Chapter 4: Introduction to Active Directory and Account Management Flashcards

1
Q

A Windows Server 2003 0r 2008 Server that contains a full copy of the Active Directory infornation, is used to add a new object to Active Directory, and replicates all changes made to it so the changes are updated on every DC in the same domain.

A

Directory Service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A Windows Server 2003 0r 2008 Server that contains a full copy of the Active Directory infornation, is used to add a new object to Active Directory, and replicates all changes made to it so the changes are updated on every DC in the same domain.

A

Domain Controller (DC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A server on an Active Directory managed network that is not installed to have Active Directory.

A

Member Server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Windows Server 2003 and 2008 networks can have multiple servers called DCs that store Active Directory information and replicate it to each other. Because each DC acts as a master, replication does not stop when one DC is down, and updates to Active Directory continue, for example creating a new account.

A

Multimaster Replication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A network resource, such as a server or user account, that has distinct attributes or properties, is defined in a domain, and exists in Active Directory.

A

Object

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Elements used in the definition of each object contained in Active Directory, including the object class and it’s attributes.

A

Schema

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A repository for all objects and the most frequently used attributes for each object in all domains. Each forest has a single global catalog that can be replicated on multiple servers.

A

Global Catalog

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A unique number, up to 16 characters long, that is associated with an Active Directory object.

A

Globally Unique Identifier (GUID)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A namespace in which every child object has a portion of it’s name from it’s parent object

A

Contiguous Namespace

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A namespace in which the child object name does not resemble the parent object name.

A

Disjointed Namespace

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A process used to translate a computer’s logical or host name into a network address, such as to a dotted decimal address associated with a computer - and vice versa.

A

Name Resolution

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A logical area on a network that contains directory services and named objects, and that has the ability to perform name resolution.

A

Namespace

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

An active directory object that houses other objects, such as a tree that houses domains or a domain that houses organizational units.

A

Container

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A grouping of Active Directory trees that each have contiguous namespaces within their own domain structure, but that have disjointed namespaces between trees. The trees and their domains use the same schema and global catalog.

A

Forest

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A forest-wide setting that refers to the types of domain controllers in a forest, which can be any combination of Windows 2000 Server, Windows Server 2003, or Windows Server 2008. The level also reflects the types of Active Directory services and functions supported.

A

Forest Functional Level

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Set of two-way trusts between two or more domains
(or forests in a forest trust) in which Kerberos security is used.

A

Kerberos Transitive Trust Relationship

17
Q

A trust relationship between 2 or more domains in a tree, in which each domain has access to objects in others.

A

Transitive Trust

18
Q

Related domains that use a contiguous namespace, share the same schema, and have 2 way transitive trust relationships.

A

Tree

19
Q

A domain relationship in which both domains are trusted and trusting, enabling one to have have access to objects in the other.

A

Two-Way Trust

20
Q

A grouping of objects that typically exists as a logical Partition and primary container within Active Directory

A

Domain

21
Q

Refers to the Windows Server operating systems on domain controllers and the domain-specific functions they support. Depending on the functional level, one, two, or all of the following operating systems are supported: Windows 2000 Server, Windows Server 2003, and Windows Server 2008.

A

Domain Functional Level

22
Q

A grouping of objects within a domain that provides a means to establish specific policies for governing those objects, and that enables object management to be delagated.

A

Organizational Unit (OU)

23
Q

An option in Active Directory to interconnect IP subnets so that the server can determine the fastest route to connect clients for authentication and to connect DCs for replication of Active Directory. _____ information also enables Active Directory to create redundant routes for DC replication.

A

Site

24
Q

A domain controller at each Active Directory site with access to a site network link, which is designated as the DC to exchange replication information. There is only 1 _____ _____ per site.

A

Bridgehead Server

25
Q

Establishes a one or two-way trust between a domain outside a forest and a domain within a forest.

A

External Trust

25
Q

Creates a one or two-way trust between a domain in a Windows Server forest and a group of non-Windows Server computers such as UNIX/Linux computers. The Windows Server and non-Windows Server computers must all be configured for Kerberos version 5 (or above) authentication services.

A

Realm Trust

27
Q

A list of users that enables one email message to be sent to all users on the list. A _____ _____ is not used for security and thus cannot appear in an access control list (ACL).

A

Distribution Group

27
Q

Creates a trust between 2 domains in 2 different forests and is typically used to enable faster access between lower level or child domains in different forests.

A

Shortcut Trust

28
Q

The reach of a type of group, such as access to resources in a single domain or access to all resources in all domains in a forest (see domain local, global, and universal security groups). (Another meaning for the word _____ in the beginning through ending IP addresses defined in a DHCP server for use by DHCP clients; See chapter 8).

A

Scope of Influence (Scope)

29
Q

Used to assign a group of users permission to access network resources.

A

Security Group

30
Q

A group of user accounts that is used to manage resources on a stand alone computer.

A

Local Security Group

31
Q

A list of all security descriptors (privelages) that have been set up for a particular object, such as for a shared folder or a shared printer.

A

Access Control List (ACL)

32
Q

A group that is used to manage resources - shared folders and printers, for example - in it’s home domain, and that is primarily used to give global groups access to those resources.

A

Domain Local Security Group

33
Q

A group that typically contains user accounts for it’s home domain, and that is a member of domain local groups in the same or other domains, so as to give that global group’s member accounts access to the resources defined to the domain local groups.

A

Global Security Group

35
Q

A desktop setup that is associated with one or more accounts to determine what startup programs are used, additional desktop icons, and other customizations. A user profile is local to the computer on which it is stored.

A

Local User Profile

36
Q

A user profile set up by the server administrator that is loaded from the server to the client each time the user logs on; changes that the user makes to the profile are not saved.

A

Mandatory User Profile

37
Q

A domain controller that houses Active Directory information, but cannot be updated, such as to create a new account. This specialized domain controller receives updates from regular DCs, but does not replicate to any DCs because it is read-only by design.

A

Read-Only Domain Controller (RODC)

38
Q

Desktop settings that are associated with an account so that the same settings are employed no matter which server is used to access the account (the profile is downloaded to the client from a server).

A

Roaming Profile

39
Q

A group that is used to provide access to resources in any domain within a forest. A common implementation is to make global groups that contain accounts members of a universal group that has access to resources.

A

Universal Security Group