Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

ELEX 139 > Assingment 8 - Group Policy > Flashcards

Assingment 8 - Group Policy Flashcards

1
Q
  1. What is the purpose of using Group Policy?
A

Group Policy is used to restrict or allow access to Windows components. They can be applied to computers or users. Common policy settings include access to applications or settings in Windows, setting password and firewall options, and configuring audit policies for monitoring.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
  1. What are some commonly used policy categories?
A 
Some common policy categories include 
Account Policies, 
Local Policies/Audit Policy, 
Local Policies/User Rights Assignment, 
Local Policies/Security Options, 
Software Restriction Policies, 
Administrative Templates,
Starter Group Policy Objects.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
  1. What are some common components of a Group Policy Object (GPO)?
A 
Common components of a GPO include 
registry settings, 
scripts, 
templates, 
software-specific configuration values.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
  1. What is the difference between a Local Group Policy versus a Domain Group Policy?
A

A Local Group Policy is used to control security settings and other restrictions on a computer that is not part of a domain.

A Domain Group Policy is used to control security settings and other restrictions on computers and users that are part of a domain. Domain policy settings will override local policy settings if the policy setting is defined in both places.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
  1. What can GPOs be linked to?
A

GPOs are linked to
Active Directory sites,
domains,
organizational units (OUs).

The built-in containers cannot have GPOs linked to them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
  1. What are the three general settings for any group policy item?
A

For most group policy items, they can be either

Not Configured,
Enabled, or
Disabled.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
  1. What two broad categories are the GPO settings divided into?
A

Two broad categories for GPO settings are

computer configuration
user configuration settings.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q
  1. When do the Computer policy settings get applied?
A

Computer policy settings are applied during the boot up of the computer.

Any changes to computer policy require a reboot of the machine that the policy has been applied to.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q
  1. When do the User policy settings get applied?
A

User policy settings are applied when the user logs into the system. Any changes to user policies require the user to log off and back on again to take effect.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q
  1. How are Group Policies processed if more than one is applied to a container?
A

Group policies are processed from the bottom up if more than one policy is applied. The GPO that is linked the highest takes precedence.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
  1. What is ‘Blocking Inheritance’?
A

Blocking Inheritance prevents settings in all GPOs linked to parent objects from being applied to child objects.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q
  1. What is the implication of setting a linked GPO to ‘Enforced’?
A

Enforcing a linked GPO prevents inheritance from being blocked. Enforced GPOs are applied last and override other GPO settings.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q
  1. What is the purpose of a Password Policy?
A

This policy is used to set password characteristics that are enforced by the system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
  1. What are some of the Account Lockout and Password Policy settings that can be configured?
A

Password length – minimum length

Password age – before it must be changed

Password complexity – use characters other than just letters and numbers

Enforcing Password History – require unique passwords that cannot be reused

Account Lockout settings – used to determine how long an account is locked if a number of failed logon attempts are made.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q
  1. What are some strategies for protecting against password attacks?
A

Do not use the same password for different systems.
Accounts should be disabled or locked if a number of failed attempts are made.
Passwords should never contain words, slang, or acronyms
Users should be required to change their passwords within a regular time interval.
Use strong passwords of minimum 8 characters with no part of the username or e-mail address.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q
  1. What are some restrictions that should be enforced with respect to passwords within an organization?
A

The same password should never be used for different systems.
Accounts should be disabled or locked out after a specified number of failed login attempts.
Passwords should never contain words, slang, or acronyms.
Users should be required to change their passwords within a certain time frame.
A strong password policy should be enforced.

17
Q
  1. What is the purpose of auditing?
A

Auditing is used to monitor system events or system changes that have occurred within the Domain.

18
Q
  1. What are two general audit events that can be logged?
A

Audit Success or Failure events are recorded.

19
Q
  1. What are the nine basic audit policy categories that can be configured through Group Policy?
A

Account Logon – tracks when a user logs onto the domain
Account Management – tracks changes to user accounts
Directory Service Access – tracks changes to Active Directory objects
Logon – tracks when a user logs onto the local system.
Object Access – tracks access to files, folders, and printers
Policy Change – tracks changes to policy changes for user rights, trust relationships, and audit policies.
Privilege Use – tracks when a user exercises a right or an administrator takes ownership of a file
Process Tracking – tracks actions taken by applications
System – tracks system shutdown, restart, or the starting of system services.

20
Q
  1. What is the disadvantage of using Audit Policies?
A

Auditing uses up system resources and need to be monitored by the administrators.

21
Q
  1. What is the difference between user permissions and user rights?
A

Permissions are the ability to use objects such as files, folders, and printers.

Rights are the ability to perform actions on the computer such as log on, shutdown, and backup.

22
Q
  1. What are some of the User Rights Assignment policies that can be used to manage what users are allowed and not allowed to do on a system where the policies are applied?
A 
Access to a computer from the network.
Add workstations to the domain
Allow local login
Allow remote desktop login
Back up files and directories
Change system time
Force shutdown from a remote system
Load and unload device drivers
Manage auditing and security log
Perform volume maintenance tasks
Shut down the system
Take ownership of files or other objects
23
Q
  1. What four security group options categories can be configured with group policy?
A

Accounts – disable or enable built in accounts like Administrator and Guest
Devices – prevent users from installing printing devices, CDROM access, and removable media
Interactive Logon – disable or enable how the user logs in or out of the system and what information is displayed about user accounts.
Network Security – secure network access such as force log off when logon hours expire.

24
Q
  1. What is the function of the User Account Control (UAC) settings?
A

The UAC helps minimize the dangers of unwanted actions or unintended software installations.

Standard user and Administrator accounts have different levels of rights and privileges which are defined when a user logs in through an access token. The level of rights and permissions can be modified through UAC.

25
Q
  1. What is AppLocker?
A

AppLocker also known as application control policies uses rules and the properties of files to provide access control for applications. If rules are present in a rule collection, only the files included in those rules will be permitted to run.

26
Q
  1. What Windows versions are Group Policy preference settings applied to?
A

Group Policy preferences only apply to Windows 7 and later client workstations.

27
Q
  1. What are some of the available Group Policy preference settings?
A 
Drive Maps
Environment variables
File and folders
Ini files
Network shares
Registry settings
Shortcuts
Devices
Internet settings
Power options
Printers
Services

ELEX 139 (16 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions