Directory Services Flashcards

1
Q

What is the “heart and soul” of the enterprise network?

A

Directory Services

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the 3 primary functions in Directory Services?

A
  • Active Directory Domain Controllers
  • Dynamic Host Configuration Protocol (DHCP)
  • Domain Name System (DNS) servers
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Active Directory is capable of tracking a variety of items that can share common attributes. What are these items called?

A

Objects (Users, Machines, Groups, Services, etc.)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a set of attributes available for any particular object type?

A

Schema

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a special type of object used to group other objects, also known as an organizational unit (OU).

A

Container

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

When containers and objects are combined hierarchically, they tend to form branches. What is the term used to describe a set of objects within AD that have a transitive trust and contiguous namespace?

A

Tree

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What term describes trees that are not part of the same namespace but that share a common schema, configuration, and global catalog?

A

Forest

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Why is Network Time Protocol (NTP) so essential for Active directory to operate?

A

If the time disparity between the DC and the authenticating computer is excessive, Kerberos ticket generation fails. The computer is unable to process login requests for clients if Kerberos is required, otherwise the client must fall back to a less secure authentication method.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Service logon is typically used by service accounts or applications. What is the primary issue with this logon method?

A

It is very vulnerable

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the difference between interactive and domain logon?

A
Interactive = local
Domain = network
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What logon method caches previous users’ logon information locally so that they can log on if a logon server is unavailable during later logon attempts?

A

Cached Domain Logon

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What servers are in charge of Active Directory, DHCP, and DNS for a domain?

A

Domain Controllers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What process ensures that all Domain Controllers have the same up-to-date information?

A

Replication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the service that translates friendly domain names (i.e. microsoft.com) to IP addresses (i.e. 207.46.197.32)?

A

DNS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

The host address (A) record is a standard DNS hostname record. What does it point to?

A

It points a hostname to an IP address.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is a Canonical Name (CNAME) record?

A

It’s a DNS entry that is an alias to another domain name. For example, Google.com & Gogle.com

17
Q

What is a Pointer Record (PTR)?

A

It points an IP address to the hostname.

18
Q

When are you assigned a Security Identifier (SID)?

A

When being authenticated by the DC.

19
Q

What are the 5 FISMO (Flexible Single Master Operations) roles?

A
  • Schema Master
  • Domain Naming Master
  • PDC Emulator
  • RID Master
  • Infrastructure Master
20
Q

What is responsible for handling any changes that are sent to modify the Active Directory schema?

A

Schema Master

21
Q

When a new domain is added to the Active Directory forest, what is responsible for making sure the new domain name is unique across the entire forest and entries are made into Active Directory and propagated to all other domain controllers?

A

Domain Naming Master

22
Q

What is responsible for security descriptor propagation, distributed file system consistency, group policy replication, and login and password management among other things.

A

PDC (Primary Domain Controller) emulator

23
Q

What is responsible for handing out blocks of relative identification numbers to each domain controller that participates in the domain. It is also responsible for removing an object from its domain and putting it in another domain during an object move.

A

RID (Relative Identification) Master

24
Q

What handles cross-domain group membership and ensures that if a user’s group membership changes, the task of adding or removing the unique identifier is completed?

A

Infrastructure Master

25
Q

What establishes parent-child relationships and prevent conflicts?

A

PDC (Primary Domain Controller) Emulator. There is one PDC emulator per domain.

26
Q

What is a collection of tools for managing complex networks, and is deployed in the new AFIN?

A

NetIQ

27
Q

What are the 3 primary NetIQ tools?

A
  • Directory Resources Administrator (DRA)
  • Group Policy Administrator (GPA)
  • AppManager
28
Q

What tool gives administrators finely detailed “granular” privilege control which allows them to delegate users the power to perform necessary tasks for the enterprise?

A

DRA (Directory Resource Administration)

29
Q

Group Policy Administrator is made up of 3 tools. What are they?

A
  • Group Policy Explorer
  • Group Policy Repository
  • Group Policy Analysis
30
Q

What lets you manage live GPOs in Active Directory, rather than offline?

A

GP Explorer

31
Q

What lets you import GPOs from Active Directory, then edit, report on, and evaluate them in the safe, offline repository?

A

GP Repository

32
Q

What allows scripts to run/ or stops them from running?

A

App Manager