You can manually configure classification on a folder from its Properties dialog box, or you can create classification rules to automate the classification from within this console.
What is File Server Resource Manager?
100
This lets you define computer-wide system access control lists for either the file system or registry.
What is Global Object Access Auditing?
100
: The Audit Event ID 4818 in the Security log shows the difference between the access check using the _____ policy and the access check using the _____ policy.
What is staged and enforced?
100
If you do not configure an Access-Denied message, users will see this instead.
What is a standard “Access Denied” message?
200
Claims authorization relies on this.
What is Kerberos Key Distribution Center (KDC)?
200
A(n) _____ contains Central Access Rules that grant permissions to objects for a defined group of resources.
What is Central Access Policy?
200
When a user is denied access to a shared folder or file, Windows Server 2012 R2 provides this.
What is Access-Denied Assistance?
200
This unarmored authentication requests option ensures that only armored Kerberos requests are accepted.
What is Fail ?
200
This is the best way to allow Dynamic Access Control staging for your Active Directory environment.
What is - The best option is to edit a domain Group Policy to enable Audit Central Access Policy Staging?
300
To create a claim type, you specify a specific this from Active Directory.
What is an attribute?
300
Before you attempt to implement a Central Access Policy, you should take these three steps.
What is translate the authorization policies into expressions, identify the resources you want to protect, and define the authorization policies?
300
This helps users determine why they cannot access the folder or file and directs users to resolve the issue without calling the help desk.
What is Access-Denied Assistance?
300
To use staging, you deploy the proposed polices along with the enforced policies, but you do not actually _____ or _____ permissions.
What is grant or deny?
300
Claims-based access control uses this to provide authentication.
What is a trusted identity provider?
400
After you create the claim types, you must configure these objects.
What is resource property?
400
Before you attempt to perform this, you should know what classifications you wish to apply, how you will identify documents to be classified, and how often the classification should be performed by the system.
What is file classification?
400
This cmdlet modifies a Central Access Policy in Active Directory.
What is Set-ADCentralAccessPolicy?
400
In this node of a Group Policy Object you can find the settings to enable Central Access Policy auditing.
What is computer configuration?
400
Regarding Dynamic Access Control, this term describes the pieces of information that help prove who the user is.
What is a claim?
500
These can be created and then scheduled to be applied on a regular basis so that files are automatically scanned and classified based on the content of the file.
What are classification rules?
500
To help you test implementing dynamic access control (DAC) or before making changes, Windows Server 2012 R2 enables you to perform this, which allows you to verify the proposed policy updates before enforcing them.
What is staging?
500
When deploying Access-Denied Assistance, you will need to plan for the _____ message, the request message, and who should receive the request message (email) for further action.
What is denial?
500
Access-Denied remediation only works on these operating systems.
What is Windows 8 and Windows Server 2012 R2.
500
Regarding Dynamic Access Control, this term describes the identity provider in Windows Server 2012 R2?