Chapter 8

Question 1

What is Active Directory?

Answer 1

Active Directory is a centralized database used to store information about users, groups, workstations, and security information for a network.

Question 2

What are the benefits of Active Directory?

Answer 2

Benefits include centralized administration of resources and security, single sign-on for users, and easy resource location like files and printers.

Question 3

What is the basic unit of administration in Active Directory?

Answer 3

The basic unit of administration in Active Directory is the domain.

Question 4

What is a domain?

Answer 4

A domain is a collection of network resources managed as a unit, sharing a common directory database and security policies.

Question 5

How are domains identified?

Answer 5

Domains are identified using DNS names, which can be either a common name or a distinguished name that includes the top-level domain.

Question 6

What is an organizational unit (OU)?

Answer 6

An OU is a container object used to subdivide and organize network resources within a domain.

Question 7

What are built-in containers?

Answer 7

Built-in containers are similar to OUs but are created by default and have limited editable properties.

Question 8

What types of objects are represented in Active Directory?

Answer 8

Common objects include users, groups, and computers.

Question 9

What are attributes in Active Directory?

Answer 9

Attributes provide information about objects, such as a user’s name and email address.

Question 10

How does Active Directory use DNS?

Answer 10

Active Directory uses DNS to locate and name objects.

Question 11

What is a domain controller?

Answer 11

A domain controller is a Windows server that holds a copy of the Active Directory database.

Question 12

What is replication in Active Directory?

Answer 12

Replication ensures changes to the database are copied to all domain controllers in the domain.

Question 13

What are Group Policies?

Answer 13

Group policies enable administrators to apply sets of configuration settings to users or computers within a domain.

Question 14

What are Group Policy Objects (GPOs)?

Answer 14

GPOs are collections of policy settings that can be applied to OUs or domains.

Question 15

How do GPOs affect OUs and domains?

Answer 15

GPOs applied to an OU affect objects in that OU and its sub-OUs; GPOs applied to a domain affect all objects within the domain.

Question 16

Where are local GPOs stored?

Answer 16

Local GPOs are stored on individual machines, primarily those not part of a domain.

Question 17

What is the order in which GPOs are applied?

Answer 17

1. Local Group Policy on the computer
2. GPOs linked to the domain
3. GPOs linked to OUs (from highest to lowest level)

Question 18

What are the possible settings within a GPO?

Answer 18

1. Not Configured: GPO doesn’t define a value, leaving the current setting unchanged.
2. Enabled: GPO sets a value to be enforced.

Question 19

How are settings combined when multiple GPOs apply to an object?

Answer 19

Their settings are combined to form the effective Group Policy.

Question 20

What happens when GPOs configure a setting?

Answer 20

The setting in the last applied GPO is used.

Question 21

What are the two main categories of GPO settings?

Answer 21

1. Computer Configuration
2. User Configuration

Question 22

What are Account Policies in GPOs?

Answer 22

Controls settings like password complexity and account lockout, only applicable when configured in a domain-linked GPO.

Question 23

What does Local Policies/Audit Policy configure?

Answer 23

Configures auditing for events like logons and account management, enabling tracking of security-related activities.

Question 24

What is defined by Local Policies/User Rights Assignment?

Answer 24

Defines who can perform system maintenance tasks like accessing the computer remotely.

Question 25

What do Local Policies/Security Options enable or disable?

Answer 25

Security rights for all users the policy applies to, like requiring Ctrl+Alt+Delete for logon.

Question 26

What does the Registry setting in GPOs configure?

Answer 26

Configures registry keys and values.

Question 27

What does the File System setting in GPOs do?

Answer 27

Sets file and folder permissions.

Question 28

What are Software Restriction Policies?

Answer 28

Dictates which software can run on a computer.

Question 29

What do Administrative Templates offer?

Answer 29

Registry-based settings to manage the computer and user experience.

Question 30

What is the Group Policy Editor?

Answer 30

An MMC snap-in used to manage local computer and user configuration settings.

Question 31

How can you launch the Group Policy Editor?

Answer 31

1. Search menu
2. Run command
3. Settings app
4. File Explorer

Question 32

What does the command ‘gpedit.msc’ do?

Answer 32

Opens the Local Group Policy Editor.

Question 33

What does the command ‘gpupdate’ do?

Answer 33

Forces the computer to update its group policy settings from the domain controller.

Question 34

What does the command ‘gpresult’ display?

Answer 34

Displays the group policy objects applied to the computer and user.

Question 35

What is the purpose of a user account?

Answer 35

Determines if and how a user can use a computer.

Question 36

How does the logon process verify a user’s identity?

Answer 36

Using a username and password.

Question 37

What do rights control in a user account?

Answer 37

Actions a user can perform, such as changing system settings.

Question 38

What do permissions control in a user account?

Answer 38

Access to specific resources like files and folders.

Question 39

What types of user accounts does Windows offer?

Answer 39

Windows offers different types of user accounts: built-in administrator account, user account with administrative privileges, standard account, guest account, and Microsoft account.

Question 40

What is the built-in administrator account?

Answer 40

The built-in administrator account has full control over the computer but is hidden for security reasons.

Question 41

What is a user account with administrative privileges?

Answer 41

A user account with administrative privileges is a regular account granted administrative rights.

Question 42

What is a standard account?

Answer 42

A standard account is a basic account with limited rights.

Question 43

What is a guest account?

Answer 43

A guest account has limited capabilities and is often disabled for security.

Question 44

What is a Microsoft account?

Answer 44

A Microsoft account is an online account linked to Microsoft services.

Question 45

How do groups simplify management in Windows?

Answer 45

Groups simplify management by allowing administrators to assign rights and permissions to multiple users simultaneously. All members of a group inherit the group’s permissions.

Question 46

Where are users and groups stored in Windows?

Answer 46

Users and groups are stored in three main locations: local accounts, domain accounts, and online accounts.

Question 47

What are local accounts?

Answer 47

Local accounts are stored on individual computers.

Question 48

What are domain accounts?

Answer 48

Domain accounts are stored in Active Directory.

Question 49

What are online accounts?

Answer 49

Online accounts are managed by online services like Microsoft.

Question 50

What are default Windows groups?

Answer 50

Windows creates default groups with pre-assigned rights and permissions, which should not be modified without understanding their function.

Question 51

What is the Administrators group?

Answer 51

The Administrators group has full access to the computer.

Question 52

What is the Power Users group?

Answer 52

The Power Users group has limited administrative abilities and is no longer used in modern Windows versions.

Question 53

What is the Users group?

Answer 53

The Users group consists of standard users with limited permissions.

Question 54

What is the Guests group?

Answer 54

The Guests group has very limited rights.

Question 55

What sign-in options does Windows provide?

Answer 55

Windows provides various sign-in options: facial recognition, fingerprint recognition, PIN, security key, password, and picture password.

Question 56

What is Windows Hello?

Answer 56

Windows Hello is the biometric logon system in Windows 11, capable of storing and matching biometric scans for authentication.

Question 57

What sign-in settings are available in Windows 11?

Answer 57

Windows 11 offers settings to customize the sign-in experience, including allowing only Windows Hello sign-in, requiring sign-in after being away, dynamic lock, automatically saving and restarting apps, showing account details on the sign-in screen, and using sign-in info to finish setup after an update.

Question 58

What is Single Sign-On (SSO) in Active Directory?

Answer 58

SSO simplifies user access to systems and applications by allowing users to log in once and not re-enter credentials for every resource.

Question 59

How does Microsoft Account Authentication work?

Answer 59

Users can authenticate to Windows using their online Microsoft accounts, syncing profile information across multiple devices.

Question 60

What is a Local Account?

Answer 60

A Local Account is stored locally on the computer, and its profile information is not synced across devices.

Question 61

What can users manage in their Microsoft Account?

Answer 61

Users can manage devices, privacy, payment options, order history, security, personal information, and language settings.

Question 62

What parental control features do Microsoft accounts provide?

Answer 62

Microsoft accounts provide parental control features like screen time limits and content filtering.

Question 63

What is User Account Control (UAC)?

Answer 63

UAC is a security feature that notifies users when a task requires administrative privileges.

Question 64

How does UAC operate?

Answer 64

UAC operates by creating access tokens for each user and triggers Admin Approval Mode if a task requires elevation.

Question 65

What are the UAC sensitivity options available in Control Panel?

Answer 65

1. Always notify me: Most secure.
2. Notify me only for application changes: Prompts for application changes.
3. Notify me only for application changes (no dim desktop): Less secure.
4. Never notify me: Disables UAC prompts.

Question 66

What is Remote Access?

Answer 66

Remote access allows connecting to a computer from a different location using a network.

Question 67

What is Remote Desktop (RDP)?

Answer 67

Accesses the graphical desktop of a Windows system, offering full control.

Question 68

What is Microsoft Remote Assistance (MSRA)?

Answer 68

Allows a remote user to take control of a user’s system with the user’s permission. Primarily for technical support.

Question 69

What is Screen Sharing?

Answer 69

Built into macOS, allows sharing and controlling the screen.

Question 70

What is Secure Shell (SSH)?

Answer 70

Establishes a secure connection to a system’s command-line interface, primarily used for remote server management.

Question 71

What are third-party remote access tools?

Answer 71

Includes video conferencing software, remote monitoring and management (RMM), desktop management software, and file transfer software.

Question 72

What does video conferencing software do?

Answer 72

Enables audio and video communication, screen sharing, and file sharing.

Question 73

What is Remote Desktop Client?

Answer 73

Allows you to connect to a Windows Pro or Enterprise computer from a variety of devices, including Windows, iOS, macOS, and Android.

Question 74

How do you enable Remote Desktop?

Answer 74

1. Right-click the Start menu.
2. Select System.
3. Select Remote Desktop.
4. Toggle the Remote Desktop option to On.
5. Click Confirm.

Question 75

How do you connect to a remote computer using Remote Desktop?

Answer 75

1. Open Remote Desktop Connection.
2. Enter the remote computer’s name or IP address.
3. Click Show Options to configure settings.
4. Click Connect.
5. Enter the password for the remote system.
6. Click OK.

Question 76

What are the remote connection settings in Remote Desktop?

Answer 76

General: Specify the remote computer name and username.
Display: Set the size and color depth of the remote desktop.
Local resources: Configure audio settings, Windows key combinations.
Experience: Adjust performance settings for slow connections.
Advanced: Set up server authentication and configure Remote Desktop Gateway.

Question 77

What are the considerations for using Remote Desktop?

Answer 77

Uses Remote Desktop Protocol (RDP) for communication. The remote computer must be turned on and allow remote connections. A network or internet connection to the remote computer is necessary. Firewalls must be configured to allow RDP connections. You can use the Remote Desktop Users group to control who can connect. Only one user can be logged on at a time.

Question 78

What are the key differences between Remote Assistance and Remote Desktop?

Answer 78

Remote Assistance is for providing or receiving help, while Remote Desktop is for user productivity.

Question 79

What is required for Remote Assistance?

Answer 79

The logged-in user’s permission is required. The user must create and send an invitation to the person providing assistance.

Question 80

What are the invitation options for Remote Assistance?

Answer 80

1. Save as a file
2. Send in an email
3. Use Easy Connect

Question 81

What happens once a Remote Assistance session is closed?

Answer 81

Once a session is closed, it cannot be reconnected. A new invitation is required.

Question 82

What security considerations should be taken when providing assistance?

Answer 82

1. Only accept invitations from trusted sources.
2. Be wary of invitations from outside your organization.
3. Verify all invitations before opening, as they may contain malware.

Question 83

What does Screen Sharing in macOS allow?

Answer 83

Screen Sharing allows sharing and controlling a computer’s screen.

Question 84

What are the uses of Screen Sharing?

Answer 84

1. Remote system access
2. Troubleshooting
3. Presentations and collaboration

Question 85

How do you enable Screen Sharing in macOS?

Answer 85

1. Select the Apple menu.
2. Select System Preferences.
3. Select Sharing.
4. Select Screen Sharing.

Question 86

What can you specify in Screen Sharing settings?

Answer 86

You can specify which users can connect.

Question 87

What is the purpose of enabling VNC viewer in Screen Sharing?

Answer 87

To allow connections from non-Mac systems.

Question 88

Where do systems with Screen Sharing enabled appear?

Answer 88

They appear in the Finder’s Shared category.

Question 89

What are the modes of Screen Sharing?

Answer 89

1. Control mode: Full control of the remote system.
2. Observe mode: The remote user can only view the screen.

Question 90

What is the Shared Clipboard feature in Screen Sharing?

Answer 90

It allows copying text between local and remote systems.

Question 91

What is a Virtual Private Network (VPN)?

Answer 91

A VPN creates a secure connection over an untrusted network by encrypting IP traffic.

Question 92

What are tunnel endpoints in a VPN?

Answer 92

Tunnel endpoints are devices responsible for encrypting and decrypting data.

Question 93

What does a security association do in a VPN?

Answer 93

It establishes a secure channel between the VPNs.

Question 94

What are the types of VPN implementation?

Answer 94

1. Host-to-host VPN: Two devices establish a direct secure connection.

Question 95

What is a common VPN protocol?

Answer 95

Point-to-Point Tunneling Protocol (PPTP): An early VPN protocol, supported by most operating systems. Uses TCP port 1723.

Question 96

What is Layer Two Tunneling Protocol (L2TP)?

Answer 96

An open standard supporting various protocols, using IPsec for encryption. Uses TCP port 1701 and UDP port 500.

Question 97

What does Internet Protocol Security (IPsec) provide?

Answer 97

Authentication and encryption, can be used with L2TP or independently. Includes protocols like AH, ESP, and IKE.

Question 98

What is Generic Routing Encapsulation (GRE)?

Answer 98

A Cisco protocol for routing Layer 3 protocols, doesn’t provide encryption but can be paired with IPsec.

Question 99

What are important considerations for VPNs?

Answer 99

Firewalls need to allow VPN traffic through specific ports. Some NAT solutions might not work well with VPNs.

Question 100

Why are software updates crucial?

Answer 100

They maintain system stability, security, and functionality.

Question 101

What are the types of software updates?

Answer 101

Operating system updates, driver updates, application updates, and firmware updates.

Question 102

What do operating system updates do?

Answer 102

Fix bugs, address vulnerabilities, and introduce new features.

Question 103

What do driver updates improve?

Answer 103

Hardware performance and compatibility. May be obtained directly from manufacturers if not provided through Windows Update.

Question 104

What do application updates enhance?

Answer 104

Functionality, address issues, and patch security flaws.

Question 105

What do firmware updates do?

Answer 105

Update software embedded in hardware devices, often available from manufacturers’ websites.

Question 106

What is Windows Update?

Answer 106

Windows’ built-in system for managing updates, automatically downloads and installs updates for the operating system and registered drivers.

Question 107

How do you check for Windows updates?

Answer 107

1. Click Start. 2. Click Settings. 3. Click Windows Update. 4. Click Check for updates.

Question 108

What options are available within Windows Update?

Answer 108

Pause updates, update history, and advanced options for configuring update behavior.

Question 109

What is the Windows Insider Program?

Answer 109

A program for testing pre-release builds of Windows, offering three channels (Dev, Beta, Release Preview).

Question 110

What are troubleshooting steps for Windows update issues?

Answer 110

Restart the computer, ensure sufficient disk space, disconnect unnecessary hardware, update third-party drivers, and check Device Manager for errors.

Question 111

What is Windows as a Service?

Answer 111

A model for delivering Windows updates more frequently, ensuring systems are up-to-date.

Question 112

How often are minor updates released in Windows as a Service?

Answer 112

Twice a year, around March and September.

Question 113

What do feature updates bring?

Answer 113

New functionality.

Question 114

What do quality updates address?

Answer 114

Bugs and security issues.

Question 115

What are the Windows as a Service release channels?

Answer 115

General Availability Channel and Long Term Servicing Channels.

Question 116

What does the General Availability Channel receive?

Answer 116

Feature updates upon public release.

Question 117

What is the purpose of Long Term Servicing Channels?

Answer 117

For specialized devices that require long-term stability.