FLASH CARDS

7.06 Manage and configure basic security settings in the Microsoft Windows OS

What are the two types of user accounts in Windows?
Local accounts and Microsoft accounts.
What is a local account?
A local account is stored in the Security Account Manager (SAM) database and only works on the computer it was created on.
What is a Microsoft account?
A Microsoft account is managed online and allows profile settings to sync across multiple devices.
Can you switch between a local and Microsoft account in Windows?
Yes, by accessing the Your Info page in the Settings app.
What is a security group?
A collection of user accounts that allows permissions and rights to be assigned more efficiently.
What privileges does the Administrators group have?
Full access to manage the system, files, and objects.
What can members of the Users group do?
Manage their own settings, run desktop apps, and use devices like printers.
Is the Guest group still used for logging into Windows?
No, the Guest account is disabled by default and is only used for file sharing without passwords.
What permissions does the Power Users group have in Windows 10/11?
The same permissions as the Users group, providing no additional privileges.
What does the Local Users and Groups management console allow you to do?
Create, disable, delete accounts, reset passwords, create custom groups, and manage group memberships.
Which command is used to add a new user in the command line?
net user username password /add.
How do you disable a user account via command line?
Use the command net user username /active:no.
What does User Account Control (UAC) do?
UAC protects the system by requiring user confirmation before performing administrative actions.
How can you manually run a program with elevated privileges?
Right-click the program and select “Run as administrator” or press CTRL+SHIFT+ENTER.
How does UAC protect against malware?
It prevents malware from running with elevated privileges unless explicitly authorized by the user.
How can you adjust UAC notification frequency?
By using the User Accounts applet in the Control Panel.
What is the difference between local and network sign-in in Windows?
Local sign-in uses the SAM database, while network sign-in uses systems like Kerberos for authentication.
What is Windows Hello?
A secure login system that uses alternative authentication methods like PIN, fingerprint, and facial recognition.
What makes a Windows Hello PIN more secure than a password?
It is tied to the device and uses the Trusted Platform Module (TPM) to securely store the encryption key.
How does facial recognition in Windows Hello prevent spoofing?
It uses an infrared (IR) sensor to create a 3D map of the user’s face, preventing photo spoofing.
What is Single Sign-On (SSO)?
SSO allows users to authenticate once to access multiple services without logging in repeatedly.
How does Windows Hello for Business enhance security?
It uses public/private key encryption, eliminating the need for passwords.
What are NTFS permissions?
Permissions that apply to files and folders, controlling access both locally and over the network.
What are the four basic NTFS permissions?
Read/List/Execute, Write, Modify, and Full Control.
When do share permissions apply?
Only when a folder is accessed over a network connection.
What is the effect of an explicit Deny permission?
It overrides all Allow permissions from any other source.
How can you evaluate the effective permissions for a user or group?
Using the tool in the Advanced settings of the Security tab in the folder or file properties.
What happens if a user tries to access a file without proper permissions?
Windows will display an Access Denied error message.
Windows Login Options:
Local Sign-in: Uses credentials stored on the local computer.
Network Sign-in: Uses credentials verified by a network service.
Remote Sign-in: Uses VPN or web portal for authentication.

BACK TO LESSON

KNOWLEDGE CHECK

HOME

FLASH CARDS

7.06 Manage and configure basic security settings in the Microsoft Windows OS

What are the two types of user accounts in Windows?

Local accounts and Microsoft accounts.

What is a local account?

A local account is stored in the Security Account Manager (SAM) database and only works on the computer it was created on.

What is a Microsoft account?

A Microsoft account is managed online and allows profile settings to sync across multiple devices.

Can you switch between a local and Microsoft account in Windows?

Yes, by accessing the Your Info page in the Settings app.

What is a security group?

A collection of user accounts that allows permissions and rights to be assigned more efficiently.

What privileges does the Administrators group have?

Full access to manage the system, files, and objects.

What can members of the Users group do?

Manage their own settings, run desktop apps, and use devices like printers.

Is the Guest group still used for logging into Windows?

No, the Guest account is disabled by default and is only used for file sharing without passwords.

What permissions does the Power Users group have in Windows 10/11?

The same permissions as the Users group, providing no additional privileges.

What does the Local Users and Groups management console allow you to do?

Create, disable, delete accounts, reset passwords, create custom groups, and manage group memberships.

Which command is used to add a new user in the command line?

net user username password /add.

How do you disable a user account via command line?

Use the command net user username /active:no.

What does User Account Control (UAC) do?

UAC protects the system by requiring user confirmation before performing administrative actions.

How can you manually run a program with elevated privileges?

Right-click the program and select “Run as administrator” or press CTRL+SHIFT+ENTER.

How does UAC protect against malware?

It prevents malware from running with elevated privileges unless explicitly authorized by the user.

How can you adjust UAC notification frequency?

By using the User Accounts applet in the Control Panel.

What is the difference between local and network sign-in in Windows?

Local sign-in uses the SAM database, while network sign-in uses systems like Kerberos for authentication.

What is Windows Hello?

A secure login system that uses alternative authentication methods like PIN, fingerprint, and facial recognition.

What makes a Windows Hello PIN more secure than a password?

It is tied to the device and uses the Trusted Platform Module (TPM) to securely store the encryption key.

How does facial recognition in Windows Hello prevent spoofing?

It uses an infrared (IR) sensor to create a 3D map of the user’s face, preventing photo spoofing.

What is Single Sign-On (SSO)?

SSO allows users to authenticate once to access multiple services without logging in repeatedly.

How does Windows Hello for Business enhance security?

It uses public/private key encryption, eliminating the need for passwords.

What are NTFS permissions?

Permissions that apply to files and folders, controlling access both locally and over the network.

What are the four basic NTFS permissions?

Read/List/Execute, Write, Modify, and Full Control.

When do share permissions apply?

Only when a folder is accessed over a network connection.

What is the effect of an explicit Deny permission?

It overrides all Allow permissions from any other source.

How can you evaluate the effective permissions for a user or group?

Using the tool in the Advanced settings of the Security tab in the folder or file properties.

What happens if a user tries to access a file without proper permissions?

Windows will display an Access Denied error message.

Windows Login Options:

Local Sign-in: Uses credentials stored on the local computer.

Network Sign-in: Uses credentials verified by a network service.

Remote Sign-in: Uses VPN or web portal for authentication.

OSIBridge Program IT/Tech and Professional skills training.