
Term
Security Levels
 Definition

Basic Security levels

    1. Unrestricted
    2. Disallowed
    3. Basic , allows all programs to run that do not need admin rights.
Term
Program /software
 Definition
  • Programs can be permitted based upon 
    • Path
    • Hash
    • Certificate
    • Network zone
Term
Define Path Rules?
 Definition
  • Allows or disallows based on location and name
  • Can restrict single files or whole folders
Term
Hash Rule ?
 Definition
  • Allows / disallows programs based upon cyptographic hash
  • its Uniquely identifies a specific file
  • any changes to the file mean the hash will not match , so the rule will not appy
  • Location and name of the program are irrelevant.
Term
Certificate Rule
 Definition
  • Permits or denies based upon the digital signature used to sign the executable.
Term
Network Zone Rule
 Definition
  • Permits of denies instalaltion based upon the source of the installer file
  • Based on the common Microsoft Internet Zones:
Term
Precedence
 Definition
  • Since it is possible to create contradictions, and order of precedence is needed:
    • Hash Rule
    • Certificate rule
    • Network zone rule
    • Path rule

 
Term
Windows Management Instrumentation { WMI } Filters
 Definition
  • Apply GPO base upon machine specific configuration.
  • Windows XP and above only
  • Only one filter per GPO allowed
Term
Active Directory Structure
 Definition
  • Linked to site
    • Affects all users and computers in the site
  • Linked to domain
    • Affects all users and computer in the domain
  • Linked to OU
    • Affects all users and computers in the OU
Term

Order of Precedence 

 Definition

LSDOU

Local ---Site-- Domain --OU
Term

Block Policy Inheritance

 Definition
  • Prevents policies from being inherited from higher levels in the AD
  • Can only be used at the domain and OU level
  • Cannot stop a policy marked as NO Override
Term
Loopback Processing
 Definition

Loopback processing changes the list of applicableGPOs and the order in which they apply to a user


    • In merge mode conflicting setting are won by loopback-enabled Group Policy.
    • In repace mode all user setting are set to whatever is configured in the loopback enable Group Policy.
Supporting users have an ad free experience!