Windows Active Directory Practical Exercises¶
This is a list of questions to be used for PEs or Exams. Questions are all written as fill in the blank but can easily be made into multiple choice.
PE Questions for CTF or Moodle¶
AD_01: LSA-01 Describe LDAP Models¶
- What are the four LDAP models?
- Information Model, Naming Model, Functional Model, Security Model
AD_02: LSA-01 Describe LDAP Models¶
- This model describes how information in an LDAP Directory is organized and identified.
- Naming Model
AD_03: LSA-01 Describe LDAP Models¶
- This model describes structure of information stored in an LDAP Directory.
- Information Model
AD_04: LSA-01 Describe LDAP Models¶
- This LDAP model defines operations for accessing and modifying directory entries.
- Functional Model
AD_05: LSA-01 Describe LDAP Models¶
- This model describes how information in an LDAP directory can be protected from unauthorized access.
- Security Model
AD_06: LSA-02 Identify Domains¶
- What is a logical grouping of objects?
- Domain
AD_07: LSA-02 Identify Domains¶
- What is the first Domain in a Tree called?
- Root Domain
AD_08: LSA-02 Identify Domains¶
- What are Domains created after the first domain called?
- Child Domains
AD_09: LSA-02 Identify Domains¶
- What is the principal unit of organization within Active Directory?
- Domains
AD_10: LSA-03 Identify Forests and Trees¶
- A group of Domains within a shared namespace are a part of what?
- Tree
AD_11: LSA-03 Identify Forests and Trees¶
- What is a logical grouping of Trees?
- Forest
AD_12: LSA-04 Identify Trusts¶
- What are the two primary types of trusts within Active Directory?
- Transitive, Non-transitive
AD_13: LSA-04 Identify Trusts¶
- What is the name of the trust created between a higher and lower Domain within the same Tree?
- Parent-Child Trust
AD_14: LSA-04 Identify Trusts¶
- What is the name of the trust created between two Root Domains?
- Tree-Root Trust
AD_15: LSA-04 Identify Trusts¶
- What kind of trust is manually created to optimize the authentication process between two Domain in different Trees?
- Shortcut Trust
AD_16: LSA-05 Describe Domain and Forest Queries¶
- What kind of query only queries the first Domain Controller in the hierarchy but will not go higher?
- Domain wide query
AD_17: LSA-05 Describe Domain and Forest Queries¶
- What kind of query only queries within the Tree in the hierarchy but will not go higher?
- Tree wide query
AD_18: LSA-05 Describe Domain and Forest Queries¶
- What kind of query can query anything within the AD hierarchy?
- Forest wide query
AD_19: LSA-06 Describe Local Policy¶
- What are policies created within a machine to manage users and rules?
- Local Policies
AD_20: LSA-06 Describe Local Policy¶
- What command (using CMD) is used to see local groups?
- net group
AD_21: LSA-06 Describe Local Policy¶
- What command (using CMD) is used to see local users?
- net user
AD_22: LSA-07 Describe Group Policy¶
- What are policies applied to groupings of objects within Active Directory?
- Group Policies
AD_23: LSA-07 Describe Group Policy¶
- Where are group policies stored within the directory, when applied to the computer?
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Group Policy\History
AD_24: LSA-07 Describe Group Policy¶
- Where are group policies stored within the directory, when applied to the user?
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Group Policy\History
AD_25: LSA-08 Explain Active Directory¶
- What is the primary directory structure for enterprise windows environments?
- Active Directory
AD_26: LSA-08 Explain Active Directory¶
- What port is used for Kerberos Authentication
- 88
AD_27: LSA-08 Explain Active Directory¶
- What port is used for DNS running on a Domain Controller?
- 53
AD_28: LSA-08 Explain Active Directory¶
- What port is required to be open in order to execute commands on a remote active directory?
- 135
AD_29: LSA-08 Explain Active Directory¶
- What port is used for LDAP?
- 389
AD_30: LSA-08 Explain Active Directory¶
- What port is used for LDAPS?
- 636
AD_31: LSA-08 Explain Active Directory¶
-
This is the definition of what? A set of rules that defines the classes of objects and attributes in the directory, the constraints and limits on instances of these objects, and the format of their names.
- Schema
AD_32: Practical Application of Commands¶
- You have been tasked with creating a user on the remote domain controller. The username is Cotillion, the password will be TheRope1337. The answer will be the full syntax of the command.
- net user Cotillion TheRope1337 /domain /add
AD_33: Practical Application of Commands¶
- Another operator has created the user Quick.Ben on the target DC but forgot to add him to the group "Wizards". The answer is the full syntax of the command required to add that user to the target group.
- **net group Wizards Quick.Ben /domain /add **
AD_34: Practical Application of Commands¶
- You receive a new Soldier to your team and need to ensure he has been added to the local workstation the team uses for writing reports. The new soldier's username will be Whiskeyjack and his default password is WasaFistNowSGT123.
- net user Whiskeyjack WasaFistNowSGT123 /add
AD_35: Practical Application of Commands¶
- Another new Soldier from nightshift was added to the local workstation but not added to the "Royalty" group. The Soldier's username is Laseen. Add the user to the group! The answer is the complete command to complete this task.
- net localgroup Royalty Laseen /add
AD_36: Practical Application of Commands¶
- You are on a target workstation that is connected to a domain, what command would you use, in CMD, to find computers within the domain? The answer is the command not the full syntax.
- dsquery computer