Module 1 Flashcards
AD DS
Active Directory Domain Services
“Alphabet Soup” Frameworks
- IDA
- AAA
- CIA
IDA
Identity and Access
Describe Identity.
- user account
- saved in identity store (directory database)
- “security principal”
- Represented by SID
Describe Resource.
- to which the user requires access
- secured with permissions
- “security descriptors” ⏩ DACL ⏩ ACE
DACL
Descretionary Access Control List
ACE
Access Control Entry
The process of verifying a user’s identity.
Authentication.
Two types of authentication.
- Local / Interactive
- Remote / Network
LSA
Local Security Authority
What is LSA?
- generates access token / access token / security token.
- Previleges / user rights.
Where is Access Token generated and held?
Locally.
Access Token on the server is the same to the Access Token of desktop.
False.
Access Token is NEVER transmitted over the network.
True.
Access Control Entry is also known as…
Permissions.
Use of Access Mask.
It specifies the level of access.
ACEs / Permissions contains…
- Flags : Deny or Allow ACE
- Trustee (SID)
- Access Mask
What defines WHO can or can’t do WHAT?
ACE / Permission
SACL contains…
- Auditing settings
- Attributes (ie Object’s owner)
It provided a centralized identity store trusted by all domain members.
Active Directory domain
SAM
Security Accounts Manager
It is the process that determines whether to grant or deny a user.
Authorization
Components required for authorization.
- Resource
- Level of Access
- Security Token
Stand-alone configuration is aka _____.
WORKGROUP
