This lab provides students with the hands-on skills needed to create a new Active Directory domain in Windows Server 2003 and demonstrates how to configure a centralized authentication and policy definition for access controls. The Active Directory users and workstation plug-ins will be used to create users, groups, and configure role-based access permissions and controls on objects and folders in a Windows Server 2003 Active Directory system. Lab Assessment Questions & Answers 1. What two access controls can be set up for Windows Server 2003 folders and authentication?
The two access controls that can be set up for Windows Server 2003 folders and authentication User or Group access to the folder and the ability to modify contents of the folder. 2. you can browse a file on a Windows network share, but are not able to copy it or modify it, what type of If access controls and permissions are probably configured? The type of access controls and permissions that are probably configured are Modify , Read or Full control. 3. What is the Windows tool that allows you to administer granular policies and permissions on a Windows network using role-based access?
The Windows tool that allows you to administer granular policies and permissions on a Windows network using role-based access is the Group Policy Object Editor 38351_LB03_Pass2. indd 50 26/02/13 11:54 PM Assessment Worksheet 51 4. Relate how Windows Server 2008 R2 Active Directory and the configuration of access controls achieve CIA for departmental LANs, departmental folders, and data. Windows Server 2008 R2 Active Directory and the configuration of access controls achieve CIA for departmental LANs and departmental folders and data by using user authentication (logon/password) to access the network.
It also give users or groups permissions or deny them access to files or folders. 5. Would it be a good practice to include the account or user name in the password? Why or why not? No because then hackers will have an easier time hacking the password 6. Can a user who is defined in the Active Directory access a shared drive if that user is not part of the domain? No a user cannot access a shared drive if that user is not part of that domain. Windows Server 2003 require a user’s logon/password credentials prior to accessing shared drives 38351_LB03_Pass2. indd 51