MCSE Now

An access mask is a 32-bit value that specifies which operations by the user or group are allowed, denied, or audited in an access control entry (ACE) of an access control list (ACL). It is also used to request access rights when an object is opened.

Access control entry (ACE) is an entry in an object’s discretionary access control list (DACL) that grants permissions to a user or group. It is also an entry in an object’s system access control list (SACL) that specifies the security events to be audited for a user or group.

Multicast boundaries are administrative barriers to the forwarding of IP multicast traffic. Without boundaries, an IP multicast router forwards all appropriate IP multicast traffic. Administrators can create multicast boundaries by a range of IP addresses known as a multicast scope, by the value of the Time to Live (TTL) field in the IP header, or by the rate of multicast traffic.

A network sniffer is a hardware and software diagnostic tool. It can also be used to decipher passwords, which may result in unauthorized access to network accounts. Plain text passwords are highly vulnerable to network sniffers.

Reverse lookup is a type of query in which a client computer uses another computer’s address and tries to determine the DNS name of the computer. This type of query is important for programs that implement security based on the connecting Fully Qualified Domain name (FQDN), and is also used for troubleshooting a TCP/IP network. Reverse lookup uses the A, SOA, NS, MX, SRV, PTR, and CNAME DNS resource records to perform reverse lookups.

Remote Desktop for Administration is a component of Windows Server 2003 Terminal Services, which is designed for server management. It is a convenient and efficient service for remote management, as it can be used on an already busy server without noticeably affecting CPU performance. Administrators can fully administer computers running Windows Server 2003 family operating systems from computers running earlier versions of Windows by installing the Remote Desktop Connection.

Note: Remote Desktop for Administration does not require purchasing special licenses for client computers that access the server.

The parent-child trust is a two-way transitive trust. It is established implicitly (automatically) when a child domain is added to a tree.

Often referred to as a cross-link trust, the shortcut trust is a transitive trust, which can be one-way or two-way. This trust is explicitly (manually) created by administrators between two domains in a same forest to improve a user’s logon time. This trust is extremely useful whenever two domain trees separate the domains.

Replication is a process through which the changes made to a replica on one domain controller are synchronized to replicas on all other domain controllers in the network. Each domain controller stores three types of replicas:
•Schema partition: This partition stores definitions and attributes of objects that can be created in the forest. Changes made in this partition are replicated to all the domain controllers in all the domains in the forest.

•Configuration partition: This partition stores the logical structure of the forest deployment. It includes the domain structure and replication topology. Changes made in this partition are replicated to all the domain controllers in all the domains in the forest.

The synchronization log stores information about the synchronization of contents. The log contains the following synchronization information:

• The success and failure information for the overall synchronization operation.
• The time of the next synchronization if scheduled synchronization is enabled.
• The update packages that have been downloaded or updated since the last synchronization.
• The synchronization log can be accessed from the SUS
• The update packages that have been downloaded or updated since the last synchronization.
• AdministraThe synchronization log can be accessed from the SUS tion console or can be directly accessed by using the text editor.