Scribd
Upload
20 views

week

Uploaded by

labhash29
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
20 views

week

Uploaded by

labhash29
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

Task 2: Windows Domains

1. Which group normally administrates all computers and resources in a


domain?
The Domain Admins group has high level permissions to manage Active Directory,
computers and resources in the domain. They control and maintain all domain
connected devices.
2. The server in charge of running the Active Directory services is called
A Domain Controller is a server that manages Active Directory services. It handles
user logins, enforces group policies and manages various operations related to the
domain.

Task 3: Windows Domains

3. Which group normally administrates all computers and resources in a


domain?
The Domain Admins group is responsible for managing these tasks.
4. What would be the name of the machine account associated with a machine
named TOM-PC?

The name of the machine account associated with a machine named TOM-PC would
be TOM-PC$.

5. Suppose our company creates a new department for Quality Assurance. What
type of containers should we use to group all Quality Assurance users so that
policies can be applied consistently to them?

You should use an Organizational Unit (OU). OUs help group users and apply
policies to them easily.

Task 4: Managing Users in AD

6. What was the flag found on Sophie's desktop?


It depends on your environment or lab setup.
7. The process of granting privileges to a user over some OU or other AD Object
is called.

The process of granting privileges to a user over an OU other AD object is called


delegation of control.

Task 5: Managing Computers in AD

8. After organizing the available computers, how many ended up in the


Workstations OU?
The exact number depends on organization.
9. Is it recommendable to create separate OUs for Servers and Workstations?
Yes, it is a good idea to create separate OUs for Servers and Workstations. This
makes it easier to manage them apply specific policies and delegate control as needed.
Task 6: Group Policies

10. What is name of network share used to distribute GPOs to domain machines?

The name of the network share used to distribute GPOs to domain machines is
SYSVOL.

11. Can GPO be used to apply settings to users and computers?


Yes

Task 7: Authentication Methods

12. Will a current version of Windows use NetNTLM as the preferred


authentication protocol by default?
No
13. When referring to Kerberos, what type of ticket allows us to request further
tickets known as TGS?
In Kerberos, the ticket that allows us to request further tickets (TGS) is called a Ticket
Granting Ticket (TGT).
14. When using NetNTLM, is a user's password transmitted over the network at
any point?

Task 8: Trees, Forests, and Trusts

15. What is a group of Windows domains that share the same namespace called?

A group of Windows domains that share the same namespace is called a tree.

16. What should be configured between two domains for a user in Domain A to
access a resource in Domain B?

To allow a user in Domain A to access a resource in Domain B a trust relationship


should be configured between the two domains.
Task 2: OSINT and Phishing

17. What popular website can be used to verify if your email address or
password has ever been exposed in a publicly disclosed data breach?
A popular website to check if your email or password has been exposed in a data
breach is Have I Been Pwned
18. What does OSINT stand for and what is it?
OSINT stands for Open Source Intelligence. It means collecting information from
public sources like websites, social media, or news. It is used to gather useful data.
19.
20. By
using OSINT techniques, what can you possibly uncover that can
compromise an AD domain?

Using OSINT techniques, you can uncover information like exposed credentials,
email addresses, domain details or misconfigured systems. These can be used to
compromise an Active Directory (AD) domain.

21. What is phishing?

Phishing is a scam to steal sensitive information. Attackers pretend to be trusted


sources using fake emails or websites.

22. Explain one way that phishing can be used to breach AD.

Phishing can trick users into giving their AD login credentials. Attackers send fake
emails with links to fake login pages. When users enter their details attackers steal
them and access the domain.

You might also like