Lesson 5 - Managing Windows Networking Flashcards
What is a subnet mask?
Number of bits applied to an IP address to mask the network ID portion from the host/interface ID portion.
What is a IP?
Internet Protocol is a format for logical host and networking addressing. In IPv4, a 32-bit binary address is expressed in dotted decimal notation, such as 192.168.1.1. In IPv6, addresses are 128-bit expressed as hexadecimal.
What is a DNS?
A Domain Name System is a service that maps fully qualified domain name labels to IP addresses on most TCP/IP networks, including the Internet.
What is DHCP?
A Dynamic Host Configuration Protocol is a protocol used to automatically assign IP addressing information to hosts that have not been configured manually.
What is NLA?
Network Location Awareness is a Windows feature that categorizes network profile as public or private. Each profile can have a different firewall configuration, with public network types being more restricted, by default.
What is VPN?
A virtual private network is a secure tunnel created between two endpoints connected via an unsecure transport network (typically the Internet).
What is WWAN?
A Wireless Wide Area Network is a network covering a large area using wireless technologies, such as a cellular radio data network or line-of-sight microwave transmission.
What is a proxy server?
A proxy server that mediates the communications between a client and another server. It can filter and often modify communications as well as provide caching services to improve performance.
You are assisting a user with configuring a static IP address. The user has entered the following configuration values and now cannot access the Internet. Is there a configuration issue or a different problem?
IP: 192.168.1.1
Mask: 255.255.255.0
Gateway: 192.168.1.0
DNS: 192.168.1.0
There is a configuration problem. 192.168.1.0 is not a host address. With the subnet mask 255.255.255.0, it identifies the network range as 192.168.1.0/24. The gateway is usually configured as the first available host address in this range: 192.168.1.1. The DNS server should also be set to 192.168.1.1.
You are assisting another user who is trying to configure a static IP on a Windows workstation. The user says that 255.255.255.0 is not being accepted in the prefix length box. Should the user open a different dialog to complete the configuration or enter a different value?
The Network & Interface settings Edit IP settings dialog can be used. 255.255.255.0 is the subnet mask in dotted decimal format. The dialog just requires the number of mask bits. Each “255” in a dotted decimal mask represents 8 bits, so the user should enter 24.
You are supporting a user who has just replaced a wireless router. The user has joined the new wireless network successfully but can no longer find other computers on the network. What should you check first?
Use Network & Internet to check the network profile type. When the network changed, the user probably selected the wrong option at the prompt to allow the PC to be discoverable, and the profile is probably set to Public. Change the type Private.
True or false? Windows Defender Firewall cannot be disabled.
False. It is not usually a good idea to do so, but it can be disabled via Security Center or the Control Panel applet.
You need to set up a VPN connection on a user’s Windows laptop. The VPN type is IKEv2. What other information, if any, do you need to configure the connection?
You must also input the fully qualified domain name (FQDN) or IP address of the remote access VPN server.
What is an ipconfig command tool?
A Command tool used to gather information about the IP configuration of a Windows host.
What is a ping command?
A ping command is a cross-platform command tool for testing IP packet transmission.
What is a tracert command?
A tracert command is diagnostic utilities that trace the route taken by a packet as it “hops” to the destination host on a remote network. Tracert is the Windows implementation, while traceroute runs a Linux.
What is a pathping command?
A pathping command is a Windows utility for measuring latency and packet loss across an internetwork.
What is a nslookup command?
A nslookup command is a cross-platform command toll for querying DNS resource records.
What is netstat command?
Netstat is a cross-platform command tool to show network information on a machine running TCP/IP, notably active connections, and the routing table.
A DHCP server has been reconfigured to use a new network address scheme following a network problem. What command would you use to refresh the IP configuration on Windows client workstations?
ipconfig /renew
A computer cannot connect to the network. The machine is configured to obtain a TCP/IP configuration automatically. You use ipconfig to determine the IP address and it returns 0.0.0.0. What does this tell you?
This is an irregular state for a Windows PC. If a DHCP server cannot be contacted, the machine should default to using an APIPA address (169.254.x.y). As it has not done this, something is wrong with the networking software installed on the machine. The best option is probably to perform a network reset via the Settings > Network & Internet > Status page.
You are pinging a host at 192.168.0.99 from a host at 192.168.0.200. The response is “Reply from 192.168.0.200: Destination host unreachable.” The hosts use the subnet mask 255.255.255.0. Does the ping output indicate a problem with the default gateway?
No. The hosts are on the same IP network (192.168.0.0/24). This means that 192.168.0.200 does not try to use a router (the gateway) to send the probes. 192.168.0.200 uses address resolution protocol (ARP) to find the host with the IP 192.168.0.99. The host unreachable message indicates that there was no response, but the problem will be an issue such as the host being disconnected from the network or configured to block discovery rather than a gateway issue.
You are checking that a remote Windows workstation will be able to dial into a web conference with good quality audio/video. What is the best tool to use to measure latency between the workstation’s network and the web conferencing server?
pathping measures latency over a longer period and so will return a more accurate measurement than the individual round trip time (RTT) values returned by ping or tracert.
Which command produces the output shown in this screenshot?
This is output from netstat. The -n switch has been used to show ports in numeric format and the -o switch to show the PID of the process that opened the port.
What is ACL?
Access Control List is a collection of access control entries (ACEs) that determines which subjects (user accounts, host IP addresses, and so on) are allowed or denied access to the object and the privileges given (read-only, read/write, and so on).
What is implicit deny?
Implicit deny is the basic principle of security stating that unless something has explicitly been granted access, it should be denied access.
What is least privilege?
Least privilege is the basic principle of security stating that something should be allocated the minimum necessary rights, privileges, or information to perform its role.
What is a local account?
A local account is a user account that can be authenticated again and allocated permissions for the computer that hosts the account only
What is a security group?
A security group is an access control feature that allows permissions to be allocated to multiple users more efficiently.
What is an Administrator?
An Administrator is a privileged user account that has been granted memberships of the Administrators security group. There is also an account named Administrator, but this is usually disabled by default.
What is a standard account?
A standard account is a non-privileged user account in Windows that typically has membership of the Users security group only.
What is a guest account?
A guest account is a non-privileged account that is permitted to access the computer/network without authenticating.
What is a power user?
A power user is one of the default Windows group accounts. Its use is deprecated, but it is still included with Windows to support legacy applications.
What is UAC?
User Account Control is a Windows feature designed to mitigate abuse of administrative accounts by requiring explicit consent to use privileges.
What is MFA?
Multifactor authentication is an authentication scheme that requires the user to present at least two different factors as credentials; for example, something you know, something you have, something you are, something you do, and somewhere you are. Specifying two factors is known as 2FA.
What is 2-step verification?
2-step verification is an authentication mechanism that uses a separate channel to authorize a sign-on attempt or to transmit an additional credential. This can use a registered email account or a contact phone number for an SMS or voice call.
What is a hard token?
A hard token is a USB storage key or smart card with a cryptographic module that can hold authenticating encryption keys securely.
What are the three typical Windows authentication methods?
- Windows local sign-in
- Windows network sign-in
- Remote sign-in
What is a Windows local sign in?
The Local Security Authority (LSA) compares the submitted credential to the one stored in the Security Accounts Manager (SAM) database, which is part of the registry. Also referred as ‘interactive login’
What is a Windows network sign-in?
The LSA can pass the credentials for authentication to a network service. The preferred system for network authentication is based on a system called Kerberos, which is a single sign-on authentication service that is based on a time-sensitive, ticket-granting system.
What is a Remote sign-in?
If the user’s device is not connected to the local network, authentication can take place over some type of virtual private network (VPN) or web portal.
What is the TPM?
The trusted platform module is a specification for secure hardware-based storage of encryption keys, hashed passwords, and other user- and platform-identification information.
What is SSO?
Single Sign-On is an authentication technology that enables a user to authenticate once and receive authorizations for multiple services.
What is a domain?
A domain is a group of hosts that is within the same namespace and administered by the same authority
What is AD?
Active Directory is a network directory service for Microsoft Windows domain networks that facilitates authentication and authorization of user and computer accounts.
What is a member server?
A member server is any application server computer that has joined a domain but does not maintain a copy of the Active Directory database
What are security groups?
Security groups are an access control feature that allows permissions to be allocated to multiple users more efficiently.
What is a OU?
An organizational unit is a structural feature of a network directory that can be used to group objects that should share a common configuration or organizing principle, such as accounts within the same business department.
What is a GPO?
A group policy object is a way to deploy per-user and per-computer settings such as password policy, account restrictions, firewall status, etc on a Windows domain.
What is gpupdate?
gpupdate is a command-line tool to apply and analyze group policies. Group policies are a means of configuring registry settings
What is a login script?
A login script is code that performs a series of tasks automatically when a user account is authenticated.
What is MDM?
Mobile Device Management is the process and supporting technologies for tracking, controlling, and securing the organization’s mobile infrastructure.
While you are assigning privileges to the accounting department in your organization, Cindy, a human resource administrative assistant, insists that she needs access to the employee records database so that she can fulfill change of address requests from employees. After checking with her manager and referring to the organization’s access control security policy, you discover that Cindy’s job role does not fall into the authorized category for access to that database. What security concept are you practicing in this scenario?
The principle of least privilege.
Which three principal user security groups are created when Windows is installed?
Users, Administrators, and Guests. You might also include Power Users, though use of this group is deprecated. Going beyond the account types listed in the exam objectives, you might include groups such as Remote Desktop Users, Remote Management Users, or Backup Operators. There are also system groups, such as Everyone, but users cannot be assigned manually to these.
What tool would you use to add a user to a local security group?
You can change the account type between Standard and Administrator via Control Panel, but the Local Users and Groups management console is the tool to use for a custom security group. You could also use the net localgroup command.
What are the requirements for configuring fingerprint authentication via Windows Hello?
The computer must have a fingerprint reader and a trusted platform module (TPM). Windows Hello must first be configured with a personal identification number (PIN) as a backup method.
True or false? If you want the same policy to apply to a number of computers within a domain, you could add the computers to the same Organizational Unit (OU) and apply the policy to the OU.
True.
You are writing a tech note to guide new technicians on operational procedures for working with Active Directory. As part of this note, what is the difference between the gpupdate and gpresult commands?
gpupdate is used to refresh local policy settings with updates or changes from the policy template. gpresult is used to identify the Resultant Set of Policies (RSoP) for a given computer and/or user account.
Angel brought in the new tablet he just purchased and tried to connect to the corporate network. He knows the SSID of the wireless network and the password used to access the wireless network. He was denied access, and a warning message was displayed that he must contact the IT Department immediately. What happened, and why did he receive the message?
Mobile device management (MDM) is being used to mediate network access. The device must be enrolled with the MDM software before it can join the network.
What is a workgroup?
A workgroup is a group of network hosts that shares resources in a peer-to-peer fashion. No one computer provides a centralized directory.
What is network discovery?
Network discovery is a windows firewall configuration that makes a host visible to network browsers
What is file sharing?
File sharing is a Windows firewall configuration that opens the network ports required to operate as a file/print server.
What is a mapped drive?
A mapped drive is a Windows mechanism for navigating shared network folders by assigning them with drive letters.
What net use command displays a list of servers on the local network?
net view
What net use command views the shares available on server named MYSERVER?
net view \MYSERVER
What net use command maps the DATA folder on MYSERVER to the M: drive?
net use M: \MYSERVER\DATA /persistent:yes
What net use command removes the M: drive mapping?
net use M: /delete
What net use command removes all mapped drives?
net use * /delete
What are NTFS permissions?
NFTS permissions are ACL that mediates local and network access to a file system object under Windows when the volume is formatted with NTFS.
What is a home folder?
A home folder is a default local or network folder for users to save data files to.
What are roaming proflies?
Roaming policies configure a network share to hold user profile data. The data is copied to and from the share at logon and logoff.
What is folder redirection?
In Windows, redirecting an individual user profile folder, such as documents or pictures, to a network share.
What are the prerequisites for joining a computer to a domain?
The computer must be running a supported edition of Windows (Pro, Enterprise, or Education). The PC must be configured with an appropriate IP address and have access to the domain DNS servers. An account with domain administrative credentials must be used to authorize the join operation.
You receive a call from a user trying to save a file and receiving an “Access Denied” error. Assuming a normal configuration with no underlying file corruption, encryption, or malware issue, what is the cause and what do you suggest?
The user does not have “Write” or “Modify” permission to that folder. If there is no configuration issue, you should advise the user about the storage locations permitted for user-generated files. If there were a configuration issue, you would investigate why the user had not been granted the correct permissions for the target folder.
What is the significance of a $ symbol at the end of a share name?
The share is hidden from the file browser. It can be accessed by typing a UNC. The default administrative shares are all configured as hidden.
When you set NTFS permissions on a folder, what happens to the files and subfolders by default?
They inherit the parent folder’s permissions.
If a user obtains Read permissions from a share and Deny Write from NTFS permissions, can the user view files in the folder over the network?
Yes (but he or she cannot create files).
A user is assigned Read NTFS permissions to a resource via his user account and Full Control via membership of a group. What effective NTFS permissions does the user have for the resource?
Full control—the most effective permissions are applied.
