IST 253 Exam 4 Review Pt2

RMS

ACTIVE DIRECTORY

PERMISSIONS

RIGHTS

TEMPLATES

100

Used to provide an extra level of security to documents such as e-mail, and Microsoft Office documents, by using encryption to limit who can access a document or web page and what can be done with that document or web page.

What is Active Directory Rights Management Services (AD RMS)?

100

An optional component, not part of the root cluster that provides both publishing licenses and use licenses to users

What is a Licensing-only cluster?

100

Specify what a user or group can do with an object.

What is permissions?

100

Members of this goupr can only access rights policy template administration features in the AD RMS console.

What is AD RMS Template Administrators?

100

If you wish to use Kerberos authentication with AD RMS, you will first need to be a member of these two groups.

What is AD RMS Enterprise Administrators group and the Enterprise Admins group?

200

Computers that can access the documents that are encrypted with an AD RMS server.

What is an AD-RMS client?

200

These allow you to specify which user accounts, client software, and applications are automatically denied access to AD RMS.

What is Exclusion policies?

200

This determines the rights that apply to AD RMS-protected content.

What is a Publishing license ?

200

You should not deploy AD RMS on a domain controller. But; if you do, the service account that AD RMS uses must be a member of this group.

What is Domain Admins?

200

Tools provided in Windows Server 2012 R2 which allow you to view the SCP configuration in Active Directory.

What are ADSI edit and LDP?

300

An application that allows users to create and consume AD RMS-protected content.

What is AD RMS Enabled Applications?

300

Required to consume AD RMS-protected content.

What is an End Use License?

300

This specifies what a user or group can do on a system.

What are rights?

300

If someone copies the file to a USB storage device and takes it offsite, or emails it to someone else, the person who opens the file needs to access this to retrieve the keys.

What is AD RMS ?

300

To enable mobile devices running Windows Mobile 6 and above operating systems to obtain certificates and licenses for their users, you will need to edit the NTFS permissions of this file.

What is the MobileDeviceCertification.asmx file?

400

Used to identify a trusted computer or device. It is also used to encrypt the rights account certificate private key and decrypts the Rights Account Certificates.

What is AD RMS Machine Certificate?

400

Allows a user to publish AD RMS-protected content when the client computer is not connected to the same network as the AD RMS cluster.

What is a Client Licensor Certificate?

400

This is issued the first time a user attempts to access AD RMS-protected content, which is used to identify a specific user.

What is a Rights Account Certificate (RAC)?

400

This is issued to users who are accessing AD RMS-protected content from a computer that is not a member of the same or trusted forest as the AD RMS cluster.

What is a Temporary Rights Account Certificate?

400

This is used to enforce the rights that a user or group has on rights-protected content.

What is Rights policy templates, also known as RMS templates?

500

The first AD RMS server that you deploy in a forest. It manages all licensing and certification traffic for the domain in which it is installed.

What is AD RMS root certification cluster?

500

The server that is responsible for securing documents and providing access to those users that are allowed to access the documents.

What is AD RMS Server?

500

A certificate that contains the public key that encrypts the content key in a publishing license. It allows the AD RMS server to extract the content key and issue end use licenses (EULs) against the publishing key.

What is the Server Licensor Certificate?

500

An object in Active Directory that holds the web address of the AD RMS certification cluster. AD RMS-enabled applications use the SCP to find the AD RMS service.

What is the Service Connection Point (SCP)?

500

This right would be required to allow a user the ability to use part of the contents of the protected document in a new document.

What is Extract?