Active Directory Membership
Firewall
Virtualization
Active Directory Precedence
Random
100

These types of accounts belong to a vendor or are required to run a tool.

What is a "service" account?

100

A policy or group of settings that permit or deny traffic from certain ports, services, sources, and destinations.

What is a ruleset?

100

The software the "divvies" up computing resources.

What is a hypervisor?

100

You would use this to override the precedence of other group policies.

What is enforcement?
100

A tool that centralizes all log sources.

What is the SIEM?

200

System administrators with domain admin privileges should use this to perform normal daily tasks (check e-mail, attend meetings, etc.)

What is a separate user account?

200

This perimeter layer of a network shields internal networks from unknown connections while allowing certain systems to be publicaly accessible.

What is a DMZ?

200

This hypervisor is deployed on an Operating System.

What is Type 2?

200

Use this to prevent a higher-level GPO setting from applying in this OU.

What is "Block Inheritance?"

200

A server that specializes in authenticating other objects.

What is a domain controller?

300

Use this tool to protect the built-in local administrator account.

What is "LAPS"?

300
A consideration in Firewall security to ensure rulesets and firewall services are always available and operating.

What is redundancy?

300

This concept facilitates the dynamic allotment of computing power.

What is "Resource Pooling"?

300
This goes up and inheritance goes down.
What is "precedence"?
300

A tool used to protect shared passwords and log access to the account.

What is a vault?
400
Membership of this group has full administrative access to the object. This should be restricted to as few individuals as possible.

What is "Administrators"?

400

A direct connection allowing authentication via the CLI onto the Firewall.

What is console access?
400

These two types of traffic should be segmented in a virtualized environment.

What is migration and management?

400

This is a GPO in the structure but it's settings are not on the examined object.

What is an unapplied GPO?

400

In this IaaS set-up, end-users connect to a temporary virtual machine to access company resources.

What is VDI?

500

A method of distributing access rights where special priveleges are only temporary.

What is "Check-in / Check-Out"?

500

The permission or denial of connections based on the context of packets in network traffic.

What is "stateful" inspection?

500

An alternative term for a hypervisor.

What is a virtual machine monitor (VMM)?

500

You can use group policies for this piece of configuration management.

What is "Security Baselines?"

500

On most next generation Cisco appliances, this is built-in to the devices' settings.

What is "a Default Deny" rule?

M
e
n
u