Network Administration Test #3

Remote access technology

Connects to DMZ server resources from outside the organization

Remote access server

DMZ server that accepts requests from remote access clients

Remote access client

Connects to the DMZ remote access server using encryption provided by the remote access server. Authenticated by RAS first.

Two network interfaces a RAS requires:

−One connected to the demarc and assigned a public IP address resolved using a host record in a publicly registered DNS zone
-One connected to the DMZ

Three main remote access technologies used to obtain access to servers in a DMZ from across the internet that Microsoft provides:

VPNs, DirectAccess, Remote Desktop Services

Each remote access technology:

Provides its own protocols, supports different authentication and encryption types

VPNs are:

Used for remote access across the internet, In use since the 1990s, Most widely implemented remote access technology today

VPN tunnel

Provides encrypted channel between network systems with each end represented by interfaces configured with an IP address.

Requests for internet resources from remote access clients are:

Forwarded to NAT router or NGFW before being sent to the Internet

Remote access clients configured with split tunneling:

Access resources in their organization's DMZ across the VPN tunnel, Use their physical network interface default gateway to access internet

Four VPN protocols:

Point-to-Point Tunneling Protocol (PPTP), Layer Two Tunneling Protocol (L2TP), Internet Key Exchange version 2 (IKEv2), Secure Socket Tunneling Protocol (SSTP)

Point-to-Point Tunneling Protocol (PPTP)

Encrypts data using Microsoft Point-to-Point Encryption (MPPE)

Layer Two Tunneling Protocol (L2TP)

Relies on IP Security (IPSec) for encryption

Secure Socket Tunneling Protocol (SSTP)

Uses Secure Sockets Layer (SSL) encryption with 128-bit keys, and Transport Layer Security (TLS) with 256-bit keys

PPTP port numbers

1723/TCP

L2TP/IKEv2 port numbers

1701/TCP, 500/UDP, 4500/UDP (if using NAT)

SSTP port numbers

443/TCP

True or False. Establishing a VPN tunnel doesn't require credentials to authenticate.

False

PAP

Password Authentication Protocol, not encrypted, last resort.

CHAP

Challenge Handshake Authentication Protocol, generates hash and validates with challenge and response mechanism, can't be used for PPTP vlans.

MS-CHAP v2

Microsoft Challenge Handshake Authentication Protocol version 2, Microsoft native CHAP with stronger authentication

EAP

Extensible Authentication Protocol, authentication system that allows for multiple authentication methods.

Four Microsoft VPN authentication methods:

PAP, CHAP, MS-CHAP v2, EAP

A RADIUS server provides:

Centralized authentication and logging, and remote access policies

What interface protect traffic between two networks using VPNs?

demand-dial

Where to configure security options and authentication methods:

Server Properties, Security Tab

Filesystems supported by Windows Server 2019:

NTFS, ReFS, FAT32, and exFAT

True or False. A read-only attribute on a folder only applies to the contents rather than the folder itself.

True

Four advanced attributes:

Archive, index, compress, and encrypt

Archive attribute:

Indicates the folder or file needs to be backed up, automatically enabled on files but not folders.

Index attribute:

Are put in a pre-created list used when searching by the Windows Search Service, all new files have it automatically

Compress attribute:

System compresses the files and then automatically decompresses when accessed

Encrypt attribute:

Applies encryption before data is written to filesystem

6 basic NTFS/ReFS folder and file permissions:

Full control, Modify, Read and execute, List folder contents, Read, and Write

13 advanced NTFS/ReFS folder and file permissions:

Traverse folder/execute file, List folder/read data, Read attributes, Read extended attributes, Create files/write data, Create folders/append data, Write attributes, Write extended attributes, Delete subfolders and files, Delete, Read permissions, Change permissions, and Take ownership

True or False. Folder or file has one owner and owner cannot change ownership to another user.

False, ownership can be changed.

Two DFS server roles:

DFS Namespaces and DFS Replication

True or False. Each DFS server role work independently of each other but are managed using the same DFS management tool.

True

What is used to prevent users from consuming too much space on the file server?

Quotas

Three NTFS features for restricting content

User quotas, folder quotas, file screens

Two types of quotas:

Hard and soft quotas

Two types of file screens:

Active and passive screening

True or False. Monitoring is the most time-consuming task.

True

Monitoring:

Examine network connectivity, view log files, and run performance utilities to identify problems and their causes

Proactive maintenance:

minimizes the chance of future problems

Reactive maintenance:

corrects problems during monitoring

5 steps to take when a problems occurs:

Gather information about it, Isolate the problem, Generate a list of possible causes and solutions, Implement and test possible solutions for results until problem resolved, Document the solution and take proactive maintenance measures

Two golden rules of any troubleshooting process:

Prioritize problems and try to solve the root of the problem

Task manager default display:

short list of processes started by the current user

Default performance tab display:

CPU hardware utilization

Committed memory

virtual memory from the paging file

Cached memory

used to speed filesystem access for processes

Paged pool memory

can be transferred to the paging file if necessary

Non-paged pool memory

cannot be transferred to the paging file

Rogue processes

have encountered an error forcing use of unusually large amount of processor time

Memory leaks

processes continually use more memory until system memory exhausted

Windows Server 2019 additional monitoring and troubleshooting tools:

Task manager, resource monitor, performance monitor, event viewer

Three components of performance information:

Performance objects, performance counters, instances

5 common performance objects:

Processor, Memory, PhysicalDisk, LogicalDisk, Network Interface

Five standard Windows event logs:

Application, Security, Setup, System, Forwarded Events

Six different event levels:

Information, Warning, Error, Critical, Audit Success, Audit Failure

Performance-Related Problems:

Occur when sstem software requires more hardware reources than currently available

Two different sections Group Policy settings stored in:

Computer configuration and user configuration

Computer configuration:

applied at boot time by computer

User configuration:

applied when domain users log in

GPOs applied in this order:

Site, Domain, Parent OU, Child OUs