Exam Objectives Frequently Asked Questions

Previous page
Table of content
Next page

The following Frequently Asked Questions, answered by the authors of this book, are designed to both measure your understanding of the Exam Objectives presented in this chapter, and to assist you with real-life implementation of these concepts. You will also  gain access to thousands of  other  FAQs at ITFAQnet.com.

1.  

What exactly is the difference between DACLs and SACLs?

a discretionary access control list (acl) defines which users can access an object and with what level of privileges and is often referred to simply as the acl. the system access control list (sacl) is the part of the object s description that specifies which events are to be audited per user or group. auditing examples include access, logon attempts, or system shutdowns.

2.  

What is the difference between an account group and a resource group ?

an account group contains users or other groups that are granted permissions to objects via acls. a resource group is associated specifically with a resource. resource groups are granted a specific set of permissions on that resource. account groups are added to resource groups to grant those specific permissions to those account groups. a resource might have four different resource groups defining four different sets of permissions. account groups are added to the appropriate resource group to assign those different permissions.

3.  

What s the best way to determine an auditing policy?

there is always a trade-off between auditing events and system performance. if you audit too many events, the log files become huge and filled with often useless or meaningless data. conversely, if you do not audit events appropriately, you might miss trends that indicate possible intrusion or attack. determining which resources are most critical and most vulnerable to what types of attacks will help define an audit policy that is both manageable and meaningful.

4.  

What is the difference between using EFS and using a third-party encryption program? What are the pros and cons of each?

efs is built in to windows server 2003 and provides encryption of files and folders in a manner transparent to users. it does not require user intervention and works seamlessly with windows server 2003. third-party programs might require user intervention, which weakens security. they might also use password-based recovery agents that are vulnerable to relatively simple password attacks. efs uses certificates and encryption to protect files, providing the highest level of protection. third-party programs might not use such strong protection and might create system vulnerabilities. third-party programs can be helpful in mixed operating system environments where efs is not available.

5.  

Our company doesn t use certificates; can we still use EFS?

yes, efs will self-generate certificates for use with efs and file recovery, if no other source of certificates is available. this is especially useful on stand-alone computers that might not have access to network certificate services.

6.  

Can I still back up EFS encrypted files or do I need a special tool for this?

the backup program in windows server 2003 as well as most third-party backup utilities support copying encrypted files for backup. in windows server 2003, those files will remain encrypted when backed up to other media and will remain encrypted when restored from backup media.

7.  

We use RAID and mirrored sets, so we don t need additional backups , do we?

both provide redundancy, which helps eliminate single points of failure and reduces the likelihood of data loss through device failure. however, since all your data is still in one location or at one site, it is still vulnerable to other issues such as virus infection, malicious data corruption, or even a natural disaster that can damage or destroy a site. creating backups and storing them safely offsite will help you recover if any of these events occur.

8.  

What is the difference between ASR, Emergency Management Console, and Recovery Console?

the automated system recovery is made when a backup set is made and allows you to recover system data. this provides the capability to restore a system because the asr, matched to a backup set, will re-establish system variables and system states, while backups restore data files. the emergency management console can be installed on a system. when installed, it allows an administrator to connect to it via an out-of-band connection such as a serial port or rj-45 ethernet port, to issue commands that can manage a disabled system remotely. emergency management console uses console redirection to send and receive simple commands for managing a system. the recovery console can be installed on a system and used as a recovery option in the event a system shuts down or fails unexpectedly. the recovery console, when enabled, is an option at startup that can be used if safe mode and other start up options fail.

Answers

1.  

A discretionary access control list (ACL) defines which users can access an object and with what level of privileges and is often referred to simply as the ACL. The system access control list (SACL) is the part of the object s description that specifies which events are to be audited per user or group. Auditing examples include access, logon attempts, or system shutdowns.

2.  

An account group contains users or other groups that are granted permissions to objects via ACLs. A resource group is associated specifically with a resource. Resource groups are granted a specific set of permissions on that resource. Account groups are added to resource groups to grant those specific permissions to those account groups. A resource might have four different resource groups defining four different sets of permissions. Account groups are added to the appropriate resource group to assign those different permissions.

3.  

There is always a trade-off between auditing events and system performance. If you audit too many events, the log files become huge and filled with often useless or meaningless data. Conversely, if you do not audit events appropriately, you might miss trends that indicate possible intrusion or attack. Determining which resources are most critical and most vulnerable to what types of attacks will help define an audit policy that is both manageable and meaningful.

4.  

EFS is built in to Windows Server 2003 and provides encryption of files and folders in a manner transparent to users. It does not require user intervention and works seamlessly with Windows Server 2003. Third-party programs might require user intervention, which weakens security. They might also use password-based recovery agents that are vulnerable to relatively simple password attacks. EFS uses certificates and encryption to protect files, providing the highest level of protection. Third-party programs might not use such strong protection and might create system vulnerabilities. Third-party programs can be helpful in mixed operating system environments where EFS is not available.

5.  

Yes, EFS will self-generate certificates for use with EFS and file recovery, if no other source of certificates is available. This is especially useful on stand-alone computers that might not have access to network certificate services.

6.  

The Backup program in Windows Server 2003 as well as most third-party backup utilities support copying encrypted files for backup. In Windows Server 2003, those files will remain encrypted when backed up to other media and will remain encrypted when restored from backup media.

7.  

Both provide redundancy, which helps eliminate single points of failure and reduces the likelihood of data loss through device failure. However, since all your data is still in one location or at one site, it is still vulnerable to other issues such as virus infection, malicious data corruption, or even a natural disaster that can damage or destroy a site. Creating backups and storing them safely offsite will help you recover if any of these events occur.

8.  

The Automated System Recovery is made when a backup set is made and allows you to recover system data. This provides the capability to restore a system because the ASR, matched to a backup set, will re-establish system variables and system states, while backups restore data files. The Emergency Management Console can be installed on a system. When installed, it allows an administrator to connect to it via an out-of- band connection such as a serial port or RJ-45 Ethernet port, to issue commands that can manage a disabled system remotely. Emergency Management Console uses console redirection to send and receive simple commands for managing a system. The Recovery Console can be installed on a system and used as a recovery option in the event a system shuts down or fails unexpectedly. The Recovery Console, when enabled, is an option at startup that can be used if safe mode and other start up options fail.



Previous page
Table of content
Next page
MCSE Designing Security for a Windows Server 2003 Network. Exam 70-298
MCSE Designing Security for a Windows Server 2003 Network: Exam 70-298
ISBN: 1932266550
EAN: 2147483647
Year: 2003
Pages: 122
Authors: Elias Khasner, Laura E. Hunter
BUY ON AMAZON
Metrics and Models in Software Quality Engineering (2nd Edition)
Building Web Applications with UML (2nd Edition)
SQL Hacks
Introduction to 80x86 Assembly Language and Computer Architecture
Competency-Based Human Resource Management
Understanding Digital Signal Processing (2nd Edition)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy