Download (direct link):
Configure and troubleshoot local users and groups
1. Windows XP automatically creates a local user account that is, however, not enabled. Its name is ______.
2. A local user account name has a maximum of ______ meaningful characters.
Troubleshoot cache credentials
3. Cache your Passport name and password by using ______ as the server name.
4. Disable the display of last logged-on user with the ______ administrative tool.
Configure, manage, and troubleshoot account settings
5. For proper security, always ______ the local Administrator account.
Configure, manage, and troubleshoot user and group rights
6. The Windows 2000 built-in group that corresponds most closely to the Users group in Windows NT 4.0 is ______.
7. You can view current user rights assignments by using the ______ administrative tool.
Configure, manage, and troubleshoot auditing
8. To track logon events on a domain, choose the ______ auditing policy.
Configure, manage, and troubleshoot account policy
9. Setting the password history policy is a way of limiting how often users can ______ old passwords.
10. To help foil unauthorized access through repeated logon attempts, set the account ______ policies.
1. Guest. See 'Built-in user accounts' for more.
2. 20. 'Creating local user accounts' offers additional details.
3. *.passport.com. See 'Troubleshooting domain accounts' for more.
4. Local Security Policy. The 'Domains' section explains further.
5. Rename. See 'Built-in user accounts' for more.
6. Power users. 'User rights and built-in local groups' has details.
7. Local security policy. See 'User rights and built-in local groups' for this and related tidbits.
8. Audit account logon events. The 'Auditing User Activities' section provides this nugget.
9. Reuse. See 'Sorry, it's company policy' for other password policy settings.
10. Lockout. 'Sorry, it's company policy' has the details on lockout options.
Windows XP Networking Models
Windows XP supports two basic networking models: workgroups and domains. The exam focuses on domains, but you need to understand the difference between these two models.
In the workgroup, or peer-to-peer, networking model, no central database of users, groups, and access permissions exists. (Another way to say this is that no central logon authority exists.) Instead, each PC user has the option to share resources (printers, disks, folders - not individual files) and to control access to those resources by user or group name. In a workgroup, you typically have no 'dedicated' server: Any PC can act both as client and as server.
Remember Workgroup networking in Windows XP and 2000 is different from workgroup networking in Windows 9x. With 9x systems, you assign passwords to shared resources (Microsoft calls this share-level security), and you have no database of users and groups. With Windows XP and 2000 systems, you use the local database of users and groups on each PC to assign access permissions.
Tip Some small organizations may have only a single workgroup; larger organizations may have several, broken out by department, office, or project. Workgroup names (set on the Computer Name tab of the System control panel) shouldn't exceed 15 characters, shouldn't contain any spaces, and shouldn't duplicate any existing computer names. (Workgroup names, like computer names, are NetBIOS names and so they have the same format.)
Remember If you use a workgroup, the Computers Near Me folder inside the My Network Places folder shows other computers in the same workgroup.
The workgroup networking model is appropriate for up to ten users, according to Microsoft. Administrative chores, such as making backups, are decentralized (shared resources exist on several PCs instead of just one) and therefore unwieldy beyond a small number of computers. However, you don't need to buy a separate license for Windows 2002 or 2000 Server to set up a Windows XP workgroup. You have all the software you need:
* A network adapter driver
* A transport protocol
* A network client (Client for Microsoft Networks)
* A sharing service (File and Printer Sharing for Microsoft Networks, which appears simply as 'Server' in the Services console of the Administrative Tools folder)
Domain-based networks are more common than workgroups in the business environment, and they have a number of advantages: better security, centralized administration, and better expandability. In a simple domain-based network, a central server maintains a database of users, groups, and access permissions, and handles network logons. In Windows XP and 2000, that database is called Active Directory.
One of the cool features of a domain is that Windows may replicate the security database if more than one server is present on the network. In this situation, you can have several servers acting as domain controllers, sharing the same database and updating each other automatically when the database changes on one of the machines. Unlike Windows NT 4.0 Server, Windows 2002 Server and Windows 2000 Server don't distinguish between primary and backup domain controllers; all domain controllers have equal standing.