Active Directory Administration
Knowledge Assessment
Fill in the Blank
1. A(n) _global group_ can only contain members from within the same domain. P105
2. You can use the __CSVDE__ utility to import data from Comma-Separated Values (CSV) files.P114
3. Each user and group object has a(n) _SAM account name_, which must be unique across an entire Active Directory domain.P118
4. The Anonymous Logon group is an example of a(n) _special identity group_.P111
5. You can use the __LDIFDE__ command-line utility to create and modify Active Directory objects. P114
6. When users log onto Active Directory, they receive a(n) _access token_ consisting of all of their security group memberships. P103
7. A local user is stored in the __Security Account Manager (SAM)__ database of the computer on which it was created. P102
8. Each CSVfile needs to begin with a(n) __header record__ when used with the CSVDE command-line tool. P119
9. A(n) __distribution group__ can only be used to send and receive email, not to secure network resources. P104
10. __Group nesting__ is the practice of adding one group as a member of another group.p104
Multiple Choice
1. Which special identity group controls anonymous access to resources in Windows Server 2008?
a. Everyone
b. Network
c. Interactive
d. Anonymous Logon
Prior to Windows Server 2003, the Anonymous Logon group was a member of the Everyone group, which had the potential to create significant security liabilities. Beginning in Windows Server 2003, anonymous access must be configured separately from access granted to the Everyone group. P111
2. What defines the types of objects that can belong to a particular group and the types of resources that group can be used to secure?
a. Group scope
b. Group security
c. Special Identity group
d. Security group
The domain local group scope can contain users or groups from any domain in the forest, but can only be used to secure resources in the same domain as the group. The global group scope