[Exam 70-270] – Chapter 1/Lesson 3 – Workgroups and Domains
Oct0
I- Workgroups
- Workgroup is a logical grouping of networked computers that share resources such as files/printers.
- Workgroup is also called a peer-to-peer network because all computers can share resources equally without having a dedicated server.
- Each computer maintain its local own security database.
1- Advantage
- Decentralized administration since each computer maintain its own local security database.
- Does not require a domain controller to hold centralized security information thus making managing a workgroup easier.
- Does not require extensive planning and designing.
- Provides a convenient networking solution for computers in close proximity.
2- Disadvantage
- Workgroup is impractical if the network has more than 10 computers.
- A user must have a local account for every computer that the user wants to access.
- Any changes on any user account on any computer must also be performed on all remaining computers. For example: user A changes password on computer A. If user A wants to access computer B using the updated password, user A must also update the password on computer B.
II- Domains
- Domain is a logical grouping of networked computers that share a central directory database also known as the directory.
- This directory holds user accounts and security for the domain.
- This directory is a database portion of Active Directory service, which is the Windows 2003 directory server.
- In a domain, a domain controller is a server that holds the Active Directory database, and all security related information of the domain.
- A domain does not refer to a single location or any type of network configuration. In another word, a domain can consist of networked computers that are located on 2 opposite sides of the world. Any networked computer in a domain can interact with each other regardless of location.
- A person cannot log on locally to a domain controller machine because that computer does not have a local user database.
1- Advantage
- Centralized administration since all user accounts and security are located on the Active Directory on a single machine (domain controller server(. Any changes to this database will affect every other computer network-wide.
- Since user accounts are maintained by the domain controller, logon authentication only happens on the server side, not on the local computer side. Thus users can logon to any computer in the network regarding of its local security/account database.
- Feasible for creating large scale network of computers with hundred, or thousands of computers.
2- About domain controllers running on Windows Server 2003
- Domain controller does not maintain a security database. You cannot logon locally to a domain controller computer.
- Each domain controller grants logon access to domain users by validating the user’s credentials against the Active Directory database.
- If there are more than one domain controllers in a domain, each domain controller replicate its directory periodically so that all the domain controllers can have a copy of the Active Directory.
- A member server is a computer that is not configured as a domain controller but is in charge of providing shared resources such as files/printers.
[Exam 70-270] – Chapter 1/Lesson 2 – Windows XP SP2
Oct0
I- How to determined if you have Windows XP SP2
1- Start -> Run -> winver.exe -> enter
2- Start -> Right click on my computer -> General Tab will tell you
II- Major enhancements in Windows XP SP2
1- Security Center – is an entirely new feature provided by the XP SP2. Security features routinely checks on status of the following components
1.1- Windows Firewall – detects whether the computer has any firewall software. If the computer doesn’t, security center will warn you about this if you click on the Security Center baloon on the bottom right of the taskbar.
1.2- Automatic Updates – detects the setting of automatic updates in XP. Security Center will make recommendation regarding to the setting of automatic updates in your computer if you don’t already have automatic updates set to enable or you set it to turned off.
1.3- Virus Protection – detects whether you have antivirus in your computer. If your computer does, Security Center will check to see if the virus definition is up-to-date.
2- Automatic Updates – Windows XP automatic updates connects periodically to Windows Update on the internet to check for the latest updates, and patches for the computer. Automatic Updates can then download, and install the updates automatically in the background or it can prompt the administrator to perform an appropriate action. Additional enhancements provided by XP SP2 are:
2.1- added expanded support for Microsoft Office, and Microsoft products.
2.2- previous automatic update can only download critical updates. The new version now can download critical updates, security updates, update roll-ups, and service packs.
2.3- prioritizes the updates based on importance and size of the updates.
2.4- more automated than the old version. THe EULAs pop up has been eliminated. The users now can decided whether to restart the computer after the update.
3- Windows Firewall - a firewall protects a computer from outside attack by only allow specified traffic to travel into the computer. Previous version of windows firewall named ICF (Internet Connection Firewall) is now replaced by Window Firewall in the XP SP2. Windows Firewall is a sateful, host-based firewall software that blocks all incoming traffic that does not meet one of the following requirements:
- Solicited traffic – valid traffic that is sent in response to a request by the computer.
- Excepted traffic – traffic that is manually configured to pass through the firewall.
Windows Firewall has numerous enhancements/characteristic such as the following:
3.1- Enabled by default – when updated to Windows XP SP2, Windows Firewall will be enalbed by default to protect all network connections.
3.2- Global settings – Windows Firewall has a global setting feature that affect the firewall settings of all internet connections. Of course, user can always change the settings of each internet connection manually.
3.3- New interface – in the previous version, you have to click Settings on the Advanced tab to configure your firewall settings. In Windows XP SP2, when you click Windows Firewall, all the tabs are now consolidated into 1 interface.
3.4- Prevent excepted traffic – in ICF, you can only either enable or disable all traffic (either solicited or excepted). With Windows Firewall, you can still allow solicited traffic but disable excepted traffic at the same time.
3.5- Startup Security – in Windows XP SP2, Windows Firewall protects the network connection as soon as it becomes active.
3.6 – Traffic source restriction – now you can apply firewall rule based on individual IP or a range of IP.
3.7 – Excepted traffic based on file names – with Windows Firewall, you can simply add the application name into the firewall list. Windows Firewall will then add the ports that the application uses into the list of accepted incoming traffic.
4- Internet Explorer – many enhancements are introduced into IE by XP SP2
4.1- Information bar -notifies users regarding current activities happening in the browser. Activity such as blocked ActiveX install request, blocked pop-up windows, and blocked download request.
4.2- Pop-up blocker – IE now has its own pop-up blocker add-on. When a pop-up is blocked, a notification is showed up on the Information Bar. User then can left click on the bar to choose whether or not to view the pop-up or block the pop-up indefinitely from that particular website.
4.3- File download prompt – users now are prompted to accept or reject downloads from the Internet. This prevents malicious files to download themselves automatically without users’ permission.
4.4 – Add-on management – users now can disable/enable add-ons that they install through the add-on interface under Internet Options/Programs/Manage-addon.
III- Lesson Review
1) After Windows XP SP2 is installed, IE combines many of the common dialog boxes that prompt users for input into an area called Information Bar.
2) Windows Firewall
- is enabled by default
- protects a network connection as soon as the connection becomes active