Chapter 8 Flashcards
What is Active Directory?
Active Directory is a centralized database used to store information about users, groups, workstations, and security information for a network.
What are the benefits of Active Directory?
Benefits include centralized administration of resources and security, single sign-on for users, and easy resource location like files and printers.
What is the basic unit of administration in Active Directory?
The basic unit of administration in Active Directory is the domain.
What is a domain?
A domain is a collection of network resources managed as a unit, sharing a common directory database and security policies.
How are domains identified?
Domains are identified using DNS names, which can be either a common name or a distinguished name that includes the top-level domain.
What is an organizational unit (OU)?
An OU is a container object used to subdivide and organize network resources within a domain.
What are built-in containers?
Built-in containers are similar to OUs but are created by default and have limited editable properties.
What types of objects are represented in Active Directory?
Common objects include users, groups, and computers.
What are attributes in Active Directory?
Attributes provide information about objects, such as a user’s name and email address.
How does Active Directory use DNS?
Active Directory uses DNS to locate and name objects.
What is a domain controller?
A domain controller is a Windows server that holds a copy of the Active Directory database.
What is replication in Active Directory?
Replication ensures changes to the database are copied to all domain controllers in the domain.
What are Group Policies?
Group policies enable administrators to apply sets of configuration settings to users or computers within a domain.
What are Group Policy Objects (GPOs)?
GPOs are collections of policy settings that can be applied to OUs or domains.
How do GPOs affect OUs and domains?
GPOs applied to an OU affect objects in that OU and its sub-OUs; GPOs applied to a domain affect all objects within the domain.
Where are local GPOs stored?
Local GPOs are stored on individual machines, primarily those not part of a domain.
What is the order in which GPOs are applied?
- Local Group Policy on the computer
- GPOs linked to the domain
- GPOs linked to OUs (from highest to lowest level)
What are the possible settings within a GPO?
- Not Configured: GPO doesn’t define a value, leaving the current setting unchanged.
- Enabled: GPO sets a value to be enforced.
How are settings combined when multiple GPOs apply to an object?
Their settings are combined to form the effective Group Policy.
What happens when GPOs configure a setting?
The setting in the last applied GPO is used.
What are the two main categories of GPO settings?
- Computer Configuration
- User Configuration
What are Account Policies in GPOs?
Controls settings like password complexity and account lockout, only applicable when configured in a domain-linked GPO.
What does Local Policies/Audit Policy configure?
Configures auditing for events like logons and account management, enabling tracking of security-related activities.
What is defined by Local Policies/User Rights Assignment?
Defines who can perform system maintenance tasks like accessing the computer remotely.