MCSE: Windows Server 2003 Active Directory and Network Infrastructure Design Study Guide (70-297)

Members of an organization who are responsible for the resources within a domain or forest.

The ability to have control over the resources you maintain but not have the ability to isolate those resources from forest owners .

An attack method that manipulates data so that the attacker can either harm the data or change the way the data works.

Controlling and maintaining resources from more than one location, or having different administrative groups perform management of resources at different locations.

The policy that is enacted on a domain and enforced on all users by default. This is where the account policies that control password, lockout, and Kerberos settings are located by default.

DNS record that defines the name servers that are responsible for lowerlevel domains.

Attack type that interferes with the normal operation of a system so that it cannot perform the functions for which it is configured.

Based on the structure of the business units, this model reflects the internal organization of the company and the clearly delineated lines between job responsibilities.

See back-to-back firewalls .

See Dynamic Host Configuration Protocol (DHCP) .

Password cracking method that uses words from a dictionary to determine what password is used.

See demilitarized zone (DMZ) .

See Domain Name System (DNS) .

Hierarchical name resolution method that allows clients to resolve a system s IP address from its hostname or its hostname from an IP address.

The administrative staff who have been assigned the full control of the domain. Domain admins are the default domain owners.

Changing the original domain structure, usually by collapsing multiple domains into a single domain.

See Denial-of-Service (DoS) attack.

Service used to configure IP address and TCP/IP options to network clients.