Module 2 Day 1: users, administrators, groups--supplemental readin for windows passwords

Question 1

What will I be responsible for with other people’s machines/

Answer 1

setup, troubleshootin

Question 2

what will I learn how to manage multiple accounts on?

Answer 2

one machine

Question 3

what are all users on a computer isolated from?

Answer 3

other users

Question 4

what are the two different types of users on a computer?

Answer 4

standard and administrators

Question 5

what kind of user is given access to a machine, but has restricted access to do things like install software or change certain settings?

Answer 5

a standard user

Question 6

what kind of user has complete control over a machine?

Answer 6

an administrator

Question 7

what kind of user can view anyone’s account, change and remove anyone on the computer, and view every single file?

Answer 7

administrator

Question 8

can you have multiple admins on one mchine?

Answer 8

yes

Question 9

who is the default admin on your personal machine?

Answer 9

you are

Question 10

who is the administrator on a public machine?

Answer 10

the person who runs and maintains the machine, like an IT support specialist

Question 11

who grants access for users?

Answer 11

admin

Question 12

who installs software?

Answer 12

admin

Question 13

who changes restricted settings?

Answer 13

admin

Question 14

why don’t we let just anyone have admin permissions?

Answer 14

bloated computers, infected machines, lack of organization.

Question 15

what are put in groups together according to levels of access and permission to carry out certain tasks?

Answer 15

users

Question 16

who decides which users get what permissions for what tasks?

Answer 16

admin

Question 17

what does an admin sometimes give permissions out according to?

Answer 17

the type of group a user is in

Question 18

how do you know what kind of user you are?

Answer 18

By what the computer allows you to do.

Question 19

what do you use to view user and group information in Windows?

Answer 19

Computer management tool

Question 20

how do you navigate to the computer management tool?

Answer 20

search in the search application

Question 21

in computer management, at the top of the sidebar, what does it say? if you are managing a single machine locally

Answer 21

Computer Management (Local)

Question 22

A network of computers, users, files, etc that are added to a central database

Answer 22

windows domain

Question 23

in an enterprise environment, what would I use to manage multiple machines?

Answer 23

a domain

Question 24

what can I do if I am the admin of a domain?

Answer 24

view accounts in computers from any machine in it.

Question 25

What menu in computer management is under computer management local?

Answer 25

System tools

Question 26

in computer management system tools, what tool Let’s you schedule programs and tasks to run at certain times, like shutting the computer off at a certain time automatically?

Answer 26

Task scheduler

Question 27

in computer management, what system tool shows the folders that different users on the machine share with each other?

Answer 27

Event viewer

Question 28

if a user stores files on a shared folder who can view that folder?

Answer 28

anyone who has access to that folder

Question 29

in the computer management system tools where do we do our user and group management?

Answer 29

local users and groups

Question 30

in computer management system tools, what tool shows monitoring for the resources of our machine like CPU and RAM?

Answer 30

performance

Question 31

in the computer management system tools, where do we go to manage devices on our computer like our network cards sound cards monitors and more?

Answer 31

Device manager

Question 32

in computer management where do we have a submenu for disk management

Answer 32

under the storage menu

Question 33

In computer management, what menu shows us the programs and services that we have available on the system, and allows us to enable or disable services like DNS here?

Answer 33

the services and applications menu

Question 34

where do we find all the essential settings that we as administrators need to change?

Answer 34

computer management tool

Question 35

what is more efficient, the computer management tool or the default settings application?

Answer 35

computer management

Question 36

in computer management, where can we see what kind of user account we have and what groups we are part of?

Answer 36

local users and groups Tool

Question 37

What are two built in accounts that you can see in computer management, local users and groups, users

Answer 37

administrator and guest

Question 38

What account lets you log in using the administrator username and whatever the administrator password is on the computer, but is disabled by default?

Answer 38

the local administrator account

Question 39

why would it be dangerous to have the local administrator account logged into at all times?

Answer 39

this account has unfettered access on the computer

Question 40

in computer management, Under local users and groups, in users, if you double click on the user that you want to look at, what page is brought up?

Answer 40

username properties

Question 41

what three tabs are on the user name properties page?

Answer 41

general, member of, profile

Question 42

In the (username) properties page, where can you see some basic information about the users, as well as some options?

Answer 42

General tab

Question 43

in the username properties page, where can I select an option to force a user to change their password the next time they log in?

Answer 43

General tab

Question 44

why is it useful to require a user to change their password the next time that they log in

Answer 44

the password could be compromised and we don’t want to risk someone else logging into the account

Question 45

in (username) properties, where can I force a user to be unable to change their password?

Answer 45

general tab

Question 46

in (username) properties, where can I force a user to never have an expired password?

Answer 46

general tab

Question 47

in (username) properties, where can I force an account to be disabled?

Answer 47

general tab

Question 48

in (username) properties, where can I force an account to be locked out?

Answer 48

general ta b

Question 49

What does enabling or disabling an account mean

Answer 49

making it active or inactive

Question 50

What does it mean when a user cannot log in?

Answer 50

account is locked out

Question 51

Why would you make an account locked out

Answer 51

I disgruntled employee could want to mess things up in the system

Question 52

in (username) properties, where can you see which groups (username) is part of?

Answer 52

the Member of tab

Question 53

What can you do instead of being logged into the administrator account all of the time?

Answer 53

you can be logged into your own account and use administrative powers when you need

Question 54

what does UAC stand for?

Answer 54

User Account Control

Question 55

what feature in windows prevents unauthorized changes to a system?

Answer 55

UAC

Question 56

what does an administrator need to do to authorize changes?

Answer 56

enter password

Question 57

in (username) properties, where can you change settings about your user profile, like where you want your home folder to be?

Answer 57

Profile

Question 58

when does the profile tab of the (username) properties page come in handy?

Answer 58

when you are managing many users on a domain.

Question 59

in Computer management, on the groups menu in the sidebars, what can you see?

Answer 59

which groups are available and who their members are.

Question 60

What command in the windows PowerShell cli lets you view the list of users on the computer?

Answer 60

Get-LocalUser

Question 61

For command in windows PowerShell lets you view the list of groups on the Local machine

Answer 61

Get-LocalGroup

Question 62

What command on Windows PowerShell lists your user account, all users, and some default accounts that are just part of windows

Answer 62

Get-LocalUser

Question 63

What’s the multitude of groups listed by the Get-LocalGroup?

Answer 63

Built in groups, important but not likely to change, except for administrators

Question 64

Why is it important to control who is an administrator on a machine

Answer 64

administrators can do anything that they want to on a machine

Question 65

How can you see who is in a specific group in PowerShell? Check the Administrators group.

Answer 65

Get-LocalGroupmember Administrators

Question 66

what PowerShell version do you need to be running in order to run the Get-LocalUser and Get-LocalGroup commands?

Answer 66

PowerShell 5.1 or newer

Question 67

If your organization has lot of machines what is commonly used to manage a lot of user accounts across those machines

Answer 67

active directory To manage user accounts in a central directory service

Question 68

how does access management work in Linux?

Answer 68

like it does in Windows

Question 69

What is the first user that gets automatically created when we install a Linux operating system?

Answer 69

root user

Question 70

What user in Linux has all the privileges on the operating system and is the superuser?

Answer 70

Root user

Question 71

what do you call someone who is granted access to use the superuser powers in a Linux system

Answer 71

a Super User

Question 72

why don’t we want to be in root all of the time as a Linux user?

Answer 72

it can be really dangerous because it has unrestricted access on the machine. if you make just one mistake you can damage or delete or modify something important

Question 73

what can we do in Linux instead of logging in as the root?

Answer 73

tell the shell we want to run one command as root, Sudo

Question 74

what is sudo similar to on Windows?

Answer 74

UAC

Question 75

what does sudo stand for?

Answer 75

super user do

Question 76

where do you put sudo next to commands?

Answer 76

at the front

Question 77

what can you use if you don’t want to run sudo every time you need to run a command that requires root privileges?

Answer 77

use the su command

Question 78

what does su stand for?

Answer 78

substitute user

Question 79

what does the su command allow you to do?

Answer 79

change to a different user, and defaults to root if you don’t specify a user.

Question 80

how do you log in as root?

Answer 80

su sudo -

Question 81

how do you exit out of root? linux

Answer 81

exit

Question 82

how to view who has access to run sudo?

Answer 82

cat /etc/group
file. This is also how you view membership for all groups. One s, not plural.

Question 83

what does each line represent in the /etc/group file?

Answer 83

a different group

Question 84

on the sudo line in the /etc/group file, how many fields are there?

Answer 84

four, separated by :

Question 85

what is the first field specified in each line of the /etc/group file?

Answer 85

group name

Question 86

what is the second field specified in a line in the /etc/group file?

Answer 86

group password

Question 87

What does the x that shows in the etc/group file in for the group password mean?

Answer 87

the password has been hashed, not encrypted.

Question 88

What does it mean for a password to be hashed/

Answer 88

it was converted into a unique string of characters, called a hash, which is stored on the server

Question 89

what is used to verify the password on Linux when a user attempts to join the group?

Answer 89

the hash

Question 90

in the etc/group file, in the line, what is the third group?

Answer 90

the ID of the group. Group ID.

Question 91

What does Linux OS use when it runs a task that involves a group instead of a group name?

Answer 91

group ID

Question 92

What is the last field in a line in the /etc/group file ?

Answer 92

the list of users in a group.

Question 93

how do you view the users on your machine?

Answer 93

/etc/passwd

Question 94

in /etc/passwd, what are most accounts that are shown?

Answer 94

processes running on the computer that we need to associate with a user, so our system has users with different permissions that are needed to run these processes.

Question 95

what is the first field in a line of the /etc/passwd file?

Answer 95

username

Question 96

what is the second field in a line of the /etc/passwd file?

Answer 96

user password. not actually stored in this file, but hashed and stored in a different file.

Question 97

what is the third field in a line of the /etc/passwd file?

Answer 97

UID, User ID. How our system identifies a user, not the username. two numbers separated by :

Question 98

what is the UID of root?

Answer 98

0:0

Question 99

What add security to our user accounts and machines

Answer 99

passwords

Question 100

when I am setting up my own password who should know the password

Answer 100

only me

Question 101

when I am managing other people’s accounts on a machine who should know what their password is

Answer 101

only them

Question 102

who should enter the password themselves

Answer 102

the user who the account belongs to

Question 103

How will I reset a password on the gui on Windows? Make a user named Sarah have to change her password the next time she logs in.

Answer 103

Open Computer management, go to Local Users and Groups, Right click on Sarah, click properties, check the box that says user must change password at next login. Apply, hit ok.

Question 104

if a user forgot their password, how can you set one for them manually?

Answer 104

right click on the user’s name, select ‘set password’

Question 105

what are the caveats for resetting a user’s password manually for them?

Answer 105

losing access to certain credentials, data, information, permanent access loss for files

Question 106

how do you change a local password in PowerShell?

Answer 106

use the DOS style net command

Question 107

Why not use the native PowerShell command to change a local password?

Answer 107

it’s complicated and requires scripting to use

Question 108

what command changes local user passwords?

Answer 108

net

Question 109

what does the /? parameter do?

Answer 109

gets help. Useful with net command and other DOS commands

Question 110

how do you change a command for a user? PowerShell CLI

Answer 110

net user (username) ‘password’

Question 111

for the command in PowerShell
net user username ‘password’, what is the best way to write the password part?

Answer 111

use asterisk instead of writing the password on the command line, so net will pause and ask you to enter your password
like:
net user username *

Question 112

why is it better to use asterisk instead of entering your password on the command line?

Answer 112

the commands you run on the machine could be recorded in a log file that is sent to a central logging service. It is best that any kind of password is not logged like this.

Question 113

what is the problem with the asterisk approach for doing it for another user?

Answer 113

if you do it for them, you’ll know their password. not good to know a user’s password if you are not the user.

Question 114

what parameter will make it so that the user will have to change their password the next time they log into the system?

Answer 114

/logonpasswordchg:yes

Question 115

in PowerShell, how would I force Victor to change his password on the next log on?

Answer 115

net user victor /logonpasswordchg:yes

Question 116

how do most users log into their computer and remote computers?

Answer 116

combination of user name and password typed at the keyboard

Question 117

what common attack method do attackers use to discover a password which involves attempting to log on by guessing likely words and phrases like kid names, city of birth, local sport teams?

Answer 117

Guessing.

Question 118

what common attack method do attackers use to discover a password which involves using an automated program that includes a file of texts of words, and repeatedly attempts to log on to the target system using a different word from the text file on each try?

Answer 118

Online Dictionary Attack

Question 119

what common attack method do attackers use to discover a password which involves getting a copy of the file where the hashed or encrypted copy of user accounts and passwords are stored and uses an automated program to determine what the password is for each account? very fast once the attacker gets the password file

Answer 119

Offline dictionary attack

Question 120

what common attack method do attackers use to discover a password which involves determining passwords that may not be included in the text file used in attacks, and can be attempted online, but is usually offline using a copy of the target’s password file. The attacker uses an automated system that generates hashes or encrypted values for all possible passwords and compares them to the values in the password file

Answer 120

Offline Brute Force attack

Question 121

what counts as a strong password?

Answer 121

a password that includes characters from at least three of the five Character classes

Question 122

what are the five character classes for passwords?

Answer 122

lowercase letters, uppercase letters, numerals, non-alphanumerics, Unicode characters

Question 123

what characters do not fall under the password groups and don’t count toward password complexity requirements?

Answer 123

space characters

Question 124

what passwords should be composed of more groups?

Answer 124

admin account passwords

Question 125

what passwords must be easily remembered?

Answer 125

passwords used by humans

Question 126

how can you overcome the difficulty of making a strong password that is easy to remember?

Answer 126

make a pass phrase instead of passwords

Question 127

how are passwords stored in Windows?

Answer 127

hashes. LAN manager, LM hash, NTM hash

Question 128

what hash is not really a hash?

Answer 128

LM

Question 129

what hash is very easy to break?

Answer 129

LM hash

Question 130

what will most password cracking tools do for LM hashes?

Answer 130

start by cracking them and then vary the alpha characters int he cracked password to generate the case-sensitive passwords.

Question 131

why is NTLM hash called unicode hash?

Answer 131

it supports full unicode character set.

Question 132

what is a measure of disorder in a system?

Answer 132

entropy

Question 133

what type of character can I use if I want to be super extra secure?

Answer 133

Alt characters, to access the whole unicode set.

Question 134

how often should passwords be changed?

Answer 134

every 42 days, and old ones should never be reused

Question 135

why do you need to change your password so often?

Answer 135

cracking takes time, but any hacker can crack any password given enough time and resources

Question 136

steps in determining organization password policy

Answer 136

Identifying what computer operating systems are present on your organization’s network

Understanding what the limitations are for those operating systems

Defining what the technical requirements for passwords will be on your organization’s network.

Determining how much formality is appropriate regarding the documentation and communication of the password policy for your organization

Documenting the password policy in writing

Communicating the password policy to the users before implementing it on your systems

Implementing the password policy on your organization’s computer systems

Reminding users on an ongoing basis about importance of observing the password policy and other corporate security policies

Question 137

Determines the number of unique new passwords a user must use before an old password can be reused. It can be set between 0 and 24; if set to 0, then enforce password history is disabled.

Answer 137

Enforce Password History: recommend set to 24 passwords

Question 138

Determines how many days a password can be used before the user is required to change it. It can be set between 0 and 999; if set to 0, then passwords never expire. Setting this too low may cause a great deal of frustration for your users, setting it too high or disabling it will give potential attackers more time to try to break users’ passwords.

Answer 138

Maximum password age: set to 42 days for most organization

Question 139

Determines how many days a user must keep their new password before they can change it. This setting is designed to work with the Enforce password history setting so that users cannot quickly reset their password 24 times and then change their password back to the old password. It can be set between 0 and 999; if set to 0, then users will be able to immediately change their password right after changing it.

Answer 139

Minimum Password age. set to 2 days for most organizations

Question 140

Determines how short passwords can be. Although computers running Windows 2000, Windows XP, and Windows Server 2003 support passwords up to 128 characters, this setting can only be set between 0 and 14 characters. If it is set to 0, then users are allowed to have blank passwords; this value should never be used

Answer 140

Minimum password length: set to 8 characters

Question 141

Determines whether or not password complexity is enforced.
When this setting is enabled user passwords will have the following requirements:
The password is at least six characters long.

The password contains characters from three of the following five categories: English uppercase characters (A - Z); English lowercase characters (a - z); base 10 digits (0 - 9); non - alphanumeric (For example: !, $, #, or %); Unicode characters.

The password does not contain three or more characters from the user’s account name. If the account name is less than three characters long then this check is not performed because the rate at which passwords would be rejected would be too high. When checking against the user’s full name several characters are treated as delimiters that separate the name into individual tokens: commas, periods, dashes/hyphens, underscores, spaces, pound-signs and tabs. For each token that is three or more characters long, that token is searched for in the password, and if it is present, the password change is rejected. For example, the name “Erin M. Hagens” would be split into three tokens: “Erin,” “M,” and “Hagens.” Since the second token is only one character long it would be ignored. Therefore, this user could not have a password that included either “erin” or “hagens” as a substring anywhere in the password. All of these checks are case insensitive.

Answer 141

Passwords must meet complexity requirements: enable this setting

Question 142

what command do you need in Linux to change your password?

Answer 142

passwd

Question 143

How would cindy change her password? What command would she use?

Answer 143

passwd cindy

Question 144

when you change your password in LInux, what are the steps it walks you through?

Answer 144

changing password for (user)
current pass
enter new pass
retype new pass
passwd: password updated successfully

Question 145

What happens when you set a Linux password?

Answer 145

it is securely scrambled, then stored in a special privileged file called /etc/shadow

Question 146

who can read /etc/shadow?

Answer 146

root. only root .

Question 147

even if you had access to /etc/shadow, would you be able to read it?

Answer 147

not really. It’s hashed.

Question 148

how do you force a user to change their password in Linux?

Answer 148

use the -e flag,
sudo passwd -e username

Question 149

what does the -e flag do after passwd?

Answer 149

immediately expires a user’s password