Hollis IS3230 Lab1
Unit 1 Lab
Jorge L. Lopez
1. DACL (Discretionary access control list) allows or denies trustees access to computer and network resources. It identifies group permissions and determines whether to allow access a securable object or process.
2. Because it’s easier to manage a group than individuals. Once you have the group setup with permissions, you add or remove employees.
3. Read, Write, Full Control, or No Access
5. Strong and complex passwords: * Letters (capital and lower case) * Numbers * Symbols * Force employees to change passwords every 90 days * Do not let them use old passwords * Force employees to use minimum 8 characters
6. Enabling Store Passwords Using Reversible Encryption determines whether Windows stores passwords using reversible encryption. Enabling this is essentially the same as storing passwords in plain text which is insecure and not recommended.
7. Domain policy is a default policy for domain computers. Local policies are for your local computer. Domain policies will overwrite local policies.
8. GPOs are processed in the following order: The local GPO is applied, GPOs linked to sites are applied, GPOs linked to domains are applied, and GPOs linked to organizational units are applied. For nested organizational units, GPOs linked to parent organizational units are applied before GPOs linked to child organizational units are applied.
9. Administrative Templates are a large repository of registry-based changes, by using the Administrative Template sections of the GPO you can deploy modifications to machine (called HKEY_LOCAL_MACHINE in the registry) and user (called HKEY_CURRENT_USER in the registry) portions of the Registry of computers that are influenced by the GPO.
10. The Group Policy Management Console (GPMC) unifies Group Policy management.