Please enter something
Home Page Flashcards Creating Group Policy Objects - Flashcards

Creating Group Policy Objects – Flashcards

Richard Lattimore
8 July 2022

Unlock all answers in this set

Unlock answers
question
Describe Security Filtering
answer
This is the process of applying to a GPO to a container, BUT only making it apply to SELECTED security principals. The "Apply Group Policy" permission to one or more users or security groups is selectively applied
question
Windows 2008R2 and Vista can support multiple GPO's? True or False
answer
True Listen Up... Windows Server 2008 R2 and Windows Vista can support multiple local GPOs. This enables you to specify a different local GPO for adminis- trators or to create specific GPO settings for one or more local users configured on a worksta- tion. This capability is particularly valuable for computers in public locations such as libraries and kiosks, which are not part of an Active Directory infrastructure. Older Windows releases (prior to Windows Vista) can support only one local GPO, and the settings in that local GPO can apply only to the computer, not to individual users or groups.
question
Name the path location where are local GPO's are stored?
answer
%systemroot%/System32/GroupPolicy
question
When a local and domain based GPO conflict, which one wins?
answer
Domain
question
What is the difference between GPT and GPC
answer
GPC describes the LOGICAL attributes/settings of the GPO GPT are the actual PHYSICAL settings that will be processed by the client Listen up.... The Group Policy Template is where the meat of the GPO resides. By way of comparison, think of how Active Directory represents a computer object. It lists all the relevant attributes of the computer, but the object in Active Directory is not the computer itself. In a similar way, the portion of the GPO in Active Directory merely represents the attributes relevant to the GPO content. The content itself is known as the Group Policy Template, or GPT, and it resides in a share known as SYSVOL
question
What is a starter GPO
answer
This is a 'template' for the creation of GPO's When a GPO is created using a starter template, all the settings in the template are automatically copied over to it
question
What are the names of the two default GPOs created when AD DS is installed?
answer
Default Domain Policy Default Domain Controller Policy.
question
Where are GPT stored
answer
Domain Controllers
question
What is the path to the GPT
answer
%systemroot%SYSVOLsysvolPolicies
question
How does AD INTERNALLY name GPO
answer
Using a GUID When a GPO is created a GUID is generated. This GUID is used for the name of the GPT created on the DC and as internal moniker for the GPO itself.
question
What is the purpose of administrative templates (ADMX) files
answer
Administrative templates are the files defining the registry-based settings that appear in Group Policy objects
question
You open the GPMC and click the Inheritance tab. You observe 2 Policies numbered as follows: 1 Sales 2 Default Domain Policy Which of these two policies will be processed last, and what is the significance of this?
answer
The Sales policy will be processed last. This means that any conflicts between the policies will be overriden by the Sales policy. That is the Sales policy will win.
question
Describe in simple terms 'Loopback' processing
answer
As the name implies, Loopback Processing enables the Group Policy processing order to circle back and reapply the computer policies after all user policies and logon scripts run Listen Up... Below is a scenario involving Loopback processing For example, consider an academic environment in which the user objects for administrative accounts, such as teachers and staff, are placed in a separate Admin OU. All workstation computer objects are located in a Lab OU. In computer labs, anyone can log on to the network. However, when users in the Admin OU log on to lab computers, their User Configuration settings configure the computers to print on printers located in their offices, and install applications on the lab computers intended only for the users' office computers. Teachers complain that they have to walk back to their offices to pick up print jobs that should print on the printers located in the lab. In addition, applications that should not reside on the lab computers are installed there and now must be removed. One solution to this problem is to use the Replace option in Loopback Processing. When you set the Replace option, the system applies only the user settings from the Lab OU applied. This resolves the issue of applying unwanted settings on shared computers from other locations in the AD DS hierarchy
question
Explain how the COMPUTER nodes for Software Settings and Windows Settings are applied
answer
The Software/Windows Settings folder located under the COMPUTER Configuration node contains Software Installation settings that apply to all users who log on to the domain using a specific computer. These settings are applied before the user logs on
question
Explain how the USER nodes for Software Settings and Windows Settings are applied
answer
The settings under the USER nodes contains are applied to users designated by the Group Policy, regardless of the computer from which they log on.
question
Administrative templates control what part of a computers setting?
answer
Registry
question
If a policy setting is disabled in the registry by default, and you have a lower priority GPO that explicitly enables that setting, what must you do to restore the default setting (ie disabled?) A. Configure a higher GPO to disabled B. Configure a higher GPO to Enabled C. Configure a higher GPO to Not Configured D. Configure a higher GPO with Loopback processing?
answer
A Listen up... You must configure a higher priority GPO to disable the setting, if you want to restore it to its default. Applying the Not Configured state does not change the setting, leaving it enabled.
question
What is the difference between the Group Policy Object Editor and Group Policy Management Editor
answer
Group Policy Object Editor - used for LOCAL group policy editing Group Policy Management Editor - AD DS group policy editing
question
Which of the following types of files do Group Policy tools access from a Central Store by default? a. ADM files b. ADMX files c. Group Policy objects d. Security templates
answer
B
question
Which of the following local GPOs takes precedence on a system with multiple local GPOs? a. Local Group Policy b. Administrators Group Policy c. Nonadministrators Group Policy d. User-specific Group Policy
answer
D
question
Which of the following techniques can you use to apply GPO settings to a specific group of users in an OU? a. GPO linking b. Administrative templates c. Security filtering d. Starter GPOs
answer
c
question
Which of the following best describes the function of a starter GPO? a. A starter GPO functions as a template for the creation of new GPOs. b. A starter GPO is the first GPO applied by all Active Directory clients. c. Starter GPOs use a simplified interface for elementary users. d. Starter GPOs contain all of the settings found in the default Domain Policy GPO.
answer
A
question
When you apply a GPO with a value of Not Configured for a particular setting to a system on which that same setting is disabled, what is the result? a. The setting remains disabled. b. The setting is changed to not configured. c. The settings is changed to enabled. d. The setting generates a conflict error.
answer
A
question
Local GPOs are stored ______, whereas Domain GPOs are stored _____. a. in Active Directory; in Active Directory b. in Active Directory; on the local computer c. on the local computer; in Active Directory d. on the local computer; on the local computer
answer
C
question
By default, linking a GPO to a container causes all the users and computers in that container to receive the GPO settings. How can you modify the default permission assignments so that only certain users and computers receive the ermissions and, consequently, the settings in the GPO? a. You cannot separate or divide permission assignments within the linked container. b. You can create and link a different GPO to the applicable objects, overriding the previous GPO. c. You remove the applicable objects and place in a new container. d. You apply security filtering in the Group Policy Management console.
answer
D
question
When multiple GPOs are linked to a container, which GPO in the list has the highest priority? a. The last b. The first c. The most permissive d. The most restrictiv
answer
b The first one in the list is the last to be processed and therefore has higher priority
question
Group Policy settings are divided into two subcategories: User Configuration and Computer Configuration. Each of these two settings is further organized into three subnodes. What are the three subnodes? a. Software Settings, Windows Settings, and Delegation Templates b. Software Settings, Windows Settings, and Administrative Templates c. Security Settings, Windows Settings, and Delegation Templates d. Security Settings, Windows Settings, and Administrative Templates
answer
D
question
What is the order in which Windows systems receive and process multiple GPOs? a. LSOUD (local, site, OU, and then domain) b. LOUDS (local, OU, domain, and then site) c. SLOUD (site, local, OU, and then domain) d. LSDOU (local, site, domain, and then OU)
answer
D
question
Select the best answer What are the different types of Group Policy objects (GPOs)? a. Computer, user, and organizational unit b. Local, domain, and starter c. Local, domain, and universal d. Site, domain, and organizational unit
answer
d
question
Installing Windows Server 2012 Active Directory Domain Services (AD DS) installs two default policies: Default Domain Policy and Default Domain Controller Policy. As an administrator, you need different policy settings than the default. What is the best approach to make those changes? a. Add new settings in the default policies as needed. b. Create new GPOs to augment or override the existing default settings. c. Change existing ones in the default policies as needed. d. Link a new GPO using the AD DS role.
answer
B
question
Choose the best answer Group Policies applied to parent containers are inherited by all child containers and objects. What are the ways you can alter inheritance? a. Using the Enforce, Block Policy Inheritance, or Loopback settings. b. Using Active Directory Administrative Center (ADAC) to block inheritance. c. Inheritance can be altered by making the applicable registry settings. d. Using the Enforce or Block Policy Inheritance settings.
answer
A
Get an explanation on any task
Get unstuck with the help of our AI assistant in seconds
New
Get unstuck with AI assistant right now
  • Enter your topic/question
  • Receive an explanation
Pro tips to get quality response
  • Ask one question at a time
  • Enter a specific assignment topic
  • Aim at least 500 characters
Question
What is the right structure for an essay
Answer
A paragraph is a related group of sentences that develops one main idea. Each paragraph in the body of the essay should contain:
  • a topic sentence that states the main or controlling idea
  • supporting sentences to explain and develop the point you’re making
  • evidence from your reading or an example from the subject area that supports your point
  • analysis of the implication/significance/impact of the evidence finished off with a critical conclusion you have drawn from the evidence.