ITOS Final Exam FlashCards

The directory service included with Windows Server 2003 that provides a single point of administration, authentication, and storage for user, group, and computer objects.

Contains the definition of all object classes and attributes use in the Active Directory Database.

Used to define the characteristics of an object class within Active Directory.

The ability to increase access to server resources and provide fail-safe services by linking two or more computer systems to they appear to function as though they are one. Only supported by Windows Server 2003 Enterprise and Datacenter editions.

An LDAP component used to uniquely identify an object throughout the entire LDAP hierarchy by referring to the relative distinguished name, domain name, and container holding the object.

A logically structured organization of objects, such as users, computers, groups, and printers, that are part of a network and share a common directory database. They are defined by an administrator and administered as a unit with common rules and procedures.

A collection of Active Directory tress that do not necessarily share a contiguous DNS naming convention but do share a common global catalog and schema.

The first domain created within the Active Directory structure.

An index of the objects and attributes used throughout the Active Directory structure. It contains a partial replica of every Windows Server 2003 domain within Active Directory, enabling users to find any object in the directory.

The Windows Server 2003 feature that allows for policy creation that affects domain users and computers. Policies can be anything from desktop settings to application assignments to security settings and more.

An access protocol that defines how users can access or update directory service objects.

A Windows Server 2003 system that has a computer account in a domain, but is not configured as a domain controller.

A customizable management interface that can contain a number of management tools to provide a single, unified application for network administration.

A replication model in which any domain controller accepts and replicates directory changes to any other domain controller. This differs from other replication models in which on computer stores and single modifiable copy of the directory an other computers store back-up copies.

A collection of attributes that represtent items within Active Directory, such as users, groups, computers and printers.

Define which types of objects can be created within Active Directory, such as users, groups, and printers.

An Active Directory logical container used to organize objects within a single domain. Objects such as users, groups, computers, and other OUs can be stored in an OU container.

A collection of hard disks that act as a single unit for the purpose of providing fault tolerance or increasing performance.

An LDAP component used to identify an object within the object's container.

The local security and account database on a Windows Server 2003 standalone or member server.

A combination of one or more Internet Protocol (IP) subnets connected a high-speed connections.

A low-bandwidth or unreliable/occasional connection between sites. It can be adjusted for replication availability, bandwidth costs, and replication frequency. they enable control over replication and logon traffic.

Microsoft software that allows security patches and updates to be deployed from a centralized server.

A Windows Server 2003 service that allows a user to connect to an run applications on a server as if sitting at the server console.

The ability to domains or forests to trust one another, even though they do not have a direct trust between them.

A user-account naming convention that includes both the user name and domain name in the format user@domain.com.

A logical group of computers characterized by a decentralized security and administration model.

Software that includes the instructions necessary in order for an operating system to communicate with a hardware device.

A resource that allows hardware to access RAM directly without intervention of the system CPU.

A digital signature that Microsoft incorporates into driver and system files as a way to verify that the files and to ensure that they are not inappropriately overwritten.

A utility use to identify unsigned system and driver files, that provides information such as the filename, location, modification date, and version number.

A set of instructions telling the operating system which devices start and drivers to load when a computer starts.

A legacy 16-bit bus architecture that does not support the Plug and Play standard.

Dedicated memory areas that are allocated for the purpose of transferring information between a computer and a hardware device.

Resource used by hardware devices to gain the attention of the system processor.

Devices that do not follow the Plug and Play standard, such as older Industry Standard Architecture.

Memory ranges allocated for the purpose of communication between a hardware device and operating system.

Disk space, in the form of a file (pagefile.sys), for use when memory requirements exceed the available RAM.

A set of specifications originally developed by Intel that enables a system to automatically detect hardware and configure driver and resource settings.

A device built into electrical equipment or a separate device that provides immediate battery power to equipment during a power failure or brownout.

Disk storage used to extend the capacity of the physical RAM installed in the computer.

The main listing of hardware devices that have been certified to the function with Windows Server 2003, and officially carry the "Designated for Windows Server 2003" logo.

The process by which a user's identity is validated, which is subsequently used to grand or deny access to network resources.

A command-line utility that can be used to import and export data to and from Active Directory in a comma-separated file format.

An operating system running Windows NT 4.0 or earlier.

A command-line utility used to add objects to Active Directory

A command-line utility used to modify Active Directory objects.

A command-line utility used to move or rename Active Directory objects.

A command-line utility used to delete Active Directory objects.

Enables the centralized management of user desktop settings, desktop and domain security, and the deployment and management of software throughout your network.

The process by which a user provides their user name and password to be authenticated from the Log On to Windows dialog box.

The primary authentication protocol used in Active Directory domain environments.

An Active Directory domain controller that stores the directory database containing all users and passwords.

A command-line utility that can be used to import and export data to and from Active Directory using the LDAP Interchange Format File format.

A user profile stored on a particular computer that doesn't follow a user across the network.

A user profile with settings that are not changed when a user logs off.

The process by which a network resource or service confirms the identity of a user.

The challenge-response protocol that is used for authentication purposes with operating systems running Windows NT 4.0 or earlier.

A user profile stored on a centralized server that follows a user across a network.

A kerberos ticket granted by a KDC allowing a client to gain access to a network resource or service.

A ticket passed to a client system by the KDC once successful authentication occurs.

An object that is stored in Active Directory that represents all of the information that defines a physical user who has access permissions to the network.

A special user account configured with settings that can be copied in order to simplify the creation of user accounts with common settings.

The desktop and environment settings associated with a particular user account.

The level at which a Windows Server 2003 domain is configured, such as Windows 2000 mixed mode, Windows 2000 native mode, or Windows Server 2003

A group that can only be assigned permission to a resource available in the domain in which it is created. However, group membership can come from any domain within the forest. Created on domain controllers within the domain.

A group that is mainly used for organizing other objects into administrative units. A global group can be assigned permissions to any resources in any domain within the forest. The main limitation of a global group is that it can only contain members of the same domain in which it is created.

A container object that is used to organize a collection of users, computers, contacts, or other groups into a single object reference.

A group that can be used to define permission on a resource object.

A group that can be assigned permissions to any resource in any domain within the forest. These groups can consist of ANY user group object except for local groups.

The default domain function level for a Windows Server 2003 Active Directory domain. Supports Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 domain controllers

A domain functional level that suports both Windows 2000 Server and Windows Server 2003 domain controllers.

A domain function level that supports Windows Server 2003 domain controllers only.

This change is supported as long as the global group is not a member of any other global groups.

This change is supported as long as the domain local group does not have any other domain local groups as members.

This change is supported as long as the universal gropu does not have any other universal groups as a member.

This change is supported as long as the universal group is not a member of any other universal groups.

Hidden shared folders created for the purpose of allowing administrators to access the root of partitions and other system folders remotely.

A predefined Microsoft Management Console (MMC) application that allows administration of a variety of computer-related tasks on the local computer or a remote computer.

A part of the security descriptor of an object that contains a list of user or group references that have been allowed or denied permissions to the resource.

The Windows Server 2003 utility used to manage disk partitions and volumes.

The permissions that actually apply to a user or group based on the different permissions of the user or groups they are members of on a particular resource.

A file system supported in Windows Server 2003 but traditionally associated with MS-DOS operating system. It can be used on partitions or volumes of up to 4 GB in size.

A derivative of another file system that supports partition sizes up to 2 TB, but provides less security features of the latest file system.

The native file system of Windows Server 2003, provides better availability and performance than previous file systems, while also providing the ability to configure local security permissions, compression, encryption and more.

A data resource container that has been made available over ]the network to authorized network clients.

A more granular set of NTFS permissions that allows an administrator a higher degree of control over the abilities assigned to users or groups for a particular resource.

The permissions available on the Security tab of an NTFS file or folder.

The partition from which an operating system begins the boot process. Typlically drive C: is configured as it.

In Windows Server 2003, a partitioned disk that can have up to four partitions and that uses logical drive designations. This type of disk is compatible with MS-DOS, Windows 3.x, Windows 95, Windows 98, Windows XP, Windows NT, Windows 2000, and Windows Server 2003

A process by which fragmented files are rearranged into contiguous areas of disk space, improving file access performance.

An MMC Snap-in user to manage and monitor disks, volumes, and partitions.

A disk in Windows Server 2003, that does not use traditional partitioning, meaning there are no restrictions on the number of volumes that can be set up on one disk or the ability to extend volumes onto additional physical disks.

A partition on a basic disk that is created from unpartitioned free space, and is not formatted with a file system.

Techniques that employ hardware and software to provide assurance against equipment failures, computer service interruptions, and data loss.

A normal and gradual process in which files become divided into different areas of disk space in a volume, resulting in slower file access.

Dedicated and formatted portions of disk space created within an extended partition on a basic disk.

A fault-tolerant disk strategy in which a volume on one dynamic disk has it's contents mirrored to a second dynamic disk.

A partition or volume accessible via an empty folder or an existing NTFS partition. Often implemented to circumvent the need to assign the volume or partition of a drive letter.

A dedicated portion of a basic disk that is potentially bootable, and formatted with a file system. A basic Disk can support a maxium of four of these.

A fault-tolerant disk strategy that consists of creating a single volume across anywhere between three and 32 dynamic disks. It's volumes use disk striping with parity to allow the volume to remain accessible in the event that a single disk with the volume should fail.

Disk performance and fault tolerance strategies that can be implemented on a Windows Server 2003 system with multiple hard disks installed.

A dedicated and formatted portion of disk space on a dynamic disk.

Dedicated and formatted space on between two and 32 dynamic disks that is treated like a single volume.

Dedicated and formatted space on between two and 32 dynamic disks that is treated as a single logical volume, which data striped across the disks in the volume in 64KB blocks.

An interface on a Windows network print client that works with a local software application, such as Microsoft Word, and a local printer driver to format a file to be sent to a local printer or network print server.

A specification supported by Windows Server 2003 that allows printer to be managed from a Web browser, and print jobs to be sent to a printer using the HTTP protocol.

A printer, such as a laser printer, physically attached to a port on the local computer.

A printing device, such as a laser printer, connected to a print server through a network.

Client computer or application that generates a print job.

Files that contain information that Windows Server 2003 uses to convert raw print commands to a language that the printer understands.

A stack of lineup of all requested print jobs waiting to be sent from the spooler to the printer.

The computer in which the printers and print drivers are located. This is usually where you set up and configure the shared printing system.

A configuration object in Windows Server 2003 that controls the connection to the print device.

Security permissions that allow an administrator to control access to printer resources, in manner similar to NTFS permissions.

Consists of a single printer that is connected to a number of print devices.

Configuring multiple printers to print to the same print device. One printer is then configured to print before any of the other printers by adjusting the priority setting from 1 (lowest priority) to 99 (highest priority).

An Active Directory object that represents a link to or direct information on how to use or connect to the shared resource.

A data type often used for printing MS-DOS, Windows 3.x, and UNIX print files.

In the Windows 95, 98, Me, NT, 2000, XP, and 2003 environment, a group of DLLs, information files, and programs that process print jobs for printing.

A data type used for printing text files formatted using the ANSI standard that employs values between 0 and 255 to represent characters, numbers, and symbols.

A controller for the ActiveX scripting engines provided in both Windows-based and command-line versions.

The name of the GPO that is linked to the domain container in Active Directory; used primarily for configuration of domain-wide password policies.

The name of the default GPO that is linked to the domain controllers OU. Used primarily for configuration of policy settings that are only to be applied ot the domain controllers in the domain (i.e. auditing)

A Group Policy feature that enables you to redirect the contents of the Application Data, Desktop, My Documents, My Pictures, and Start menu folders from a user's profile to a network location.

A uniquie 128-bit number assigned to the object when it is created.

This utility can be used to discover Group Policy-related problems and to illustrate which GPO's were applied to a user or computer. It also lists all group memberships of the user or computer being analyzed.

Enables the centralized management of user desktop settings, desktop and domain security, and the deployment and management of software throughout your network.

An Active Directory container that stores information about the GPO and includes a version number that is used by other domain controllers to ensure that they have the latest information.

An Active Directory object that is configured to apply Group Policy and linked to either the site, domain or OU level.

This contains the data that makes up the Group Policy. The template includes all the settings, administrative templates, security settings, software installation settings, scripts and so forth.

A file that contains all the information needed to install an application in a variety of configurations.

A graphical utility included with Windows Server 2003 that enables you to review the aggregated Group Policy settings that apply to a domain user or computer.

A text file that can be used by Group Policy to deploy an application; it has a number of limitations compared to an MSI file.

Active Directory permissions that control whether users or groups can read of modify the attributes associated with Active Directory objects.

The Client software component of Software Update Services.

The wizard available in Active Directory Users and Computers to simplify the delegation of administrative authority.

The mode used to install a program that will be used in a Terminal Services environment.

The extension associated with a saved Microsoft Management Console File.

Active Directory permissions that control the level to which a user can modify an object such as a user account.

The client software used to connect to a server running Terminal Services or Remote Desktop for Administration

A feature that allows administrators to remotely connect to the desktop of a Windows Server 2003 system for administrative purposes.

A feature that allows users to open certain administrative tools or issue commands using alternate credentials.

A server application designed to add control and flexibility over the deployment of security patches and hot fixes to client and server systems on a network.

A Windows Server 2003 feature that allows users to connect to a Windows Server 2003 system and interact with applications as if sitting at the server console.

The normal running mode for a Terminal Services environment.

The Windows feature that allows operating systems to download service packs, patches and hot fixes them from Microsoft in an automated fashion rather than by manual download.

An II Authentication method that utilizes .NET Password user names and passwords.

The name of a virtual directory, or the name used to hide the real name of a directory an to simplify the directory name that would be used to access the information.

Allows users to access a Web Site without having to provide a user name and password.

Refers to determining weather a user has a valid user account with the proper permissions to access a resource such as a shared folder or Web site.

Allows you to limit the network bandwidth that is available for Web and FTP connections to the server.

Prompts users for a user name and password to be able to access the Web resource. The user name and password are then transmitted using Base64 encoding.

An FTP server that responds to TCP/IP port 21 on all configured IP address of the server that are not assigned to another site.

A configured website that responds to TCP/IP port 80 on all unassigned IP addresses of the server. This Website is initially empty and may be used to create a custom Web site for your organization.

Prompts users for a user name and password to be able to access the Web resource. The user name and password are hashed to prevent hackers from obtaining them.

Used to transfer files between two computers that are both running TCP/IP.

The full qualified DNS name that is used to access a Web site on an IIS server.

Does not ask the users for a password but rather uses the client's currently logged-on credentials to supply a challenge/response to the Web server.

A windows Server 2003  component that provides web-related services to an organization.

IIS parameters that are configured on the server and are inheritable by all Web and FTP sites hosted on the server.

IIS 6.0 stores its configuration settings in a database referred to as the IIS metabase.

This protocol is used to encrypt Web Traffic between a client and the Web server.

A connection-based protocol, which means a session is established between the two hosts before any data is transferred.

A mapping to a physical directory containing content to be included on a web site.

A unique web or ftp site that bhaves as if it were on it's own dedicated server.

A folder designed to be accessed from the Internet or an intranet using the HTTP or FTP protocols.