Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

Mastering Active Directory > Chapter 8: Managing Users, Groups, and Devices > Flashcards

Chapter 8: Managing Users, Groups, and Devices Flashcards

1
Q

How are custom attributes created?

A

Active Directory Schema snap-in, right-click on the Attributes container, and select the Create Attribute…

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

How can custom attributes be synced to Entra ID?

A

Azure AD Connect “Directory extension attribute sync” feature.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the benefits of Microsoft Managed Service Accounts (MSAs)?

A
  • There is no more password management. MSAs use a complex and random, 240-character password that changes automatically when it reaches the domain or computer password expiry date.
  • An MSA cannot be locked out or used for interactive login.
  • A single MSA only can be used on one computer. It cannot be shared between multiple computers.
  • An MSA provides simplified SPN management; the system will
    automatically change the SPN value if the SamAccountName details of the computer change or the DNS name property changes.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Can a Managed Service Account (MSA) or Group Managed Service Account (gMSA) be made thru the AD UC GUI?

A

No, need to use PowerShell to create MSAs and GMSAs. It is not possible to create them using built-in GUI tools.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Can a Managed Service Account (MSA) be used on multiple computers?

A

No, MSA can be used with one computer only.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the benefits of Group Managed Service Accounts (gMSAs)?

A
  • No password management
  • Supports sharing across multiple hosts
  • Can be used to run scheduled tasks (MSAs do not support the running of scheduled tasks)
  • Uses Microsoft’s Key Distribution Center (KDC) to create and manage passwords for the gMSA
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Describe a “Domain local group”

A

Used to manage privileges to resources in a single domain as well as:

  • User accounts from any trusted domain
  • Computer accounts from any trusted domain
  • Universal groups from any trusted forest
  • Domain Local groups from the same domain
  • Global groups from any trusted domain

Domain Local group objects and their membership data will be replicated to every domain controller in the same domain.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Describe a “global group”

A

Used to manage privileges to resources in any
domain under the same forest; Global group objects and membership data will be replicated to every domain controller in the same forest

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Describe a “universal group”

A

Similar to Global groups, Universal groups can be used to
manage privileges in any domain in the forest. However, they allow you to have members from any domain.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Mastering Active Directory (17 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions