+ Reply to Thread
Results 1 to 10 of 10

Thread: Group Policy

  1. Senior Member
    Join Date
    Sep 2015
    Location
    Charlotte, NC
    Posts
    194

    Certifications
    MCP, A+, Net+
    #1

    Default Group Policy

    Ok, I have a couple weeks before I try the 70-410 again. On the exam results I totally suck at Group Policy. I really need to improve this area, it might even be enough to get me a passing score. Anyone got any tips? The practice tests online aren't very accurate, on them Group Policy is my best knowledge area, LOL.

    I need to improve my score overall as well, but that will just take more study, more labbing etc.
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member AndersonSmith's Avatar
    Join Date
    Mar 2016
    Location
    United States
    Posts
    466

    Certifications
    Comptia: A+, Network+, Security+, ACA 10.8, MCP, MCSA: Server 2012, MS: Server Virtualization
    #2
    What are you using for study right now? When I was studying for the MCSA exams I was never able to find good free practice tests. The Transcender Practice Tests for the 410 are excellent though. They're expensive but well worth it for the 410. Group Policy is difficult because it encompasses so much stuff. Really though, beyond that, labbing is what helps a lot with that. I thought I knew quite a bit about Group Policy because of my work experience but when I started studying for the 410 earlier this year I realized there was a ton more I had no clue about. Are you using any kind of training videos? I found the Pluralsight videos to be great for Group Policy coverage as well.
    Reply With Quote Quote  

  4. Senior Member
    Join Date
    Mar 2012
    Location
    Kansas City
    Posts
    233

    Certifications
    MCSA: Server 2012/2016, MCSE: CP&I
    #3
    Microsoft will go out of their way to trick you with Group Policies. Some will say this is cruel. Having supported Group Policy in the workplace, at a very large company, I'll tell you that the way Microsoft is testing you is similar to things you will find in the real world.

    Remember how GPO Precedence works. Pay attention to the differences between user policy and computer policy. They are going to throw you curveballs. Things like "We've applied this policy to this OU. We have security filtering for this group of users. Who actually gets the policy?" Remember that GPOs only apply to the OUs they are attached to and OUs beneath that OU. Remember that User Policy only affects users and computer policy only affects computers (normally).

    For the software restriction policies and AppLocker rules, I made note cards and drilled myself over and over on what the different types were and how they interacted. That is more rote memorization than anything else it seems.

    For firewalls, understand the basic ports and the quirks that Windows Firewall throws at you.

    Above all else, lab the crap out of this stuff. Just as soon as you understand GPOs lab them more. Group Policy is a deep topic with a lot of breadth.
    Reply With Quote Quote  

  5. The ceiling is glass. PJ_Sneakers's Avatar
    Join Date
    Nov 2014
    Location
    169.254.0.1
    Posts
    759

    Certifications
    AccessData, Cellebrite, CompTIA, EC-Council, IACRB, (ISC)˛, Microsoft, MSAB
    #4
    Quote Originally Posted by poolmanjim View Post
    Microsoft will go out of their way to trick you with Group Policies. Some will say this is cruel. Having supported Group Policy in the workplace, at a very large company, I'll tell you that the way Microsoft is testing you is similar to things you will find in the real world.

    Remember how GPO Precedence works. Pay attention to the differences between user policy and computer policy. They are going to throw you curveballs. Things like "We've applied this policy to this OU. We have security filtering for this group of users. Who actually gets the policy?" Remember that GPOs only apply to the OUs they are attached to and OUs beneath that OU. Remember that User Policy only affects users and computer policy only affects computers (normally).

    For the software restriction policies and AppLocker rules, I made note cards and drilled myself over and over on what the different types were and how they interacted. That is more rote memorization than anything else it seems.

    For firewalls, understand the basic ports and the quirks that Windows Firewall throws at you.

    Above all else, lab the crap out of this stuff. Just as soon as you understand GPOs lab them more. Group Policy is a deep topic with a lot of breadth.
    All good tips. Definitely remember the order of precedence and order of inheritance.

    Check out ITPro.tv for training videos, virtual labs, and Transcender tests. It's actually a pretty good value if you use a coupon code.
    Reply With Quote Quote  

  6. Senior Member Louie1277's Avatar
    Join Date
    Jul 2014
    Location
    Rabbit Hole
    Posts
    442
    #5
    GPO's and permissions are one of my weak points .. Right now i'm just going over everything to make sure I don't forget it. Haven't gotten to that gPO's yet but hopefully by next week I should.
    2017 Goals: 70-410 [X], 70-411 [],70-412 [] 410- Passed!!!!!!

    My Goal for the Future
    2017 - *MCSA* / 2017 - *Security+*
    2018 - *CEH* / 2018 - * Pen Tester*
    Reply With Quote Quote  

  7. Senior Member
    Join Date
    Sep 2015
    Location
    Charlotte, NC
    Posts
    194

    Certifications
    MCP, A+, Net+
    #6
    I can see that they like to be tricky on the questions, thats probably what is tripping me up because I understand whathe plurasight vids are telling me they don't go any deeper than I've already learned from other vids and books. and I understand group policy pretty well. I do know I suck at trick questions, LOL. I've been using the measure up practice tests.
    Reply With Quote Quote  

  8. Questionably Benevolent Moderator Slowhand's Avatar
    Join Date
    Oct 2005
    Location
    Bay Area, CA
    Posts
    5,073
    Blog Entries
    1

    Certifications
    A+, Linux+, Server+, Security+, MCSA 2003, MCSA 2008, MCSA 2012, CCNA(expired), ITIL Foundation v3 (2011), VCP5-DCV, VCA-Cloud, VCA-DCV, VCA-WM
    #7
    The best advice I can give you is the path I took for the 70-640, which was all about Active Directory, and had a MASSIVE section dedicated to all things Group Policy: lab it out, play around, try things, then read up again to help you nail down the details. You'll learn the precedence, how inheritance blocking and enforcement works, you'll figure out where the little gotchas are in CSEs, how machine settings roll out differently from user settings, etc., if you really play and mess with a lab environment. The same goes for a lot of other topics, (like replication, trusts, and Certificate Services, just to name a few,) you have to play around with it. Set yourself up a DC and a member server or two*, and make sure to make a couple of user accounts with varying levels of administrative access; there's nothing worse than realizing you misunderstood how something works because you're using an account with Domain/Enterprise Admins level permissions, which may not be subject to the same rules and restrictions a regular user account is when you're setting these things.

    Videos are great, there's a lot of value in having someone show you how it's done. Reading is fantastic, you'll get a lot out of the facts and figures that are involved in these technologies. The real learning experience, though, is going to be getting your hands dirty. When you've had all kinds of odd thing thrown at you during your lab-setup, fumbled your way through incorrect configurations, and worked your way through a couple of scenarios for each topic you're struggling with, you'll be AMAZED at how much better you understand the test questions.

    *(I used evaluation copies of Windows Server, along with VMware Workstation, but Hyper-V or Virtual Box work just fine. Each machine needed only about 1GB or 2GB of RAM, with 40GB - 60GB thin disks for HDDs. A decently-powerful laptop or desktop should be able to let you run 2 -3 VMs, setting you up for your whole MCSA journey.)

    -------------------------------------------------------
    ITHumidor.net - "Futuaris nisi irrisus ridebis"
    -------------------------------------------------------

    Free Microsoft Training: Microsoft Virtual Academy
    Free PowerShell Resources: Top 50 PowerShell Blogs
    Free DevOps/Azure Resources: Visual Studio Dev Essentials

    Let it never be said that I didn't do the very least I could do.
    Reply With Quote Quote  

  9. Senior Member AndersonSmith's Avatar
    Join Date
    Mar 2016
    Location
    United States
    Posts
    466

    Certifications
    Comptia: A+, Network+, Security+, ACA 10.8, MCP, MCSA: Server 2012, MS: Server Virtualization
    #8
    Quote Originally Posted by Dojiscalper View Post
    I do know I suck at trick questions, LOL. I've been using the measure up practice tests.
    I really never felt like Microsoft was trying to give "trick questions" in any of the 3 MCSA exams I took. The questions really were very straight forward and very practical as far as things you would likely see in the real world. Some of the answers were very complex and I'm not saying the exams were easy by any means, I just didn't feel like I was being tricked. They just want to make sure you really know the technology to get certified. As long as you read every question and every possible answer choice carefully you'll be ok. Sometimes I had to read questions 3 or 4 times to really get an understanding of what they were asking. I would read the question, look at an answer choice and see if it made sense and then repeat the process again for the next answer choice. If I found 2 answers that made sense I would then REALLY take my time reading that question and see what was slightly different about each answer choice and why one made more sense than the other. This process worked very well for the multiple choice answers and even the drop-down ones. The build a list questions were a little more difficult because not only do you have to know the right answers but you have to put them in the correct order. Have you checked out the Exam Ref book for the 410? I found it really helpful for labbing with the 410 and 411 exams. Good luck!
    Reply With Quote Quote  

  10. The ceiling is glass. PJ_Sneakers's Avatar
    Join Date
    Nov 2014
    Location
    169.254.0.1
    Posts
    759

    Certifications
    AccessData, Cellebrite, CompTIA, EC-Council, IACRB, (ISC)˛, Microsoft, MSAB
    #9
    Labbing is by far the best way to learn this topic.
    Reply With Quote Quote  

  11. Bello
    Join Date
    Jul 2014
    Location
    UK
    Posts
    59

    Certifications
    MCSA Server 2012
    #10
    Quote Originally Posted by Dojiscalper View Post
    Ok, I have a couple weeks before I try the 70-410 again. On the exam results I totally suck at Group Policy. I really need to improve this area, it might even be enough to get me a passing score. Anyone got any tips? The practice tests online aren't very accurate, on them Group Policy is my best knowledge area, LOL.

    I need to improve my score overall as well, but that will just take more study, more labbing etc.
    Main things to think about for GPOs in both the real world and the exams is the precedence order, locations and replication such as SYSVOL and types of GPOS (User/Computer) as well as links and security.


    Precedence order:


    Local GP > Site Level GPOS > Domain Level GPO > OU Level GPOs > Enfored GPOs.
    Last edited by Ugly-051; 08-15-2016 at 07:12 PM. Reason: Type
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks