Security Settings in Windows

Question 1

What is a SID?

Answer 1

Security IDentifier. Key that unlocks resources on the computer and network

Question 2

What a groups used for in windows?

Answer 2

• Access control
• User rights
• Group policy scoping
• MDM

Question 3

What are local accounts?

Answer 3

Accounts that are stored on the computer, no network is required.

Question 4

What are built in local groups?

Answer 4

Different types of users for a local computer:
- Admin
- Backup Operators
- Guests
- Remote Desktop Users
- Users

Question 5

What is an administrator user allowed to do on Windows local device?

Answer 5

They can do everything.

Question 6

What is a Guest user allowed to do on Windows local device?

Answer 6

Log on but not access system settings

Question 7

What can a power user do on windows local accounts?

Answer 7

Perform limited admin functions

Question 8

What is Kerberos?

Answer 8

A secure network authentication protocol designed to verify user or host identities over insecure networks using ticket-based, mutual authentication

Question 9

What is Entra ID?

Answer 9

Cloud-based directory, managed by Microsoft

Question 10

What are Entra ID usually used for (user wise)?

Answer 10

Users who primarily work with cloud-based apps and services

Question 11

What are some log-in options for windows?

Answer 11

• Username and password
• PIN
• Passwordless

Question 12

What are some passwordless login in options for windows?

Answer 12

• Windows Hello (face, fingerprint)
• Authenticator apps
• FIDO02 security keys

Question 13

Where does identity data go?

Answer 13

Local windows device and never roams (not central), to reduce vulnerability.

Question 14

What is Windows Hello for Bussiness?

Answer 14

Used to unlock/access content and permissions not just logon

Question 15

What is the Effective Access Tab for?

Answer 15

To specify the what permissions a user has on a file or folder

Question 16

What are user rights?

Answer 16

Privileges like permissions but only applies to users and groups.

Question 17

What are examples of encryption in place?

Answer 17

• EFS
• BitLocker, BitLocker To Go

Question 18

What are some examples of encryption in transit?

Answer 18

• IPSec
• VPN tunnelling

Question 19

What is EFS?

Answer 19

Individual file and folder encryption that is tied to user credentials

Question 20

What is EFS encryption tied to?

Answer 20

User certificates.

Question 21

What is IPSec?

Answer 21

Encryption of communication/data in transit

Question 22

What are NTFS permsissions?

Answer 22

Local permissions applied to a file/folder

Question 23

What are share permissions?

Answer 23

Permissions for over the network

Question 24

What is BitLocker?

Answer 24

Full Disk Encryption for the entire OS drive

Question 25

What is BitLocker-To-Go?

Answer 25

Full Disk encryption for removable USB drives

Question 26

What is group policy?

Answer 26

Allows Windows domain administrators make OS and application settings that apply to one or more subsets of the network

Question 27

What order a networked group policies processed?

Answer 27

1. Local GPO 2. Site-Linked GPOs 3. Domain-Linked GPOs 4. OU-linked GPOs

Question 28

When do Group Policy Refresh?

Answer 28

For computers every time it boots but for user every time they logon

Question 29

What are user rights?

Answer 29

Actions constrained to users