Exam 4 chapter 12 Flashcards
User accounts have two main functions
Provide a method for users to authenticate themselves to the network
Provide detailed information about a user
are used to organize users so that assignment of resource permissions and rights can be managed more easily than working with dozens or hundreds of individual user accounts
Group accounts
In a large network, a scheme for naming user and group accounts as well as network devices is crucial. Consider the following:
Is there a minimum and maximum number of characters user account names should have?
Should the username be based on the user’s real name or if security is important, should names be more cryptic?
Some OSs distinguish between uppercase and lowercase letters. Should usernames contain both as well as special characters?
Considerations for password naming conventions:
Minimum length
Complexity requirements – use of uppercase and lowercase along with special characters
User or administrator created
Password change frequency
Group account names should reflect
the group membership or the resource to which the group is assigned permissions
When Windows is first installed, two users are created
Administrator and Guest (usually disabled)
The Administrator account has full access to a computer
Windows domain users are created in
Active Directory Users and Computers
You can create folders for organizing users and groups (called
organization units or OUs)
Group scope has three options:
Domain local, Global,Universal
Can be used to assign permissions to resources only in the domain in which the group is created
Domain local
The default option and contains users from the domain in which they are created but can be assigned permissions to resources in other domains
Global
Used in multidomain networks; users from any domain can be members and be assigned permission to resources in any domain
Universal
Group type has two options:
Security (default)
Distribution
Group scope has three options:
Domain local
Global
Universal
a collection of user’s personal files and settings that define their working environment
Created when a user logs on for the first time
User profile
A user profile stored on the same system where the user logs on is called a
local profile
follows the user no matter which computer he or she logs on to
a roaming profile
Stored on a network share
Any changes the user makes to the profile are replicated from the locally “cached copy” to the profile on the network share when the user logs off
Roaming profiles are rarely used in workgroup networks but is a feature Active Directory administrators use frequently
roaming profile
discard a user’s profile changes at log off so the profile is always the same
Mandatory profiles
User and group accounts in Linux are used for the same purpose as Windows:
User authentication and authorization
Linux also has a default user who has full control over the system – named
root
Use the command to create groups
groupadd
Network administrators need to
Make sure enough storage space is available to store files needed
Manage who has access to file storage
Prevent users from storing inappropriate types of data on company servers
a device, such as a hard disk, that is connected to a storage controller on the server
Locally attached storage
is part or all of the space on one or more disks that contains (or is ready to contain) a file system
In Windows, volumes are assigned a drive letter
A volume
is sometimes used interchangeably with volume but don’t always describe the same thing
In Windows, a basic disk can be divided into one to four partitions
partion
can be formatted with a file system and assigned a drive letter (considered a volume)
primary partition
is divided into one or more logical drives that can be formatted and assigned a drive letter (considered a volume)
Extended partition
Only a primary partition can be the
active partition (partition that can hold boot files)
The active primary partition storing the Windows boot loader is referred to as the
system partition
The partition or logical drive holding the Windows OS files is called the
boot partition
can be divided into one or more volumes; the term partition is not used in this context
Linux systems refer to disks by using their device driver name plus a letter, starting with “a”
Example: /dev/sda
dynamic disk
The File Allocation Table (FAT) file system has two variations:
FAT16 is usually referred to as FAT and has been around since the mid-1980s
Supported by most OSs
FAT32 was released with Windows 95 OSR2 in 1996
is limited to 2 GB partitions in most cases
FAT16
allows partitions up to 2 TB but in Windows 2000 and later, Microsoft limits them to 32 GB because the file system becomes noticeable slower with larger partition sizes
FAT32
limit amount of data users’ files can occupy
Disk quotas
No need for a drive letter to access
Volume mount points
allows users to restore older file versions or files that were accidentally deleted
Shadow copies
files can be compressed
File compression
makes encrypted files
Encrypting File System
Two modes for accessing files on a networked computer:
Network (sometimes called remote)
Interactive (sometimes called local)
Whether file access is attempted interactively or remotely through a share
NTFS permissions always apply
NTFS standard permissions for folders and files:
Read Read & execute List folder contents Write Modify Full control
Linux supports many files systems
Ext3, Ext4, ReiserFS, and XFS
Ext3 and Ext4 are the default file system for most Linux distributions
There are only three permissions
read, write, and execute
There are only three user types that can be assigned one or more permissions:
owner – owner of the file or folder
group – The primary group to which the owner belongs
other – All other users
The dominant file-sharing protocol is
Server Message Block (SMB)
The native Windows file-sharing protocol but is supported by Linux and MAC OS
SMB
is the native Linux file-sharing protocol and Windows can support NFS with the right software installed
Network File System (NFS)
Printer sharing also uses SMB
The native Linux printer-sharing protocol is line printer daemon/line printer remote (LPD/LPR)
Share permissions are somewhat simpler than NTFS permissions with only 3 options:
Read
Change
Full Control
To most advanced method for creating shares
File and Storage Services
a compone
Shared Folder snap-in
print device
Two basic types of print device:
Local print device: Connected to an I/O port on a computer
Network print device: A printer attached to and shared by another computer
The icon in the Printers folder that represents print devices
printer
A Windows computer sharing a printer
print server
Storage for print jobs awaiting printing
print queue
Benefits of using a shared printer:
Access control Printer pooling Printer priority Print job management Availability control
Windows Server includes tools to manage and monitor server operation and resources:
Task Manager
Event Viewer
Performance Monitor
event viewer
Allows administrators to view event log entries
Allows administrators to view event log entries, categorized by these levels:
Information,Warning,Error
indicate normal operations, such as service stops and starts
information
Provide information about events that should be brought to the administrator’s attention
Warning
often generated when a process or service is unable to perform a task or stops unexpectedly
Error
contains the Performance Monitor tool
Monitoring tools
contains user- and system-defined templates with sets of data points called data collectors
Data collector sets
contains system- and user-defined performance and diagnostic reports
Reports
uses counters to track the performance of a variety of objects
A counter is a value representing some aspect of an object’s performance
perfomance monitor
In order to track an object’s performance you need to create a
baseline
is a record of performance data gathered when a system is performing well under normal operating conditions
performance baseline
To create a baseline of performance data, you create a
data collector set that specifies the performance counters you want to collect, how often to collect them, and the time period
Factors that can cause poor performance:
Poor or inadequate network design
Poor network traffic management
Network errors
Denial-of-service attacks
Network performance monitoring:
Simple Network Management Protocol (SNMP) Remote Monitoring (RMON)
To use SNMP:
SNMP software agents are loaded on network devices you want to manage and monitor
Agents monitor network traffic and device status
Stores information in a management information base (MIB)
Management station communicates with software agents and collects data stored in the MIBs
You can set thresholds for sending alert messages to administrators when thresholds are exceeded
is an advanced network-monitoring protocol
RMON
Extends SNMP’s capabilities
Comes in two versions:
RMON
defines “RMON groups” to collect data and communicate with a management station and captures statistics at the Data Link and Physical layers
RMON1
can collect and analyze traffic at the Network and higher layers
RMON2
a copy of an entire disk is created that can be restored without reinstalling the OS
image backup
can’t restore separate files
so ___ backups are usually done along with traditional file backup
provides methods for a system to continue running after a system failure has occurred
fault tolerance
Windows Server Backup comes with Windows Server 2016 and has the following features:
Backups can be run manually or scheduled to run automatically
You can create a system recovery backup that automatically includes all volumes containing critical system data
Manual backups can be stored on network drives, fixed and removable basic disk volumes and CD or DVD
Backups can be stored on
a hard disk dedicated for backups, a non-dedicated volume, or a shared network folder
Volume Shadow Copy Service (VSS)
backup, which means even open files can be backed up
Windows Server Backup is configured but you can also back up files remotely
to back up the local computer,
offers advanced disaster recovery solutions
An enterprise-class backup program, such as Symantec NetBackup and CommVault Galaxy Backup and Recovery,
Three forms of fault tolerance that are common on networks and servers:
Redundant power supply and uninterruptible power supply
Redundant disk systems
Server clustering
is a second power supply unit in the computer case, so if one power supply fails, the other unit takes on the full load
A redundant power supply
is a device with a built-in battery, power conditioning, and surge protection
An uninterruptible power supply (UPS)
cleans” the power, removing noise caused by other devices on the circuit
Power conditioning
protects the computer from voltage spikes or surges
Surge protection
requires two disks
Disk striping with parity
When data is written to one disk, it’s also written to the second disk
If either disk fails, the system can continue operating because both disks have the same data
Disk Mirroring(RAID 1)
requires minimum of three disks but is more space efficient than RAID 1
Disk Striping with Parity (RAID 5)
Works by spreading data across multiple disks and using one disk in each write operation to store parity information
Parity info is generated by a calculation on data being written, so if one of the disks fails, it can be used to re-create lost data from the failed disk
Raid 5
is made up of two or more servers that are interconnected and appear as a single unit
Two common types of clustering:
Server cluster
A failover cluster involves two or more servers sharing a high-speed link used to synchronize data One server is the primary and others are standby. In the event the primary fails, a standby server takes its place
A load-balancing cluster consists of two or more servers that appear as a single unit to users. All servers in the cluster operate and share the load
Server cluster
