midterms Flashcards
What is Network Attached Storage? (NAS)
Storage that is attached to the local network and clients are able to accessed shared storage through LAN
What is Storage Area Network? (SAN)
Specialized high speed network of storage devices that allows clients to access shared storage as if a local device
What is Direct Access Storage? (DAS)
Storage that is directly attached to the computer that is using it
What are the three enterprise storage solutions?
NAS, SAN, and DAS
What is a hypervisor?
Software that creates and manages VMs
What’s the difference between type 1 VMs and type 2 VMs?
type 1 VMs (aka bare metal) run directly off the host machine’s hardware and is generally used in production.
type 2 VMS (aka OS on OS) run on top of the host OS and translates everything virtually
What is the difference between standard, essential, and datacentre versions of windows server?
essential is the bare version of windows server
standard allows for two vms + 1 hyper-v
datacentre allows for unlimited vms and 1 hyper-v
What’s the difference between NTFS vs Fat32?
NTFS allows for Compression, disk quotas, and permissions
What is an SID?
It is used to uniquely identify a security principal (ie computer) or security group and can be assigned permissions
What are the components of a SID?
- String identifying SID (S)
- SID revision version
- identifier authority value
- domain identifier
- relative identifier
What is ADDS?
A special database that contains information about objects (ie user and devices) and gives authority/authentication to access these resources
what is NTDS.dit?
It is the main database file for ADDS
What is a domain controller?
a server that responds to authentication requests
What are the physical parts of ADDS?
- Database
- Network authentication protocol
- DNS
- LDAP
What are the partitions of the database?
- Domain - contains objects
- Schema - contains classes (aka blueprints) and attributes (describes objects)
- applications - third party apps
- configuration (network infrastructure/domain architecture)
What is the Network authentication protocol?
kerberos verifies identities of users on a network (port 88)
What is the role of the DNS in a ADDS?
Locates domain on the network via SRV records
Forward lookup zone
domain name to ip address
reverse lookup zone
Ip address to domain
What is LDAP?
It is a communication protocol that ADDS uses to manage and store information in the NTDS.dit
What are the logical components of ADDS?
- Forest - atleast 1 tree
- Tree - a domain
- Site - group of domain controllers (for replication purposes)
- OU - custom organizational groups
How do domains maintain the same database/security rules between them?
domains replicate and share the database/permissions with each other
Why do we want multiple domains?
- Fault tolerance
- load balancing
What are domain controllers?
Microsoft with servers that have AD DS server roles installed and contain copies of information from AD
Member servers
Servers on a network managed by active directory but are not domain controllers
domain
container that holds information about all network resources grouped within it
What are the five FMSO roles?
- Schema Master
- Domain naming master
- PDC emulator
- RID ppool master
- Infrastructure master
Schema master (and what level)
It is forest level, this role is used to modify the schema for all domains in the forest
Domain naming master
forest level role that manages the addition of new domains and that names don’t conflict, manage cross references, and adding new domains
PDC emulator
domain level role that is the authoritative reference for the current time and synchronizes it with the rest of the servers. modified account passwords in domain controllers are replicated to the PDC emulator. Also needed for group policy
RID pool master
Domain level role that assigns a new SID to an object when a DC creates a new security principal object
Infrastructure master
Domain level role that is responsible for cross referencing objects in other domains and synchronizing it with the global catalog
Functional levels
Determine the capability of the ADDS in order to provide backward capability with older domain controllers. Cannot be lowered
Sites
Groups of domain controllers connected to each other on a new network and reflects the physical arrangement of the network. Clients can access closer DCs and replication can be made simpler without needing to replicate with all DCs at once.
Organizational units
Containers in domains that allow you to organize and group resources for easier administration ie giving privileges
What is the purpose of Install from media?
It allows you to replicate a domain controller to remote sites by downloading it using ntdsutil.exe so that replication is not needed
Global catalog
domain that hosts a partial attribute set for other domains in the forest, supports queries for objects throughout the forest
Read only domain controller (RODC)
Full copy of database but is read only, good for places that need it but security cannot be guaranteed. (faster to have local dc)
Groups
objects that contain users that require a similar permission set or access to an another object/task. members of group gain the same permissions assigned to the group
Group types
Distribution groups - only used for email applications and cannot take permissions
security groups - has SID and can be given permissions
what can contained in domain local groups?
- objects
- domain local (from the same domain)
- universal group
- glboal group
can be be given specific permissions for resources only in that domain
what can be in the global groups
- objects
- other global (from the same domain) groups
what can be in the universal group
- objects (has enterprise domain admin)
- global groups
- universal groups
what does IGDLA stand for?
Identity: users/computers
Global group
Domain Local
Access
- users should be placed in global groups
- global groups should be placed in domain local groups
- permission should be granted to those domain local groups
What is a checkpoint?
Checkpoint is a feature of hyper-v that allows the user to save the state of a virtual machine
What are the two types of checkpoints?
Standard checkpoint
production checkpoint
Standard checkpoint
A snapshot of the virtual machine and virtual memory state at the time a checkpoint is initiated
Production checkpoint
VCC (volume shadow copy service) is used to create a data-consistent backup of the virtual machine but is not a snapshot of the virtual machine
External switch
Allows the VM to connect to the Host’s network adaptor allowing it to communicate with external networks and the internet
Internal Switch
VM is able to communicate with other VMs on the same network and the Host itself
Private Switch
VMs can only communicate between each other
RAID 0
striped disc
RAID 1
mirrored disc
RAID 5
Parity with striping, requires 6 discs
RAID 6
dual parity with striping, requires 7 discs
What’s the difference between file level and block level?
File storage stores data in a hierarchical file and folder structure. block level storage is data stored in fix sized boxes without a predefined file structure ie databases
What is iSCI
iSCI is a protocol that allows servers to access SCSI based storage over TCP/IP networks
What are the components of a iSCI?
- IP network
- iSCI targets: servers that run on the storage device
- iSCI initiators: software or host adapter that provide access to targets
- IQN: identifier used to address initiators and targets