Features
What is the difference between Authentication and Authorization operations?
Are they related? What is the order of their execution?
Authentication is the process of verifying a user’s identity.
Authorization is the process of granting the user access only to the resources he/she is permitted to use.
We authenticate users first then authorize them to use a specific resource (if applicable)
Which type of Windows installation allows users to fix errors as they occur? Explain.
a. Attended installation
b. Unattended installation
c. Upgrade installation
d. Clean installation
Attended installation: use will be there to respond to any prompt while installing the OS?.
What is the main job of Active Directory Service in Windows Server?
A directory service is a database of information about resources that are connected to a network:
- Users
- Hardware: PC, Printers, etc.
- Software – Applications
What is primary role of creating a User Account in Windows Server with Active Directory Services?
The user account is the primary method for authentication on a network.
Three types of GPOs are _____, ____, and ____.
Explain each type.
Local: on the computer
Domain: applied over the network
Starter: template to make other GPO.
You have been asked to install Windows Server on a new server. How would choose which Windows Server edition is suitable?
Bonus:
1. What editions does Windows Server 2022 has?(+50) 2. Windows Server 2022 requires this many bits for it's operating system. (+20)
- Number of users in the company
- Needed features
- Support
- Budget and Licensing
Bonus:
- Essential: for small businesses (25-50 users)
- Standard: small - medium businesses (allows setup of 2 VMs only)
- Data Center (mainly can be used to deploy many VMs)
- Azure: to be used with Azure cloud setup
64 Bits
Which type of installation requires the least amount of user input during the Windows Server 2022 installation process?
a. Attended installation
b. Unattended installation
c. Upgrade installation
d. Clean installation
b. Unattended installation
It requires a answer file to provide the user responses. (+50 points)
What is the difference between a local user account and domain user account?
Local users are accounts can only access resources on the local computer and are stored in the local database on the computer where they reside.
Domain users are accounts that can access AD DS or network-based resources, such as shared folders and printers.
What is the use of Group objects in the Active Directory?
Create a group when you want to grant a collection of users permission to access a network resource, such as a file system share or a printer.
What is Default Domain Controller Policy? Why there is a special policy for domain controllers?
Policy linked to the Domain Controllers OU. Its settings affect all domain controllers in the domain.
It is a more secure and restrict policy to ensure that DCs are secured.
As you are installing Windows Server 2022, you realize that the Standard and Data Center editions provide 2 installation options?
What are the options?
What is the motivation behind each option?
1. Desktop Experience
Provide GUI interface to interact with Windows. Used for easier and quick tasks using GUI consoles and Wizards.
2. Server Core.
CLI interface.
- Reduce the attack surface of the operating system (Why +25)
- Saves the hardware resources (How +25)
You have installed Windows Server 2022 and you notice "Server Manager" software starts as you login.
State at least 2 of the Server Manager functionalities.
- Dashboard: basic information
- Manage multiple servers on a network from one console
- Add roles and features
- Launch windows PowerShell sessions
- View events
- Perform server configuration tasks
Installing Active Directory Services on Windows Server requires a setup of a Domain and promoting a server to a Domain Controller.
What is the difference between a Domain and Domain Controller.
A domain is a logical container of network components, hosted by at least one server designated as a domain controller.
What is the PowerShell\Command Prompt command to manually update your Group Policy?
gpupdate.exe
You created a new GPO in the active directory.
What is the process of applying the GPO to the Student OU in the Active Directory known as?
Bonus (+100)
After applying the GPO, you notice in the Group Policy Management console that there are multiple GPOs linked to the staff OU.
Why are there more than one policy?
Which policy settings applies to the Student OU?
Process is know as Linking
The domain default policy is linked by inheritance to all domain objects.
The first GPO takes precedence (the one with smallest number next to it)
You installed Windows Server 2022. On the server manager, you have the option to Add roles and Features.
What is the difference between roles and features?
• A role is something that the servers offers to clients. (Such as Logon (AD))
• A feature is something the server consumes or uses itself. (Such Network Load Balancing)
Why does a clean installation often succeeds where an unclean installation may fail?
a. Because it is faster.
b. Because it only installs important items needed by the OS.
c. Because it is designed for Server Operating systems.
d. Because it wipes the disk and erases all the previous OS files.
d. Because it wipes the disk and erases all the previous OS files.
What is the main reason of creating a domain controller replica in a network?
Backup - redundancy - better performance
Eliminate the single point of failure
What is the purpose of adding computer objects to Active Directory manually?
Bonus: How are computer objects added atomically to the active directory and where are they stored? (+100)
Organization: example when added manually, you add them in designated OUs allowing them to have GPO applied to them directly.
Bonus:
Computer objects are added automatically to active directory when they join the domain. They are stored in the Computers container.
Your network contains an Active Directory domain named contoso.com. You discover that some users can use passwords that contain only numbers.
You need to ensure that all the user passwords in the domain contain at least three of the following types of characters: Numbers Uppercase letters Lowercase letters Special characters
What should you edit? Explain
a. The Default Domain Controllers Policy
b. The local policy on each client computer
c. The Default Domain Policy
d. The local policy on each domain controller
c. The Default Domain Policy
You just finished installing Windows Server 2022 on a new server.
What are the recommended actions to be done before you proceed to install new roles on that server?
- Set a strong password.
- Change the computer name.
- Set network settings (Static IP Address)
- Windows updates.
In image identify which is a domain Forest and which is Tree.
Explain.
A forest is a set of one or more domain trees that do not have the same contiguous namespace.
A domain tree is made up of several domains that share a common schema and configuration, forming a contiguous namespace.
State two key reasons for creating organizational units in active directory.
- Assigning group policies
- Duplicating organizational divisions.
- Delegating administration.
Read the scenario in the image attached.
(Bonus +100)
GPO applied to user, Barry Allan, is EUR_GPO_Users
GPO applied to computer, management_PC1, is NAM_GPO_PCs
Where can a group policy be applied in your Active directory structure? (3 Answers - Need all for full credit)
Order of GPO application:
Local, Site, Domain, OU (sub OU)
1. Site 2. Domain 3. OU
belong to the active directory