Cybersecurity Fundamentals Block 4 Unit 3

Windows Server

Version of Microsoft's OS currently used by the Air Force.

Windows Server Features

-Centralized administration

-Centralized management of resources

-Security

-Scalability and compatibility

-Reliability

-Fault tolerance and recovery

Windows Domain

Network where all user accounts, computers, and printers are registered in a central database located on one or more specialized servers known as Domain Controllers.

AD Purpose

Powerful tool allowing multiple sites, domains, and even the internet to fully integrate.

Directory

A list organizing resources and associates' characteristics.

Active Directory (AD)

Directory service which stores information about all network resources such as servers, printers, user accounts, security policies, and other information across a domain.

AD Structure

Tree-like structure. With physical and logical components.

-Forests

-Trees

-Domains

-Organizational Units

-Objects

-Sites

AD Logical Structure

Grouping of objects based on how they logically function together. Enables finding a resource by name rather than physical location.

-Partition

-Configuration

-Schema

-Domain

-Forest

-Forest Root

-Domain Tree

-Organizational Unit

-Objects

-Leaf

Active Directory Physical Structure

-Sites

-Domain Controller

-Global Catalog Server

-Member Servers

-Domain Clients

Partition

Directory partition is where AD information is segregated and logically stored. Every domain controller has 3 directory partitions.

-Configuration

-Schema

-Domain

Configuration

Contains replication tech and other configuration data that must be replicated through the forest. Basically forest rules.

Schema

Object classes, attributes, and syntaxes stored in containers. Also defines rules that ensure objects are created with consistency.

Domain

Logical structure based on requirements of an organization. Group of users, servers, and other resources sharing a centralized database of account and security information.

Access Control List (ACL)

Keeps track of who has access to objects within a domain.

Forest

Collection of one or more domain trees sharing common global catalog, directory schema, logical structure, and directory configuration.

Domain Tree

Collection of one or more domains that share a common namespace. AD allows multiple domains in a hierarchical tree structure with a root domain or parent as its base.

Forest Root

First domain in the AD forest. Provides the foundation for the AD infrastructure. Bust be created before any regional domains.

Child Domain

Regional domains created after the root in a Windows® Server hierarchy.

Organizational Unit

Subdivision of an AD which you can place users, groups, computers, and other organizational units. Where objects are held.

Objects

Basic element of AD in Windows that represents something on a network. (Computer, user, group, printer, shared folder). Given globally unique ID when created.

Leaf

An object not storing any objects and signifies an endpoint of a tree or subtree.

Sites

Maps the physical structure of a network where domains map the logical structure of an organization. Defined by subnets.

Domain Controller

Most important server on a network. Manages the domain security policy. Users must be authenticated to allow access to resources in the domain.

Global Catalog Server

A domain controller that also contains a subset of active directory domain services objects from other domains in the forest.

Member Servers

Belongs to the domain but not domain controller. Usually used for dedicated network purposes like file and print servers, database servers, or web servers.

Domain Clients

A computer that has an account in active directory. It can run the users desktop environment and allow the user to gain access to resources in the domain.