Skip to content

Windows Active Directory Practical Exercises

This is a list of questions to be used for PEs or Exams. Questions are all written as fill in the blank but can easily be made into multiple choice.

PE Questions for CTF or Moodle

  • What are the four LDAP models?
    • Information Model, Naming Model, Functional Model, Security Model
  • This model describes how information in an LDAP Directory is organized and identified.
    • Naming Model
  • This model describes structure of information stored in an LDAP Directory.
    • Information Model
  • This LDAP model defines operations for accessing and modifying directory entries.
    • Functional Model
  • This model describes how information in an LDAP directory can be protected from unauthorized access.
    • Security Model
  • What is a logical grouping of objects?
    • Domain
  • What is the first Domain in a Tree called?
    • Root Domain
  • What are Domains created after the first domain called?
    • Child Domains
  • What is the principal unit of organization within Active Directory?
    • Domains
  • A group of Domains within a shared namespace are a part of what?
    • Tree
  • What is a logical grouping of Trees?
    • Forest
  • What are the two primary types of trusts within Active Directory?
    • Transitive, Non-transitive
  • What is the name of the trust created between a higher and lower Domain within the same Tree?
    • Parent-Child Trust
  • What is the name of the trust created between two Root Domains?
    • Tree-Root Trust
  • What kind of trust is manually created to optimize the authentication process between two Domain in different Trees?
    • Shortcut Trust
  • What kind of query only queries the first Domain Controller in the hierarchy but will not go higher?
    • Domain wide query
  • What kind of query only queries within the Tree in the hierarchy but will not go higher?
    • Tree wide query
  • What kind of query can query anything within the AD hierarchy?
    • Forest wide query
  • What are policies created within a machine to manage users and rules?
    • Local Policies
  • What command (using CMD) is used to see local groups?
    • net group
  • What command (using CMD) is used to see local users?
    • net user
  • What are policies applied to groupings of objects within Active Directory?
    • Group Policies
  • Where are group policies stored within the directory, when applied to the computer?
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Group Policy\History
  • Where are group policies stored within the directory, when applied to the user?
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Group Policy\History
  • What is the primary directory structure for enterprise windows environments?
    • Active Directory
  • What port is used for Kerberos Authentication
    • 88
  • What port is used for DNS running on a Domain Controller?
    • 53
  • What port is required to be open in order to execute commands on a remote active directory?
    • 135
  • What port is used for LDAP?
    • 389
  • What port is used for LDAPS?
    • 636
  • This is the definition of what? A set of rules that defines the classes of objects and attributes in the directory, the constraints and limits on instances of these objects, and the format of their names.

    • Schema

    • You have been tasked with creating a user on the remote domain controller. The username is Cotillion, the password will be TheRope1337. The answer will be the full syntax of the command.
    • net user Cotillion TheRope1337 /domain /add
    • Another operator has created the user Quick.Ben on the target DC but forgot to add him to the group "Wizards". The answer is the full syntax of the command required to add that user to the target group.
    • **net group Wizards Quick.Ben /domain /add **
    • You receive a new Soldier to your team and need to ensure he has been added to the local workstation the team uses for writing reports. The new soldier's username will be Whiskeyjack and his default password is WasaFistNowSGT123.
    • net user Whiskeyjack WasaFistNowSGT123 /add
    • Another new Soldier from nightshift was added to the local workstation but not added to the "Royalty" group. The Soldier's username is Laseen. Add the user to the group! The answer is the complete command to complete this task.
    • net localgroup Royalty Laseen /add
    • You are on a target workstation that is connected to a domain, what command would you use, in CMD, to find computers within the domain? The answer is the command not the full syntax.
    • dsquery computer