Chapter Review

  • Article

To further practice and reinforce the skills you learned in this chapter, you can perform the following tasks:

  • Review the chapter summary.
  • Review the list of key terms introduced in this chapter.
  • Complete the case scenarios. These scenarios set up real-world situations involving the topics of this chapter and ask you to create a solution.
  • Complete the suggested practices.
  • Take a practice test.

Chapter Summary

  • Windows Vista includes standard and Administrator user account types.
  • User Account Control (UAC) is designed to help users run with a minimal set of permissions on their computers while still being able to support earlier applications.
  • The process of privilege escalation allows standard users to perform tasks and run programs that require Administrator permissions.

Key Terms

Do you know what these key terms mean? You can check your answers by looking up the terms in the glossary at the end of the book.

  • Admin Approval Mode
  • consent
  • credentials
  • elevation prompt
  • Local Security Policy
  • privilege escalation
  • User Account Control (UAC)

Case Scenarios

In the following case scenarios, you apply what you’ve learned about user accounts and UAC in Windows Vista. You can find answers to these questions in the “Answers” section at the end of this book.

Case Scenario 1: Creating User Accounts Based on Customers’ Requirements

You are a Consumer Support Technician assisting a customer in setting up a new Windows Vista–based computer for use by her family. You have asked several questions to determine how you should set up the computer. The customer would like to create four separate user accounts: one for herself, one for her husband, and one for each of her two children. The parents require the ability to install new software and hardware on the computer occasionally. They would like to make this process as simple as possible. The parents also need to run several applications that they know require administrator permissions. The children should not be able to perform advanced system functions unless a parent is present. Overall, the customer wants to minimize risks related to the installation of malicious software or the accidental deletion of important system files.

  1. What type of user account should you configure for the parents?
  2. What type of user account should you configure for the children?
  3. How can the parents specify which applications should be run automatically as an administrator?

Case Scenario 2: Configuring UAC Settings Based on Customers’ Requirements

You are a Consumer Support Technician assisting a customer in setting up security in Windows Vista. The customer did not perform the initial configuration of his computer, and he would like to change the behavior of UAC. Specifically, he would like to configure his computer so that he does not need to provide credentials every time he is prompted for privilege elevation. He also wants to ensure that all programs remain visible whenever an approval prompt is displayed. Overall, he wants to achieve these goals without significantly reducing the security of the system.

  1. What type of user account should you configure for the customer?
  2. Which tool should you access to make changes to the behavior of UAC?
  3. Which UAC option should you change to keep desktop applications visible when an elevation prompt is displayed?

Suggested Practices

To help you successfully master the exam objectives presented in this chapter, complete the following tasks. It is recommended that you make security-related changes on a test computer and that you keep a record of the changes you are making so that they can be reversed if necessary.

Practice 1: Working with User Account Types

Create two new user accounts within Windows Vista. The first should be configured as a standard user account, and the second should be an Administrator account. Log on under the standard user account and note which types of actions require you to provide administrator credentials. Then, log on as the administrator and make note of the difference in behavior of the UAC prompts. When finished, delete both user accounts.

Practice 2: Configuring UAC Settings

Use the Local Security Policy console to modify UAC-related settings. Make a note of the initial settings before you make any changes. Verify the results of the settings. For example, you might choose to disable Admin Approval Mode temporarily. Verify that you no longer receive UAC elevation prompts when logging on as an Administrator. Another option is to choose to disable the secure desktop when prompting for elevation. When finished, reset all options to their initial values.

Take a Practice Test

The practice tests on this book’s companion CD offer many options. For example, you can test yourself on just one exam objective, or you can test yourself on all the 70-623 certification exam content. You can set up the test so that it closely simulates the experience of taking a certification exam, or you can set it up in study mode so that you can look at the correct answers and explanations after you answer each question.

MORE INFO Practice tests

For details about all the practice test options available, see the “How to Use the Practice Tests” section in this book’s introduction.

< Back     

 

 

© Microsoft. All Rights Reserved.